-
Notifications
You must be signed in to change notification settings - Fork 74
/
Copy pathmessage_authenticate_test.go
102 lines (81 loc) · 4.03 KB
/
message_authenticate_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
//Copyright 2013 Thomson Reuters Global Resources. BSD License please see License file for more information
package ntlm
import (
"bytes"
"encoding/base64"
"encoding/hex"
"testing"
)
func checkPayloadStruct(t *testing.T, payloadStruct *PayloadStruct, len uint16, offset uint32) {
if payloadStruct.Len != len || payloadStruct.Offset != offset {
t.Errorf("Failed to parse payload struct %d, %d", payloadStruct.Len, payloadStruct.Offset)
}
}
func TestParseNTLMv1AsV2(t *testing.T) {
ntlmv1data := "TlRMTVNTUAADAAAAGAAYALYAAAAYABgAzgAAADQANABIAAAAIAAgAHwAAAAaABoAnAAAABAAEADmAAAAVYKQQgUCzg4AAAAPYQByAHIAYQB5ADEAMgAuAG0AcwBnAHQAcwB0AC4AcgBlAHUAdABlAHIAcwAuAGMAbwBtAHUAcwBlAHIAcwB0AHIAZQBzAHMAMQAwADAAMAAwADgATgBZAEMAVgBBADEAMgBTADIAQwBNAFMAQQDguXWdC2hLH+C5dZ0LaEsf4Ll1nQtoSx9nI+fkE73qtElnkDiSQbxfcDN9zbtO1qfyK3ZTI6CUhvjxmXnpZEjY"
authBytes, err := base64.StdEncoding.DecodeString(ntlmv1data)
_, err = ParseAuthenticateMessage(authBytes, 2)
if err == nil {
t.Error("Should have returned error when tring to parse an NTLMv1 authenticate message as NTLMv2")
}
_, err = ParseAuthenticateMessage(authBytes, 1)
if err != nil {
t.Error("Should not have returned error when tring to parse an NTLMv1 authenticate message")
}
}
func TestAuthenticateNtlmV1(t *testing.T) {
authenticateMessage := "TlRMTVNTUAADAAAAGAAYAIgAAAAYABgAoAAAAAAAAABYAAAAIAAgAFgAAAAQABAAeAAAABAAEAC4AAAAVYKQYgYBsR0AAAAP2BgW++b14Dh6Z5B4Xs1DiHAAYQB1AGwAQABwAGEAdQBsAGQAaQB4AC4AbgBlAHQAVwBJAE4ANwBfAEkARQA4ACugxZFzvHB4P6LdKbbZpiYHo2ErZURLiSugxZFzvHB4P6LdKbbZpiYHo2ErZURLibmpCUlnbq2I4LAdEhLdg7I="
authenticateData, err := base64.StdEncoding.DecodeString(authenticateMessage)
if err != nil {
t.Error("Could not base64 decode message data")
}
a, err := ParseAuthenticateMessage(authenticateData, 1)
if err != nil {
t.Error("Could not parse authenticate message")
}
a.String()
outBytes := a.Bytes()
if len(outBytes) > 0 {
reparsed, err := ParseAuthenticateMessage(outBytes, 1)
if err != nil {
t.Error("Could not re-parse authenticate message")
}
if reparsed.String() != a.String() {
t.Error("Reparsed message is not the same")
}
} else {
t.Error("Invalid authenticate messsage bytes")
}
}
func TestAuthenticateNtlmV2(t *testing.T) {
authenticateMessage := "TlRMTVNTUAADAAAAGAAYAI4AAAAGAQYBpgAAAAAAAABYAAAAIAAgAFgAAAAWABYAeAAAABAAEACsAQAAVYKQQgYAchcAAAAPpdhi9ItaLWwSGpFMT4VQbnAAYQB1AGwAQABwAGEAdQBsAGQAaQB4AC4AbgBlAHQASQBQAC0AMABBADAAQwAzAEEAMQBFAAE/QEbbIB1InAX5KMgp4s4wmpPZ9jp9T3EC95rRY01DhMSv1kei5wYBAQAAAAAAADM6xfahoM0BMJqT2fY6fU8AAAAAAgAOAFIARQBVAFQARQBSAFMAAQAcAFUASwBCAFAALQBDAEIAVABSAE0ARgBFADAANgAEABYAUgBlAHUAdABlAHIAcwAuAG4AZQB0AAMANAB1AGsAYgBwAC0AYwBiAHQAcgBtAGYAZQAwADYALgBSAGUAdQB0AGUAcgBzAC4AbgBlAHQABQAWAFIAZQB1AHQAZQByAHMALgBuAGUAdAAIADAAMAAAAAAAAAAAAAAAADAAAFaspfI82pMCKSuN2L09orn37EQVvxCSqVqQhCloFhQeAAAAAAAAAADRgm1iKYwwmIF3axms/dIe"
authenticateData, err := base64.StdEncoding.DecodeString(authenticateMessage)
if err != nil {
t.Error("Could not base64 decode message data")
}
a, err := ParseAuthenticateMessage(authenticateData, 2)
if err != nil || a == nil {
t.Error("Failed to parse authenticate message " + err.Error())
}
checkPayloadStruct(t, a.LmChallengeResponse, 24, 142)
checkPayloadStruct(t, a.NtChallengeResponseFields, 262, 166)
checkPayloadStruct(t, a.DomainName, 0, 88)
checkPayloadStruct(t, a.UserName, 32, 88)
checkPayloadStruct(t, a.Workstation, 22, 120)
checkPayloadStruct(t, a.EncryptedRandomSessionKey, 16, 428)
if a.NegotiateFlags != uint32(1116766805) {
t.Errorf("Authenticate negotiate flags not correct should be %d got %d", uint32(1116766805), a.NegotiateFlags)
}
mic, err := hex.DecodeString("a5d862f48b5a2d6c121a914c4f85506e")
if !bytes.Equal(a.Mic, mic) {
t.Errorf("Mic not correct, should be %s, got %s", "a5d862f48b5a2d6c121a914c4f85506e", hex.EncodeToString(a.Mic))
}
if len(a.Payload) != 356 {
t.Errorf("Length of payload is incorrect got: %d, should be %d", len(a.Payload), 356)
}
a.String()
// Generate the bytes from the message and reparse it and make sure that works
bytes := a.Bytes()
if len(bytes) == 0 {
}
}