Python impacket.ntlm.getNTLMSSPType1() Examples

The following are 1 code examples of impacket.ntlm.getNTLMSSPType1(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module impacket.ntlm , or try the search function .
Example #1
Source File: ntlm_challenger.py    From ntlm_challenger with MIT License 4 votes vote down vote up
def request_SMBv23(host, port=445):

  # start client
  smb_client = smb3.SMB3(host, host, sess_port=port)
  
  # start: modified from login()
  # https://github.com/SecureAuthCorp/impacket/blob/master/impacket/smb3.py
  
  session_setup = smb3.SMB2SessionSetup()
  
  if smb_client.RequireMessageSigning is True:
    session_setup['SecurityMode'] = smb3.SMB2_NEGOTIATE_SIGNING_REQUIRED
  else:
    session_setup['SecurityMode'] = smb3.SMB2_NEGOTIATE_SIGNING_ENABLED
  
  session_setup['Flags'] = 0
  
  ## NTLMSSP
  blob = smb3.SPNEGO_NegTokenInit()
  blob['MechTypes'] = [smb3.TypesMech['NTLMSSP - Microsoft NTLM Security Support Provider']]
  
  auth = ntlm.getNTLMSSPType1(smb_client._Connection['ClientName'], '',
            smb_client._Connection['RequireSigning'])
  blob['MechToken'] = auth.getData()

  session_setup['SecurityBufferLength'] = len(blob)
  session_setup['Buffer']               = blob.getData()
  
  packet = smb_client.SMB_PACKET()
  packet['Command'] = smb3.SMB2_SESSION_SETUP
  packet['Data']    = session_setup
  
  packet_id = smb_client.sendSMB(packet)
  
  smb_response = smb_client.recvSMB(packet_id)

  if smb_client._Connection['Dialect'] == smb3.SMB2_DIALECT_311:
      smb_client.__UpdatePreAuthHash(smb_response.rawData)
  
  ## NTLM challenge
  if smb_response.isValidAnswer(smb3.STATUS_MORE_PROCESSING_REQUIRED):
    session_setup_response = smb3.SMB2SessionSetup_Response(smb_response['Data'])
    resp_token = smb3.SPNEGO_NegTokenResp(session_setup_response['Buffer'])

    return resp_token['ResponseToken']

  else:
    return None