Class: Rex::Proto::LDAP::AuthAdapter::RexRelayNtlm

Inherits:
Net::LDAP::AuthAdapter
  • Object
show all
Defined in:
lib/rex/proto/ldap/auth_adapter/rex_relay_ntlm.rb

Overview

This implements NTLM authentication but facilitates operation from within a relay context where the NTLM processing is being handled by an external entity (the relay victim) and it expects to be called repeatedly with the necessary NTLM message

Instance Method Summary collapse

Instance Method Details

#bind(auth) ⇒ Object

Parameters:

  • auth (Hash)

    the options for binding

  • opts (Hash)

    a customizable set of options

Raises:

  • (Net::LDAP::BindingInformationInvalidError) 


14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'lib/rex/proto/ldap/auth_adapter/rex_relay_ntlm.rb', line 14

def bind(auth)
  mech = 'GSS-SPNEGO'
  ntlm_message = auth[:ntlm_message]
  raise Net::LDAP::BindingInformationInvalidError, "Invalid binding information (invalid NTLM message)" unless ntlm_message

  message_id = @connection.next_msgid
  sasl = [mech.to_ber, ntlm_message.to_ber].to_ber_contextspecific(3)
  request = [
    Net::LDAP::Connection::LdapVersion.to_ber, "".to_ber, sasl
  ].to_ber_appsequence(Net::LDAP::PDU::BindRequest)

  @connection.send(:write, request, nil, message_id)
  pdu = @connection.queued_read(message_id)

  if !pdu || pdu.app_tag != Net::LDAP::PDU::BindResult
    raise Net::LDAP::NoBindResultError, "no bind result"
  end

  pdu
end