Ntlm proxy Traversal

In the past, we analyzed NTLM technology and implementation methods in Sina's pitfalls and provided code. The worst thing to remember is to look for the DES algorithm. The calculated values provided in N places are different and have been depressed for a long time. Now we will gradually move these blogs to csdn.

• Proxy traversal (1): process and NTLM Algorithm
• PROXY traversal (2): Base64 Algorithm
  

• Implement PROXY traversal (3): One of the DES Algorithms
• Implement PROXY traversal (4): DES algorithm 2
• Implement PROXY traversal (5): DES algorithm 3
• Implement PROXY traversal (6): LM-Hash implementation
• PROXY traversal (7): MD4 and MD5
• Implement PROXY traversal (8): NT-Hash implementation
• Implement PROXY traversal (9): NTLMv1 response
• Implement PROXY traversal (10): NTLMv2 response
• PROXY traversal (11): NTLMv2 session response
• Implement PROXY traversal (12): NTLM type1 Message
• Implement PROXY traversal (13): NTLM type2 Message
• Implement PROXY traversal (14): NTLM type3 Message
• PROXY traversal (15): NTLM Session Security

The base64 algorithm is obtained through the Internet communist. The md4, MD5, and HMAC MD5 algorithms are provided in RFC, and the rest can be compiled according to the above steps. I provide an example of source code. Specifically, the algorithms starting with Arith _, httppc_ntlm is the response structure of NTLM type1, type2, and type3 messages. test_httppc_connect is a test example with no main function in it, however, construct another main function. After wei_set_proxy_info, call wei_httppc_connect. Available in http://download.csdn.net/source/1113570

Download.

Sorry, I received a message saying that the header file was missing. I looked at it and missing the MD. h header file, not in the following:

 

/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All

License to copy and use this software is gra/* Copyright (C) 1991-2,

RSA Data Security, Inc. Created 1991. All rights reserved.

License to copy and use this software is granted provided that it

Is identified as the "RSA Data Security, Inc. MD4 Message-Digest

Algorithm "in all material mentioning or referencing this software

Or this function.

License is also granted to make and use derivative works provided

That such works are identified as "derived from the RSA Data

Security, Inc. MD4 Message-Digest Algorithm "in all material

Mentioning or referencing the derived work.

RSA Data Security, Inc. makes no representations concerning either

The merchantability of this software or the suitability of this

Software for any special purpose. It is provided "as is"

Without express or implied warranty of any kind.

These notices must be retained in any copies of any part of this

Documentation and/or software.

*/

# Ifdef _ cplusplus

Extern "C "{

# Endif

# Ifndef WEI_MD_H

# Define WEI_MD_H

# Ifndef IN

# Define IN

# Endif

# Ifndef OUT

# Define OUT

# Endif

/*********************************** Algorithm: MD4 and MD5 *********************************/

// From The appendix of RFC1320 The MD4 Message-Digest Algorithm

// From The appendix of RFC1321 The MD5 Message-Digest Algorithm

/* PROTOTYPES shocould be set to one if and only if the compiler supports function

* Argument prototyping. The following makes PROTOTYPES default to 0 if it has not

* Already been defined with C compiler flags.

*/

# Ifndef prototypes

# Define prototypes 0

# Endif

/* Pointer defines a generic pointer type */

Typedef unsigned char * pointer;

/* Uint2 defines a two byte word */

Typedef unsigned short int uint2;

/* Uint4 defines a four byte word */

Typedef unsigned long int uint4;

/* Proto_list is defined depending on how prototypes is defined above. If using prototypes,

* Then proto_list returns the list, otherwise it returns an empty list.

*/

# If prototypes

# Define proto_list (list) List

# Else

# Define proto_list (list )()

# Endif

/* Md4 context .*/

Typedef struct {

Uint4 State [4];/* State (ABCD )*/

Uint4 count [2];/* Number of BITs, modulo 2 ^ 64 (LSB first )*/

Unsigned char buffer [64];/* input buffer */

} Md4_ctx;

Void md4init proto_list (md4_ctx *));

Void md4update proto_list

(Md4_ctx *, unsigned char *, unsigned INT ));

Void md4final proto_list (unsigned char [16], md4_ctx *));

/* MD5 context .*/

Typedef struct {

UINT4 state [4];/* state (ABCD )*/

UINT4 count [2];/* number of bits, modulo 2 ^ 64 (lsb first )*/

Unsigned char buffer [64];/* input buffer */

} MD5_CTX;

Void MD5Init PROTO_LIST (MD5_CTX *));

Void MD5Update PROTO_LIST

(MD5_CTX *, unsigned char *, unsigned int ));

Void MD5Final PROTO_LIST (unsigned char [16], MD5_CTX *));

# Endif

# Ifdef _ cplusplus

}

# Endif

I did not package and encapsulate it seriously, but extracted it from one of my projects. I am sorry for some omissions. Today, another netizen asked where private is defined. Because the code is not on the machine at hand, you cannot take a closer look. The definition of private is as follows:

# Define private

The definition is empty. This is a private imitation of C ++. It indicates that this function will not be referenced by other files and is only used in this file.

I recently received a letter from a netizen saying that I have missing a few util files. This is not in the NTLM algorithm, but in the test_httppc_connect.cpp verification example. Check that I did not put it online. Khan, because the verification example is extracted from a program, which contains a simple HTTP resolution. I originally wanted to update the resource and did not find the update method. So I have to add it here. It must be noted that this part is not directly related to the real algorithm.

This is the header file

# Ifdef _ cplusplus

Extern "C "{

# Endif

# Ifndef wei_util_h

# Define wei_util_h

# Ifndef in

# Define in

# Endif

# Ifndef out

# Define out

# Endif

# Ifndef private

# Define private

# Endif

******* **************************/

/** Retrieve the number of times a string appears */

Int wei_util_get_str_num (in char * Buf, In char * Ch );

/** The length of string B must be smaller than that of string. Or ensure sufficient space for Str. */

Bool wei_util_replace_all (in out char * STR, in const char * a, in const char * B );

/** This function will affect the original Buf in and out. Please note that you can use copies for processing. Similar to Java split */

Bool wei_util_split (in out char * Buf, In char * Ch, in int num, out char ** DST );

/** Check whether all numbers exist */

Bool wei_util_check_allnum (IN char * );

/** Remove leading and trailing spaces of strings */

Void wei_util_str_trim (in out char * );

/** For comparison between strings, you can select whether to be case sensitive and set the length of the comparison. If the length is <= 0, it indicates comparison of all strings. */

Bool wei_util_str_compare (IN const char * a, IN const char * B, IN bool isCase, IN int length );

/** A ignores leading and trailing spaces and compares them with B */

Bool wei_util_str_compare_trim (char * a, char * B, bool is_case );

# Endif

# Ifdef _ cplusplus

}

# Endif

This is the source code file.

// Wei_util.cpp: implementation of the util funtions.

//

//////////////////////////////////////// //////////////////////////////

# Include <stdio. h>

# Include <stdlib. h>

# Include <string. h>

# Include "util/wei_util.h"

/********************************** Part 1: character string processing ********************************/

/** Retrieve the number of times a string appears */

Int wei_util_get_str_num (in char * Buf, In char * Ch ){

Int num = 0;

Char * A = Buf, * B = NULL;

While (B = strstr (A, CH ))! = NULL ){

Num ++;

A = B + strlen (CH );

}

Return num;

}

/** The length of string B must be smaller than that of string. Or ensure sufficient space for Str. */

Bool wei_util_replace_all (in out char * STR, in const char * a, in const char * B)

{

Char * C;

Int offset = strlen (a)-strlen (B );

If (offset <0)

Return false;

While (C = strstr (STR, ))! = NULL ){

Sprintf (c, "% s", B, c + strlen ());

}

Return true;

}

/*

Void tempPrint (char * buf ){

LOG (LOG_DEBUG, "========= binary output length: % d", strlen (buf ));

For (int I = 0; I <strlen (buf)/8 + 1; I ++ ){

LOG (LOG_DEBUG, "% d/t % 02x % 02x % 02x % 02x % 02x % 02x % 02x % 02x", I * 8,

(Unsigned char) buf [8 * I], (unsigned char) buf [8 * I + 1], (unsigned char) buf [8 * I + 2],

(Unsigned char) buf [8 * I + 3], (unsigned char) buf [8 * I + 4], (unsigned char) buf [8 * I + 5],

(Unsigned char) buf [8 * I + 6], (unsigned char) buf [8 * I + 7]);

}

}*/

/** This function will affect the original buf in and out. Please note that you can use copies for processing. */

Bool wei_util_split (in out char * Buf, In char * Ch, in int num, out char ** DST ){

Char * A = Buf, * B = Buf;

For (INT I = 0; I <num; I ++ ){

B = strstr (A, CH );

If (I = num-1 ){

DST [I] =;

} Else if (B = NULL ){

Return false;

} Else {

DST [I] =;

A = B + strlen (CH );

B [0] = 0;

}

}

Return true;

}

/** Check whether all numbers exist */

Bool wei_util_check_allnum (char * ){

If (A = NULL | strlen (A) = 0)

Return false;

For (unsigned int I = 0; I <strlen (a); I ++ ){

If (A [I] <'0' | A [I]> '9 ')

Return false;

}

Return true;

}

/** Remove leading and trailing spaces of strings */

Void wei_util_str_trim (in out char * ){

Char * temp = NULL, * P = NULL, * E = NULL;

If (A = NULL | strlen (A) = 0)

Return;

Temp = (char *) malloc (strlen (A) + 1 );

Memset (temp, 0, sizeof (temp ));

P =;

While (P [0] = ''){

P ++;

}

E = a + strlen (a)-1;

While (* E = ''){

E --;

}

Memcpy (temp, P, strlen (P)-strlen (e) + 1 );

Strcpy (A, P );

Free (temp );

}

/** For comparison between strings, you can select whether to be case sensitive and set the length of the comparison. If the length is <= 0, it indicates comparison of all strings. */

Bool wei_util_str_compare (IN const char * a, IN const char * B, IN bool isCase, IN int length ){

# Ifdef _ LINUX

If (isCase)

Return length <= 0? Strcmp (a, B) = 0: strncmp (a, B, n) = 0;

Else

Return length <= 0? Strcasecmp (a, B) = 0: strncasecmp (a, B, n) = 0;

# Endif

If (isCase)

Return length <= 0? Strcmp (a, B) = 0: strncmp (a, B, length) = 0;

Int len_a = strlen ();

Int len_ B = strlen (B );

If (length <= 0 & len_a! = Len_ B)

Return false;

Else if (length> 0 & (len_a <length | len_ B <length ))

Return false;

If (length <= 0)

Length = len_a;

Int step = 'a'-'A ';

For (INT I = 0; I <length; I ++ ){

If (A [I]! = B [I]) {

If (A [I]-B [I] = Step & A [I]> = 'A' & A [I] <= 'Z ')

Continue;

If (B [I]-A [I] = Step & A [I]> = 'A' & A [I] <= 'Z ')

Continue;

Return false;

}

}

Return true;

}

/** A ignores leading and trailing spaces and compares them with B */

Bool wei_util_str_compare_trim (char * a, char * B, bool is_case ){

Char * H =;

Char * E = a + strlen (a)-1;

While (* H = '')

H ++;

While (* E = '')

E --;

If (strlen (B )! = (Unsigned INT) (e-h) + 1)

Return false;

If (is_case)

Return strncmp (H, B, strlen (B) = 0;

Int step = 'a'-'A ';

For (unsigned int I = 0; I <strlen (B); I ++ ){

If (H [I]! = B [I]) {

If (H [I]-B [I] = Step & H [I]> = 'A' & H [I] <= 'Z ')

Continue;

If (B [I]-H [I] = Step & H [I]> = 'A' & H [I] <= 'Z ')

Continue;

Return false;

}

}

Return true;

}

// *********** End of Part 1: string processing