i~NSrSSKrSSKrSSKrSSKrSSKrSSKrSSKrSSKrSSK J r SSK J r SSK Jr SSKJr SSKJrJrJrJr SSKJr \R2"S 5r"S S 5rS \S \4SjrS4S\S\ S\ S\ S\ S\S \RB\ \ \ 44Sjjr"S\ S\ S\ S\S\S \RB\ \ \ 44 Sjr#S\ S \ 4Sjr$S\ S\ S \ 4Sjr%S\ S\ S \ 4Sjr&S\ S \ S \ 4S!jr'S\S"\ S#\ S$\ S\ S \ 4 S%jr(S \S \ 4S&jr)S\ S \ 4S'jr*S \S \ 4S(jr+S)\S\ S*\RX\S \ 4S+jr-S,\S\ S \ 4S-jr.S\ S\ S \ 4S.jr/S\ S \4S/jr0S\S0\ S1\S \ 4S2jr1S\S0\ S1\S \ 4S3jr2g!\a SSK Jr GN%f=f)5afNTLM Cryptographic Operations Implements the various cryptographic operations that are defined in `MS-NLMP Crypto Operations`_. Some crypto operations aren't implemented due to it being a simple operation in Python. .. _MS-NLMP Crypto Operations https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/26c42637-9549-46ae-be2e-90f6f1360193 N)default_backend)Cipher)DES)md4)FileTimeNegotiateFlagsNTClientChallengeV2 TargetInfo) algorithmsz!^[a-fA-F0-9]{32}:[a-fA-F0-9]{32}$cF\rSrSrSrS\SS4SjrS\S\4SjrS S jrS r g) RC4Handle0z1RC4 class to wrap the underlying crypto function.keyreturnNcXl[R"UR5n[US[ 5S9nUR 5Ulg)Nmodebackend)_keyr ARC4rr encryptor_handle)selfrarc4ciphers Q/home/james-whalen/.local/lib/python3.13/site-packages/spnego/_ntlm_raw/crypto.py__init__RC4Handle.__init__3s: tyy)41BC'') b_datac8URRU5$)z?Update the RC4 stream and return the encrypted/decrypted bytes.)rupdate)rr s rr"RC4Handle.update:s||""6**rc[R"UR5n[US[ 5S9nUR 5Ulg)z5Reset's the cipher stream back to the original state.Nr)r rrrrrr)rrrs rresetRC4Handle.reset>s5tyy)41BC'') r)rr)rN) __name__ __module__ __qualname____firstlineno____doc__bytesrr"r%__static_attributes__rrr r 0s0;*E*d*+U+u+*rr passwordrc>[[RU55$)N)bool_NTLM_HASH_PATTERNmatchr/s r is_ntlm_hashr5Es "((2 33rflagsnt_hashlm_hashserver_challengeclient_challengeno_lm_responsec U[R-(a [U[X4SS-55nUS-nO[X5=pgU(d [X#5n[ U5n[ XX'U5n XgU 4$)aCompute NT and LM Response for NTLMv1. Computes the NT and LM Response for NTLMv1 messages. The response is dependent on the flags that were negotiated between the client and server. The pseudo-code for this function as documented under `NTLM v1 Authentication`_ is:: Define ComputeResponse(NegFlg, ResponseKeyNT, ResponseKeyLM, CHALLENGE_MESSAGE.ServerChallenge, ClientChallenge, Time, ServerName) As If (User is set to "" AND Passwd is set to "") -- Special case for anonymous authentication Set NtChallengeResponseLen to 0 Set NtChallengeResponseMaxLen to 0 Set NtChallengeResponseBufferOffset to 0 Set LmChallengeResponse to Z(1) ElseIf If (NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY flag is set in NegFlg) Set NtChallengeResponse to DESL(ResponseKeyNT, MD5(ConcatenationOf(CHALLENGE_MESSAGE.ServerChallenge, ClientChallenge))[0..7]) Set LmChallengeResponse to ConcatenationOf{ClientChallenge, Z(16)} Else Set NtChallengeResponse to DESL(ResponseKeyNT, CHALLENGE_MESSAGE.ServerChallenge) If (NoLMResponseNTLMv1 is TRUE) Set LmChallengeResponse to NtChallengeResponse Else Set LmChallengeResponse to DESL(ResponseKeyLM, CHALLENGE_MESSAGE.ServerChallenge) EndIf EndIf EndIf Set SessionBaseKey to MD4(NTOWF) Args: flags: The negotiated flags between the initiator and acceptor. nt_hash: The response key computed by :meth:`ntowfv1`. lm_hash: The response key computed by :meth:`lmowfv1`. server_challenge: The 8 byte nonce generated by the acceptor. client_challenge: The 8 byte nonce generated by the initiator. no_lm_response: Whether to compute (True) the `LmChallengeResponse` or not (False) when extended session security was not negotiated. Returns: Tuple[bytes, bytes, bytes]: Returns the NTChallengeResponse, LMChallengeResponse and KeyExchangeKey. .. _NTLM v1 Authentication: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/464551a8-9fc4-428e-b3d3-bc5bfb2e73a5 Ns)rextended_session_securitydeslmd5rkxkey) r6r7r8r9r:r; nt_response lm_responsesession_base_keykey_exchange_keys rcompute_response_v1rFIs{v ~7777C(8BQ;O(O$PQ &,7 %)$CC w9K7|UgL\] %5 55rtimeav_pairsc[X2US9nUR5S-n[XU-5nXv-n[XU-5U-n [X5n XU 4$)aCompute NT and LM Response for NTLMv2. Computes the NT and LM Response for NTLMv2 messages. The response is dependent on the flags that were negotiated between the client and server. The pseudo-code for this function as documented under `NTLM v2 Authentication`_ is:: Define ComputeResponse(NegFlg, ResponseKeyNT, ResponseKeyLM, CHALLENGE_MESSAGE.ServerChallenge, ClientChallenge, Time, ServerName) As If (User is set to "" && Passwd is set to "") -- Special case for anonymous authentication Set NtChallengeResponseLen to 0 Set NtChallengeResponseMaxLen to 0 Set NtChallengeResponseBufferOffset to 0 Set LmChallengeResponse to Z(1) Else Set temp to ConcatenationOf(Responserversion, HiResponserversion, Z(6), Time, ClientChallenge, Z(4), ServerName, Z(4)) Set NTProofStr to HMAC_MD5(ResponseKeyNT, ConcatenationOf(CHALLENGE_MESSAGE.ServerChallenge,temp)) Set NtChallengeResponse to ConcatenationOf(NTProofStr, temp) Set LmChallengeResponse to ConcatenationOf( HMAC_MD5(ResponseKeyLM, ConcatenationOf(CHALLENGE_MESSAGE.ServerChallenge, ClientChallenge)), ClientChallenge) EndIf Set SessionBaseKey to HMAC_MD5(ResponseKeyNT, NTProofStr) Args: nt_hash: The response key computed by :meth:`ntwofv2`. The `ResponseKeyLM` is the same value so we only pass in the 1 key. server_challenge: The 8 byte nonce generated by the acceptor. client_challenge: The 8 byte nonce generated by the initiator. time: The FileTime to place in the NT hash. av_pairs: The TargetInfo AvPairs fields that are placed in the Authenticate message. Returns: Tuple[bytes, bytes, bytes]: Returns the NTChallengeResponse, LMChallengeResponse and KeyExchangeKey. .. _NTLM v2 Authentication: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/5e550938-91d4-459f-b67d-75d70009e3f3 ) time_stampr:rHs)r packhmac_md5) r7r9r:rGrHtempb_temp nt_proof_strrBrCrDs rcompute_response_v2rPsgj $\d eD YY[. .FG%>?L'K77G$GHK[[K6 %5 55rmc^[R"S[R"U5S-5$)z5Simple wrapper function to generate a CRC32 checksum.z>rrDlmowfrCcU[R-(a[XUSS-5$U[R-(a'USSn[ USSU5[ USSS-U5-$U[R -(aUSSS-$U$)aNTLM KXKEY function. The MS-NLMP `KXKEY`_ function used to derive the key exchange key for a security context. This is only for NTLMv1 contexts as NTLMv2 just re-uses the session base key. Args: flags: The negotiate flags in the Challenge msg. session_base_key: The session base key from :meth:`compute_response_v1`. lmowf: The LM hash from :meth:`lmowfv1`. lm_response: The lm response from :meth:`compute_response_v1`. server_challenge: The server challenge in the Challenge msg. Returns: bytes: The derived key exchange key. .. _KXKEY: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/d86303b5-b29e-4fb9-b119-77579c761370 Nr=rbss)rr>rLlm_keyr]non_nt_session_key)r6rDrqrCr9r s rrArAs2 ~777([!_*LMM && &Ra5!9f%E!AJ9T,TV\(]]] 22 2Ray;&& rc[U5(a6[R"URS5SR 55$UR 5R SSS9R SS5SSn[R"5nS H"up4UR[XUS 55 M$ UR5$) aQNTLMv1 LMOWFv1 function The Lan Manager v1 one way function as documented under `NTLM v1 Authentication`_. The pseudo-code for this function is:: Define LMOWFv1(Passwd, User, UserDom) as ConcatenationOf( DES(UpperCase(Passwd)[0..6], "KGS!@#$%"), DES(UpperCase(Passwd)[7..13], "KGS!@#$%"), ); Args: password: The password for the user. Returns: bytes: The LMv1 one way hash of the user's password. .. _NTLM v1 Authentication: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/464551a8-9fc4-428e-b3d3-bc5bfb2e73a5 :rzutf-8 surrogatepasserrorsrcraN))rrb)rbrcsKGS!@#$%) r5base64 b16decodesplitupperencoderdrerfrgr]rh)r/ b_passwordb_hashstartends rlmowfv1r:s,Hs 3A 6 < < >?? !(((IOOPRT[\]`^`aJ ZZ\F'  S#. <=( ?? rcJ[R"U5R5$)z*Simple wrapper to generate a MD5 checksum.)ror@rprVs rr@r@_s ;;q> ""rc[U5(a6[R"URS5SR 55$[ UR SSS95$)aNTLMv1 NTOWFv1 function The NT v1 one way function as documented under `NTLM v1 Authentication`_. The pseudo-code for this function is:: Define NTOWFv1(Passwd, User, UserDom) as MD4(UNICODE(Passwd)) Args: password: The password for the user. Returns: bytes: The NTv1 one way hash of the user's password. .. _NTLM v1 Authentication: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/464551a8-9fc4-428e-b3d3-bc5bfb2e73a5 rv utf-16-lerwrx)r5rzr{r|r}rr~r4s rntowfv1rdsO$Hs 3A 6 < < >?? x{?C DDrusername domain_namecnUR5U=(d S-RS5n[X5$)anNTLMv2 NTOWFv2 function The NT v2 one way function as documented under `NTLM v2 Authentication`_. The pseudo-code for this function is:: Define NTOWFv2(Passwd, User, UserDom) as HMAC_MD5(MD4(UNICODE(Passwd)), UNICODE(ConcatenationOf(Uppercase(User), UserDom))) Args: username: The username. nt_hash: The NT hash from :meth:`ntowfv1`. domain_name: The optional domain name of the user. Returns: bytes: The NTv2 one way has of the user's credentials. .. _NTLM v2 Authentication: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/5e550938-91d4-459f-b67d-75d70009e3f3 r)r}r~rL)rr7rb_users rntowfv2r|s0,nn+"34 < <[ IF G $$rhc$URU5$)zKRC4 encryption of the data specified using the handle generated by rc4init.)r")rrXs rrc4rs 88A;rc6[U5RU5$)aqRC4 encryption with an explicit key. Indicates the encryption of data item `d` with the key `k` using the `RC4`_ algorithm. Args: k: The key to use for the RC4 cipher. d: The data to encrypt. Returns: bytes: The RC4 encrypted bytes. .. _RC4K: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/26c42637-9549-46ae-be2e-90f6f1360193 )rc4initr"r\s rrc4krs 1:  Q rc[U5$)z9Initialization of the RC4 handle using the key specified.)r )rWs rrrs Q<r session_keyusagecU[R-(aYU[R-(aUnO#U[R-(aUSSnOUSSnUS:XaSOSn[ USU--5$U[R -(dU[R -(a(U[R-(aUSSS-$USSS -$U$) aNTLM SEALKEY function. The MS-NLMP `SEALKEY`_ function used to generate the sealing keys for a security context. The pseudo-code for this function as documented under `SEALKEY`_ is:: Define SEALKEY(NegFlg, ExportedSessionKey, Mode) as If (NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY flag is set in NegFlg) If ( NTLMSSP_NEGOTIATE_128 is set in NegFlg) Set SealKey to ExportedSessionKey ElseIf ( NTLMSSP_NEGOTIATE_56 flag is set in NegFlg) Set SealKey to ExportedSessionKey[0..6] Else Set SealKey to ExportedSessionKey[0..4] Endif If (Mode equals "Client") Set SealKey to MD5(ConcatenationOf(SealKey, "session key to client-to-server sealing key magic constant")) Else Set SealKey to MD5(ConcatenationOf(SealKey, "session key to server-to-client sealing key magic constant")) Endif ElseIf ((NTLMSSP_NEGOTIATE_LM_KEY is set in NegFlg) or ((NTLMSSP_NEGOTIATE_DATAGRAM is set in NegFlg) and (NTLMRevisionCurrent >= NTLMSSP_REVISION_W2K3))) If (NTLMSSP_NEGOTIATE_56 flag is set in NegFlg) Set SealKey to ConcatenationOf(ExportedSessionKey[0..6], 0xA0) Else Set SealKey to ConcatenationOf(ExportedSessionKey[0..4], 0xE5, 0x38, 0xB0) EndIf Else Set SealKey to ExportedSessionKey Endif EndDefine Args: flags: The negotiated flags between the initiator and acceptor. session_key: The derived session key. usage: Whether the sealing key is for the 'initiate' or 'accept' context. Returns: bytes: The derived sealing key. .. _SEALKEY: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/bf39181d-e95d-40d7-a740-ab4ec3dc363d Nrbinitiateclient-to-serverserver-to-clients-session key to %s sealing key magic constants8)rr>key_128key_56r@rsdatagram)r6rrseal_key directions rsealkeyrst ~777 >)) )"H ^** *"2AH#2AH+0J+>'DW 8QT]]]^^ && &%.2I2I*I >(( (r?W, ,r?_4 4rchU[R-S:XagUS:XaSOSn[USU--5$)awNTLM SIGNKEY function. The MS-NLMP `SIGNKEY`_ function used to generate the signing keys for a security context. The pseudo-code for this function as documented under `SIGNKEY`_ is:: Define SIGNKEY(NegFlg, ExportedSessionKey, Mode) as If (NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY flag is set in NegFlg) If (Mode equals "Client") Set SignKey to MD5(ConcatenationOf(ExportedSessionKey, "session key to client-to-server signing key magic constant")) Else Set SignKey to MD5(ConcatenationOf(ExportedSessionKey, "session key to server-to-client signing key magic constant")) Endif Else Set SignKey to NIL Endif EndDefine Args: flags: The negotiated flags between the initiator and acceptor. session_key: The derived session key. usage: Whether the signing key is for the 'initiate' or 'accept' context. Returns: bytes: The derived singing key. .. _SIGNKEY: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/524cdccb-563e-4793-92b0-7bc321fce096 rrrrrs-session key to %s signing key magic constant)rr>r@)r6rrrs rsignkeyrsBH ~7771<', ':#@SI {PS\\\ ]]r)T)3r+rzrTrormrererStypingcryptography.hazmat.backendsr&cryptography.hazmat.primitives.ciphersrspnego._ntlm_raw.desrspnego._ntlm_raw.md4rspnego._ntlm_raw.messagesrrr r $cryptography.hazmat.decrepit.ciphersr ImportErrorcompiler2r strr1r5intr,TuplerFrPrUr]r?rLrArr@rOptionalrrrrrrr.rrrs 89$$?ZZ DE***43444 H6 H6 H6H6 H6  H6  H6 \\%%&H6V=6 =6=6=6  =6  =6  \\%%& =6@=U=u= 15 1U 1u 1 !E!e!!H?%?u?? $ $ $  $  $  $  $ N"c"e"J#5#U# EcEeE0%c%E%8L%QV%495  E e  $u P3PUP3P5Pf)^3)^U)^3)^5)^AsE$$ E43E4