ya-express-ntlm
Version:
102 lines • 4.13 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.createNTHashedPasswordV1 = exports.createLMHashedPasswordV1 = exports.createDesEncrypt = exports.extractNtlmMessageFromAuthenticateHeader = exports.NTLMTypeFlags = exports.NTLMFlag = void 0;
const des_js_1 = require("des.js");
const js_md4_1 = require("js-md4");
const utils_1 = require("./utils");
exports.NTLMFlag = {
NegotiateUnicode: 1,
NegotiateOEM: 2,
RequestTarget: 4,
Unknown9: 8,
NegotiateSign: 16,
NegotiateSeal: 32,
NegotiateDatagram: 64,
NegotiateLanManagerKey: 128,
Unknown8: 256,
NegotiateNTLM: 512,
NegotiateNTOnly: 1024,
Anonymous: 2048,
NegotiateOemDomainSupplied: 4096,
NegotiateOemWorkstationSupplied: 8192,
Unknown6: 16384,
NegotiateAlwaysSign: 32768,
TargetTypeDomain: 65536,
TargetTypeServer: 131072,
TargetTypeShare: 262144,
NegotiateExtendedSecurity: 524288,
NegotiateIdentify: 1048576,
Unknown5: 2097152,
RequestNonNTSessionKey: 4194304,
NegotiateTargetInfo: 8388608,
Unknown4: 16777216,
NegotiateVersion: 33554432,
Unknown3: 67108864,
Unknown2: 134217728,
Unknown1: 268435456,
Negotiate128: 536870912,
NegotiateKeyExchange: 1073741824,
Negotiate56: 2147483648,
};
exports.NTLMTypeFlags = {
TYPE1_FLAGS: exports.NTLMFlag.NegotiateUnicode
+ exports.NTLMFlag.NegotiateOEM
+ exports.NTLMFlag.RequestTarget
+ exports.NTLMFlag.NegotiateNTLM
+ exports.NTLMFlag.NegotiateOemDomainSupplied
+ exports.NTLMFlag.NegotiateOemWorkstationSupplied
+ exports.NTLMFlag.NegotiateAlwaysSign
+ exports.NTLMFlag.NegotiateExtendedSecurity
+ exports.NTLMFlag.NegotiateVersion
+ exports.NTLMFlag.Negotiate128
+ exports.NTLMFlag.Negotiate56,
TYPE2_FLAGS: exports.NTLMFlag.NegotiateUnicode
+ exports.NTLMFlag.RequestTarget
+ exports.NTLMFlag.NegotiateNTLM
+ exports.NTLMFlag.NegotiateAlwaysSign
+ exports.NTLMFlag.NegotiateExtendedSecurity
+ exports.NTLMFlag.NegotiateTargetInfo
+ exports.NTLMFlag.NegotiateVersion
+ exports.NTLMFlag.Negotiate128
+ exports.NTLMFlag.Negotiate56,
};
function extractNtlmMessageFromAuthenticateHeader(authenticateHeader) {
// The header may look like this: `Negotiate, NTLM, Basic realm="hidden-realm.example.net"`
// so extract the 'NTLM' part first
return (authenticateHeader
?.split(',')
.find((part) => part.match(/ *NTLM/))
?.trim() ?? undefined);
}
exports.extractNtlmMessageFromAuthenticateHeader = extractNtlmMessageFromAuthenticateHeader;
const createDesEncrypt = (key) => des_js_1.DES.create({ type: 'encrypt', key });
exports.createDesEncrypt = createDesEncrypt;
const createLMHashedPasswordV1 = (password) => {
// fix the password length to 14 bytes
password = password.toUpperCase();
const passwordBytes = Buffer.from(password, 'ascii');
const passwordBytesPadded = Buffer.alloc(14);
passwordBytesPadded.fill('\0');
let sourceEnd = 14;
if (passwordBytes.length < 14)
sourceEnd = passwordBytes.length;
passwordBytes.copy(passwordBytesPadded, 0, 0, sourceEnd);
// split into 2 parts of 7 bytes:
const firstPart = passwordBytesPadded.subarray(0, 7);
const secondPart = passwordBytesPadded.subarray(7);
function encrypt(buf) {
const key = (0, utils_1.insertZerosEvery7Bits)(buf);
const des = (0, exports.createDesEncrypt)(key);
return Buffer.from(des.update('KGS!@#$%')); // page 57 in [MS-NLMP]);
}
const firstPartEncrypted = encrypt(firstPart);
const secondPartEncrypted = encrypt(secondPart);
return Buffer.concat([firstPartEncrypted, secondPartEncrypted]);
};
exports.createLMHashedPasswordV1 = createLMHashedPasswordV1;
const createNTHashedPasswordV1 = (password) => {
const buf = Buffer.from(password, 'utf16le');
return Buffer.from((0, js_md4_1.create)().update(buf).digest());
};
exports.createNTHashedPasswordV1 = createNTHashedPasswordV1;
//# sourceMappingURL=core.js.map