mirror of
https://github.com/proxytunnel/proxytunnel.git
synced 2026-01-23 02:34:59 +00:00
Moved lots of NTLM messages to verbose mode. Removed some messages in quiet mode
Undone some sprintf->snprintf conversions, broken git-svn-id: https://proxytunnel.svn.sourceforge.net/svnroot/proxytunnel/trunk/proxytunnel@107 bc163920-b10d-0410-b2c5-a5491ca2ceef
This commit is contained in:
Mark Janssen
parent
8b4be2c0d6
commit
52a0712ba5
3 changed files with 72 additions and 48 deletions
26
http.c
26
http.c
|
|
@ -59,20 +59,28 @@ void analyze_HTTP()
|
|||
|
||||
if( strcmp( p, "200" ) != 0 )
|
||||
{
|
||||
message( "HTTP return code: '%s'\n", p );
|
||||
p += strlen( p ) + 1;
|
||||
message( "%s\n", p );
|
||||
if( ! args_info.quiet_flag )
|
||||
message( "HTTP return code: '%s'\n", p );
|
||||
|
||||
if (!ntlm_challenge && strcmp( p, "407") != 0) {
|
||||
do {
|
||||
p += strlen( p ) + 1;
|
||||
|
||||
if( ! args_info.quiet_flag )
|
||||
message( "%s\n", p );
|
||||
|
||||
if (!ntlm_challenge && strcmp( p, "407") != 0)
|
||||
{
|
||||
do
|
||||
{
|
||||
readline();
|
||||
if (strncmp( buf, "Proxy-Authenticate: NTLM ", 25) == 0) {
|
||||
if (strncmp( buf, "Proxy-Authenticate: NTLM ", 25) == 0)
|
||||
{
|
||||
if (parse_type2((unsigned char *)&buf[25]) < 0)
|
||||
exit(1);
|
||||
}
|
||||
} while ( strcmp( buf, "\r\n" ) != 0 );
|
||||
}
|
||||
if (ntlm_challenge == 1) {
|
||||
if (ntlm_challenge == 1)
|
||||
{
|
||||
proxy_protocol();
|
||||
return;
|
||||
}
|
||||
|
|
@ -93,13 +101,13 @@ void proxy_protocol()
|
|||
{
|
||||
if( args_info.verbose_flag )
|
||||
message( "Tunneling to %s (remote proxy)\n", args_info.remproxy_arg );
|
||||
snprintf( buf, 21+sizeof(args_info.remproxy_arg), "CONNECT %s HTTP/1.0\r\n", args_info.remproxy_arg );
|
||||
sprintf( buf, "CONNECT %s HTTP/1.0\r\n", args_info.remproxy_arg );
|
||||
}
|
||||
else
|
||||
{
|
||||
if( args_info.verbose_flag )
|
||||
message( "Tunneling to %s (destination)\n", args_info.dest_arg );
|
||||
snprintf( buf, 21+sizeof(args_info.dest_arg), "CONNECT %s HTTP/1.0\r\n", args_info.dest_arg );
|
||||
sprintf( buf, "CONNECT %s HTTP/1.0\r\n", args_info.dest_arg );
|
||||
}
|
||||
|
||||
if ( args_info.user_given && args_info.pass_given )
|
||||
|
|
|
|||
91
ntlm.c
91
ntlm.c
|
|
@ -103,7 +103,8 @@ int parse_type2(unsigned char *buf)
|
|||
return -1;
|
||||
}
|
||||
|
||||
message("parse_type2: Signature matched\n");
|
||||
if( args_info.verbose_flag )
|
||||
message("parse_type2: Signature matched\n");
|
||||
|
||||
if (t2->message_type != NTLM_TYPE_2) {
|
||||
message("parse_type2: Incorrect message type sent\n");
|
||||
|
|
@ -123,25 +124,32 @@ int parse_type2(unsigned char *buf)
|
|||
for (i = 0; i < 8; i++)
|
||||
challenge[i] = t2->challenge[i];
|
||||
|
||||
message("NTLM Got Domain: %s\n", domain);
|
||||
if( args_info.verbose_flag )
|
||||
message("NTLM Got Domain: %s\n", domain);
|
||||
|
||||
if( args_info.domain_given )
|
||||
{
|
||||
message( "NTLM Overriding domain: %s\n", args_info.domain_arg );
|
||||
if( ! args_info.quiet_flag )
|
||||
message( "NTLM Overriding domain: %s\n", args_info.domain_arg );
|
||||
for( i = 0; i < strlen(args_info.domain_arg); i++ )
|
||||
{
|
||||
domain[i] = args_info.domain_arg[i];
|
||||
}
|
||||
domain[i] = 0;
|
||||
}
|
||||
message("NTLM Domain: %s\n", domain);
|
||||
message("NTLM Got Challenge: ");
|
||||
for (i = 0; i < 8; i++)
|
||||
message("%02X", challenge[i]);
|
||||
message("\n");
|
||||
|
||||
if( args_info.verbose_flag )
|
||||
{
|
||||
message("NTLM Domain: %s\n", domain);
|
||||
message("NTLM Got Challenge: ");
|
||||
|
||||
for (i = 0; i < 8; i++)
|
||||
message("%02X", challenge[i]);
|
||||
message("\n");
|
||||
}
|
||||
|
||||
if (!(t2->flags & NEG_NTLM && t2->flags & NEG_NTLM2)) {
|
||||
message("parse_type2: Sorry, NTLMv2 is only supported at this time, I will do NTLMv1 should I ever get stuck behind a NTLMv1 FW\n");
|
||||
message("parse_type2: Sorry, only NTLMv2 is supported at this time\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
|
@ -339,13 +347,15 @@ void build_ntlm2_response() {
|
|||
MD4_Update (&passcontext, unipasswd, passlen);
|
||||
MD4_Final (passdigest, &passcontext);
|
||||
|
||||
message("MD4 of password is: ");
|
||||
for( i = 0; i < 16; i++)
|
||||
message("%02X", passdigest[i]);
|
||||
message("\n");
|
||||
|
||||
message("DOMAIN: %s\nUSER: %s\n", domain, args_info.user_arg);
|
||||
if( args_info.verbose_flag )
|
||||
{
|
||||
message("NTLM: MD4 of password is: ");
|
||||
for( i = 0; i < 16; i++)
|
||||
message("%02X", passdigest[i]);
|
||||
message("\n");
|
||||
|
||||
message("DOMAIN: %s\nUSER: %s\n", domain, args_info.user_arg);
|
||||
}
|
||||
|
||||
userdomlen = sizeof(unsigned char) * (strlen(args_info.user_arg) + strlen(domain)) * 2;
|
||||
userdom = (unsigned char *)malloc(userdomlen);
|
||||
|
|
@ -377,30 +387,33 @@ void build_ntlm2_response() {
|
|||
}
|
||||
}
|
||||
|
||||
message("userdom is: ");
|
||||
for( i = 0; i < userdomlen; i++)
|
||||
message("%02X", userdom[i]);
|
||||
message("\n");
|
||||
|
||||
if( args_info.verbose_flag )
|
||||
{
|
||||
message("userdom is: ");
|
||||
for( i = 0; i < userdomlen; i++)
|
||||
message("%02X", userdom[i]);
|
||||
message("\n");
|
||||
}
|
||||
|
||||
hmac_md5(userdom, userdomlen, passdigest, 16, userdomdigest);
|
||||
|
||||
free(userdom);
|
||||
|
||||
message("HMAC_MD5 of userdom keyed with MD4 pass is: ");
|
||||
for( i = 0; i < 16; i++)
|
||||
message("%02X", userdomdigest[i]);
|
||||
message("\n");
|
||||
if( args_info.verbose_flag )
|
||||
{
|
||||
message("HMAC_MD5 of userdom keyed with MD4 pass is: ");
|
||||
for( i = 0; i < 16; i++)
|
||||
message("%02X", userdomdigest[i]);
|
||||
message("\n");
|
||||
}
|
||||
|
||||
if ((sizeof(long long) != 8)) {
|
||||
message("We are in trouble here.. long long support is not here!!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
|
||||
bloblen = sizeof(blob) + sizeof(unsigned char) * t_info_len;
|
||||
|
||||
|
||||
pblob = (unsigned char *)malloc(bloblen);
|
||||
if (!pblob) {
|
||||
message("Fatal Error in build_ntlm2_response, Malloc failed\n");
|
||||
|
|
@ -416,7 +429,6 @@ void build_ntlm2_response() {
|
|||
|
||||
b->signature = 0x00000101;
|
||||
|
||||
|
||||
// This is nasty, also not sure all this 64bit arithmetic will work all the time.. basically the spec says you
|
||||
// need the number of 10ths of microseconds since jan 1, 1601.
|
||||
|
||||
|
|
@ -431,12 +443,13 @@ void build_ntlm2_response() {
|
|||
for (i = 0; i < 8; i++)
|
||||
b->client_challenge[i] = (unsigned char) ((256.0 * rand()) / (RAND_MAX + 1.0)) ;
|
||||
|
||||
message("client_challenge is: ");
|
||||
for( i = 0; i < 8; i++)
|
||||
message("%02X", b->client_challenge[i]);
|
||||
message("\n");
|
||||
|
||||
|
||||
if( args_info.verbose_flag )
|
||||
{
|
||||
message("client_challenge is: ");
|
||||
for( i = 0; i < 8; i++)
|
||||
message("%02X", b->client_challenge[i]);
|
||||
message("\n");
|
||||
}
|
||||
|
||||
memcpy(&b->data_start, t_info, t_info_len);
|
||||
|
||||
|
|
@ -445,11 +458,13 @@ void build_ntlm2_response() {
|
|||
for(i = 0; i < 16; i++)
|
||||
b->digest[i] = responsedigest[i];
|
||||
|
||||
message("HMAC is: ");
|
||||
for( i = 0; i < 16; i++)
|
||||
message("%02X", responsedigest[i]);
|
||||
message("\n");
|
||||
|
||||
if( args_info.verbose_flag )
|
||||
{
|
||||
message("HMAC is: ");
|
||||
for( i = 0; i < 16; i++)
|
||||
message("%02X", responsedigest[i]);
|
||||
message("\n");
|
||||
}
|
||||
|
||||
// LM2 response generation
|
||||
|
||||
|
|
|
|||
|
|
@ -326,7 +326,8 @@ int main( int argc, char *argv[], char *envp[] )
|
|||
{
|
||||
if (args_info.ntlm_flag) {
|
||||
build_type1();
|
||||
message("Build Type 1 NTLM Message : %s\n", ntlm_type1_buf);
|
||||
if ( args_info.verbose_flag )
|
||||
message("Build Type 1 NTLM Message : %s\n", ntlm_type1_buf);
|
||||
} else
|
||||
make_basicauth();
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue