Merge pull request #2 from itjstagame/support_ntlmv2

Add support for NTLM v2

lib/messages/session_setup_step1.js

@@ -1,6 +1,6 @@
 var SMB2Message = require('../tools/smb2-message');
 var message = require('../tools/message');
-var ntlm = require('ntlm');
+var ntlm = require('../tools/ntlm');
 
 module.exports = message({
   generate: function(connection) {
@@ -10,7 +10,7 @@ module.exports = message({
         ProcessId: connection.ProcessId,
       },
       request: {
-        Buffer: ntlm.encodeType1(connection.ip, connection.domain),
+        Buffer: ntlm.createType1(connection.domain,connection.ip),
       },
     });
   },
@@ -20,6 +20,6 @@ module.exports = message({
   onSuccess: function(connection, response) {
     var h = response.getHeaders();
     connection.SessionId = h.SessionId;
-    connection.nonce = ntlm.decodeType2(response.getResponse().Buffer);
+    connection.nonce = ntlm.parseType2(response.getResponse().Buffer);
   },
 });

lib/messages/session_setup_step2.js

@@ -1,6 +1,6 @@
 var SMB2Message = require('../tools/smb2-message');
 var message = require('../tools/message');
-var ntlm = require('ntlm');
+var ntlm = require('../tools/ntlm');
 
 module.exports = message({
   generate: function(connection) {
@@ -11,13 +11,7 @@ module.exports = message({
         ProcessId: connection.ProcessId,
       },
       request: {
-        Buffer: ntlm.encodeType3(
-          connection.username,
-          connection.ip,
-          connection.domain,
-          connection.nonce,
-          connection.password
-        ),
+        Buffer: ntlm.createType3(connection.nonce,connection),
       },
     });
   },

lib/tools/ntlm.js

@@ -0,0 +1,49 @@
+/*
+Wrapper to allow diff ntlm packages but still accept and return Buffer as node-smb2 expects.  
+httpntlm expects strings, but supports ntlm v2 and will negotiate between either
+*/
+var ntlm = require('httpntlm').ntlm;
+
+function parsehttpntlmMsg(msg) {
+  var match = msg.match(/NTLM (.+)?/);
+	if(!match || !match[1]) {
+		return null;
+	}
+
+	return Buffer.from(match[1], 'base64');
+}
+
+var proto = {}
+
+proto.createType1 = function(domain, workstation) {
+  var options = {
+  	domain: domain,
+  	workstation: workstation
+  };
+  var msg = ntlm.createType1Message(options);
+  return parsehttpntlmMsg(msg);
+};
+
+proto.parseType2 = function(rawbuf) {
+  var rsp = rawbuf.toString('base64');
+  rsp = 'NTLM ' + rsp;
+  var msg = ntlm.parseType2Message(rsp,console.log);
+  return msg;
+};
+
+proto.createType3 = function(challengeNonce, options) {
+  if(!options.workstation) {
+  	options.workstation = options.ip;
+  }
+
+/* options to httpntlm
+	if(!options.domain) options.domain = '';
+	if(!options.workstation) options.workstation = '';
+	if(!options.username) options.username = '';
+	if(!options.password) options.password = '';
+*/
+  var msg = ntlm.createType3Message(challengeNonce, options);
+	return parsehttpntlmMsg(msg);
+};
+
+module.exports = proto;