From c5e137d7d37991b322bc6611a4ada7f96c93d2ab Mon Sep 17 00:00:00 2001 From: amaloteaux <> Date: Fri, 1 Apr 2011 20:58:11 +0000 Subject: [PATCH] correct a bug on ntlm signing git-svn-id: file:///home/svn/framework3/trunk@12211 4d416f70-5f16-0410-b530-b9f4589650da --- lib/rex/proto/ntlm/utils.rb | 5 ++--- lib/rex/proto/smb/client.rb | 6 ++++-- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/lib/rex/proto/ntlm/utils.rb b/lib/rex/proto/ntlm/utils.rb index f2bcab9537..eb17d1e7c6 100644 --- a/lib/rex/proto/ntlm/utils.rb +++ b/lib/rex/proto/ntlm/utils.rb @@ -629,7 +629,7 @@ class Utils end # create the session key - def self.create_session_key(server_ntlmssp_flags, user, pass, domain, challenge_key, + def self.create_session_key(ntlmssp_flags, server_ntlmssp_flags, user, pass, domain, challenge_key, client_challenge = '', ntlm_cli_challenge = '' , opt = {} ) usentlm2_session = opt[:usentlm2_session] != nil ? opt[:usentlm2_session] : true @@ -669,7 +669,6 @@ class Utils ntlmssp_flags |= CONST::NEGOTIATE_56 end end - # Generate the user session key lanman_weak = false if send_ntlm # Should be default @@ -750,7 +749,7 @@ class Utils signing_key = user_session_key end - return signing_key, enc_session_key + return signing_key, enc_session_key, ntlmssp_flags end diff --git a/lib/rex/proto/smb/client.rb b/lib/rex/proto/smb/client.rb index 21930f3182..64e9f6531e 100644 --- a/lib/rex/proto/smb/client.rb +++ b/lib/rex/proto/smb/client.rb @@ -871,9 +871,11 @@ NTLM_UTILS = Rex::Proto::NTLM::Utils self.spnopt, ntlm_options) enc_session_key = '' self.sequence_counter = 0 + if self.require_signing - self.signing_key, enc_session_key = NTLM_UTILS.create_session_key(server_ntlmssp_flags, user, pass, domain, self.challenge_key, - client_challenge, ntlm_cli_challenge, ntlm_options) + self.signing_key, enc_session_key, ntlmssp_flags = NTLM_UTILS.create_session_key(ntlmssp_flags, server_ntlmssp_flags, user, pass, domain, + self.challenge_key, client_challenge, ntlm_cli_challenge, + ntlm_options) end # Create the security blob data