├── .gitignore ├── .jshintrc ├── LICENSE ├── README.md ├── httpntlm.js ├── ntlm.js ├── package.json └── test ├── integration.js └── unit.js /.gitignore: -------------------------------------------------------------------------------- 1 | lib-cov 2 | *.seed 3 | *.log 4 | *.csv 5 | *.dat 6 | *.out 7 | *.pid 8 | *.gz 9 | 10 | pids 11 | logs 12 | results 13 | 14 | npm-debug.log 15 | node_modules 16 | app.js -------------------------------------------------------------------------------- /.jshintrc: -------------------------------------------------------------------------------- 1 | { 2 | "node": true, 3 | "laxbreak": true 4 | } 5 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2013 Sam 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # httpntlm 2 | 3 | __httpntlm__ is a Node.js library to do HTTP NTLM authentication 4 | 5 | It's a port from the Python libary [python-ntml](https://code.google.com/p/python-ntlm/) with added NTLMv2 support. 6 | 7 | ## Snyk security scan 8 | 9 | [![Known Vulnerabilities](https://snyk.io/test/github/SamDecrock/node-http-ntlm/badge.svg)](https://snyk.io/test/github/SamDecrock/node-http-ntlm) 10 | 11 | ## Donate 12 | 13 | If you've benefited from this module in any way, please consider donating! 14 | 15 | __Donations:__ 16 | 17 | | Name | amount | when | 18 | |------------|----------|-----------| 19 | | Tina Lacey | $ 20 | June 2018 | 20 | 21 | Last update: March 2023 22 | 23 | 24 | [![](https://neat.be/paypal-donate-button.png)](https://www.paypal.com/donate/?hosted_button_id=2CKNJLZJBW8ZC) 25 | 26 | Thank you for your support! 27 | 28 | 29 | ## Install 30 | 31 | You can install __httpntlm__ using the Node Package Manager (npm): 32 | 33 | npm install httpntlm 34 | 35 | ## How to use 36 | 37 | ```js 38 | var httpntlm = require('httpntlm'); 39 | 40 | httpntlm.get({ 41 | url: "https://someurl.com", 42 | username: 'm$', 43 | password: 'stinks', 44 | workstation: 'choose.something', 45 | domain: '' 46 | }, function (err, res){ 47 | if(err) return console.log(err); 48 | 49 | console.log(res.headers); 50 | console.log(res.body); 51 | }); 52 | ``` 53 | 54 | ## Options 55 | 56 | - `url:` _{String}_ URL to connect. (Required) 57 | - `username:` _{String}_ Username (optional, default: '') 58 | - `password:` _{String}_ Password (optional, default: '') 59 | - `workstation:` _{String}_ Name of workstation (optional, default: '') 60 | - `domain:` _{String}_ Name of domain (optional, default: '') 61 | - `agent:` _{Agent}_ In case you want to reuse the keepaliveAgent over different calls (optional) 62 | - `headers:` _{Object}_ Add in custom headers. The following headers are used by NTLM and cannot be passed: `Connection`, `Authorization` (optional) 63 | 64 | if you already got the encrypted password,you should use this two param to replace the 'password' param. 65 | 66 | - `lm_password` _{Buffer}_ encrypted lm password.(Required) 67 | - `nt_password` _{Buffer}_ encrypted nt password. (Required) 68 | 69 | You can also pass along all other options of [httpreq](https://github.com/SamDecrock/node-httpreq), including custom headers, cookies, body data, ... and use POST, PUT or DELETE instead of GET. 70 | 71 | ## NTLMv2 72 | 73 | When NTLMv2 extended security and target information can be negotiated with the server, this library assumes 74 | the server supports NTLMv2 and creates responses according to the NTLMv2 specification (the actually supported 75 | NTLM version cannot be negotiated). 76 | Otherwise, NTLMv1 or NTLMv1 with NTLMv2 extended security will be used. 77 | 78 | ## Advanced 79 | 80 | ### pre-encrypt the password 81 | ```js 82 | var httpntlm = require('httpntlm'); 83 | var ntlm = httpntlm.ntlm; 84 | var lm = ntlm.create_LM_hashed_password('Azx123456'); 85 | var nt = ntlm.create_NT_hashed_password('Azx123456'); 86 | 87 | 88 | httpntlm.get({ 89 | url: "https://someurl.com", 90 | username: 'm$', 91 | lm_password: lm, 92 | nt_password: nt, 93 | workstation: 'choose.something', 94 | domain: '' 95 | }, function (err, res){ 96 | if(err) return console.log(err); 97 | 98 | console.log(res.headers); 99 | console.log(res.body); 100 | }); 101 | ``` 102 | 103 | ### Use the NTLM-functions yourself 104 | If you want to use the NTLM-functions yourself, you can access the ntlm-library like this (https example): 105 | 106 | ```js 107 | var ntlm = require('httpntlm').ntlm; 108 | var async = require('async'); 109 | var httpreq = require('httpreq'); 110 | var HttpsAgent = require('agentkeepalive').HttpsAgent; 111 | var keepaliveAgent = new HttpsAgent(); 112 | 113 | var options = { 114 | url: "https://someurl.com", 115 | username: 'm$', 116 | password: 'stinks', 117 | workstation: 'choose.something', 118 | domain: '' 119 | }; 120 | 121 | async.waterfall([ 122 | function (callback){ 123 | var type1msg = ntlm.createType1Message(options); 124 | 125 | httpreq.get(options.url, { 126 | headers:{ 127 | 'Connection' : 'keep-alive', 128 | 'Authorization': type1msg 129 | }, 130 | agent: keepaliveAgent 131 | }, callback); 132 | }, 133 | 134 | function (res, callback){ 135 | if(!res.headers['www-authenticate']) 136 | return callback(new Error('www-authenticate not found on response of second request')); 137 | 138 | var type2msg = ntlm.parseType2Message(res.headers['www-authenticate']); 139 | var type3msg = ntlm.createType3Message(type2msg, options); 140 | 141 | setImmediate(function() { 142 | httpreq.get(options.url, { 143 | headers:{ 144 | 'Connection' : 'Close', 145 | 'Authorization': type3msg 146 | }, 147 | allowRedirects: false, 148 | agent: keepaliveAgent 149 | }, callback); 150 | }); 151 | } 152 | ], function (err, res) { 153 | if(err) return console.log(err); 154 | 155 | console.log(res.headers); 156 | console.log(res.body); 157 | }); 158 | ``` 159 | 160 | ### Download binary files 161 | 162 | ```js 163 | httpntlm.get({ 164 | url: "https://someurl.com/file.xls", 165 | username: 'm$', 166 | password: 'stinks', 167 | workstation: 'choose.something', 168 | domain: '', 169 | binary: true 170 | }, function (err, response) { 171 | if(err) return console.log(err); 172 | fs.writeFile("file.xls", response.body, function (err) { 173 | if(err) return console.log("error writing file"); 174 | console.log("file.xls saved!"); 175 | }); 176 | }); 177 | ``` 178 | 179 | ### Pass in custom headers 180 | 181 | ```js 182 | httpntlm.get({ 183 | url: "http://localhost:3000", 184 | username: 'm$', 185 | password: 'stinks', 186 | workstation: 'choose.something', 187 | domain: 'somedomain', 188 | headers: { 189 | 'User-Agent': 'my-useragent' 190 | } 191 | }, function (err, res){ 192 | if(err) return console.log(err); 193 | 194 | console.log(res.headers); 195 | console.log(res.body); 196 | }); 197 | ``` 198 | 199 | ### More examples 200 | 201 | You can find more examples on [Snyk](https://snyk.io/advisor/npm-package/httpntlm/example). 202 | 203 | ## More information 204 | 205 | * [python-ntlm](https://code.google.com/p/python-ntlm/) 206 | * [NTLM Authentication Scheme for HTTP](https://web.archive.org/web/20200724074947/https://www.innovation.ch/personal/ronald/ntlm.html) 207 | * [LM hash on Wikipedia](http://en.wikipedia.org/wiki/LM_hash) 208 | 209 | ## Tests 210 | 211 | Running tests in an open source package is crucial for ensuring the quality and reliability of the codebase. When you submit code changes, it's essential to ensure that these changes don't break existing functionality or introduce new bugs. 212 | 213 | Tests are written with Mocha. 214 | 215 | To run tests, simply run: 216 | 217 | npm test 218 | 219 | Note that the integration tests start up a simple express.js server with NTLM support. You might see some extra debugging info from that server when running integration tests. 220 | 221 | 222 | ## License (MIT) 223 | 224 | Copyright (c) Sam Decrock 225 | 226 | Permission is hereby granted, free of charge, to any person obtaining a copy 227 | of this software and associated documentation files (the "Software"), to deal 228 | in the Software without restriction, including without limitation the rights 229 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 230 | copies of the Software, and to permit persons to whom the Software is 231 | furnished to do so, subject to the following conditions: 232 | 233 | The above copyright notice and this permission notice shall be included in 234 | all copies or substantial portions of the Software. 235 | 236 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 237 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 238 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 239 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 240 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 241 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 242 | THE SOFTWARE. 243 | -------------------------------------------------------------------------------- /httpntlm.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright (c) 2013 Sam Decrock https://github.com/SamDecrock/ 3 | * All rights reserved. 4 | * 5 | * This source code is licensed under the MIT license found in the 6 | * LICENSE file in the root directory of this source tree. 7 | */ 8 | 9 | 'use strict'; 10 | 11 | var url = require('url'); 12 | var httpreq = require('httpreq'); 13 | var ntlm = require('./ntlm'); 14 | var _ = require('underscore'); 15 | var http = require('http'); 16 | var https = require('https'); 17 | 18 | exports.method = function(method, options, finalCallback){ 19 | if(!options.workstation) options.workstation = ''; 20 | if(!options.domain) options.domain = ''; 21 | 22 | // extract non-ntlm-options: 23 | var httpreqOptions = _.omit(options, 'url', 'username', 'password', 'workstation', 'domain'); 24 | 25 | // is https? 26 | var isHttps = false; 27 | var reqUrl = url.parse(options.url); 28 | if(reqUrl.protocol == 'https:') isHttps = true; 29 | 30 | // set keepaliveAgent (http or https): 31 | var keepaliveAgent; 32 | 33 | if(options.agent) { 34 | keepaliveAgent = options.agent; 35 | }else{ 36 | if(isHttps){ 37 | keepaliveAgent = new https.Agent({keepAlive: true}); 38 | }else{ 39 | keepaliveAgent = new http.Agent({keepAlive: true}); 40 | } 41 | } 42 | 43 | // build type1 request: 44 | 45 | function sendType1Message (callback) { 46 | var type1msg = ntlm.createType1Message(options); 47 | 48 | var type1options = { 49 | headers:{ 50 | 'Connection' : 'keep-alive', 51 | 'Authorization': type1msg 52 | }, 53 | timeout: options.timeout || 0, 54 | agent: keepaliveAgent, 55 | allowRedirects: false // don't redirect in httpreq, because http could change to https which means we need to change the keepaliveAgent 56 | }; 57 | 58 | // pass along other options: 59 | type1options = _.extend({}, _.omit(httpreqOptions, 'headers', 'body'), type1options); 60 | // do not pass headers here, only in the last call, the headers can be consumed serverside 61 | 62 | // send type1 message to server: 63 | httpreq[method](options.url, type1options, callback); 64 | } 65 | 66 | function sendType3Message (res, callback) { 67 | // catch redirect here: 68 | if(res.headers.location) { 69 | options.url = res.headers.location; 70 | return exports[method](options, finalCallback); 71 | } 72 | 73 | 74 | if(!res.headers['www-authenticate']) 75 | return callback(new Error('www-authenticate not found on response of second request')); 76 | 77 | // parse type2 message from server: 78 | var type2msg = ntlm.parseType2Message(res.headers['www-authenticate'], callback); //callback only happens on errors 79 | if(!type2msg) return; // if callback returned an error, the parse-function returns with null 80 | 81 | // create type3 message: 82 | var type3msg = ntlm.createType3Message(type2msg, options); 83 | 84 | // build type3 request: 85 | var type3options = { 86 | headers: { 87 | 'Connection': 'Close', 88 | 'Authorization': type3msg 89 | }, 90 | allowRedirects: false, 91 | agent: keepaliveAgent 92 | }; 93 | 94 | // pass along other options: 95 | type3options = _.extend(type3options, _.omit(httpreqOptions, 'headers')); 96 | 97 | // pass all headers except Authorization & Connection as the NTLM protocol uses this: 98 | if(httpreqOptions.headers) type3options.headers = _.extend(type3options.headers, _.omit(httpreqOptions.headers, 'Connection', 'Authorization')); 99 | 100 | // send type3 message to server: 101 | httpreq[method](options.url, type3options, callback); 102 | } 103 | 104 | 105 | sendType1Message(function (err, res) { 106 | if(err) return finalCallback(err); 107 | setImmediate(function () { // doesn't work without setImmediate() 108 | sendType3Message(res, finalCallback); 109 | }); 110 | }); 111 | 112 | }; 113 | 114 | ['get', 'put', 'patch', 'post', 'delete', 'options'].forEach(function(method){ 115 | exports[method] = exports.method.bind(exports, method); 116 | }); 117 | 118 | exports.ntlm = ntlm; //if you want to use the NTML functions yourself 119 | 120 | -------------------------------------------------------------------------------- /ntlm.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright (c) 2013 Sam Decrock https://github.com/SamDecrock/ 3 | * All rights reserved. 4 | * 5 | * This source code is licensed under the MIT license found in the 6 | * LICENSE file in the root directory of this source tree. 7 | */ 8 | 9 | var crypto = require('crypto'); 10 | var jsmd4 = require("js-md4"); 11 | var desjs = require("des.js"); 12 | 13 | var flags = { 14 | NTLM_NegotiateUnicode : 0x00000001, 15 | NTLM_NegotiateOEM : 0x00000002, 16 | NTLM_RequestTarget : 0x00000004, 17 | NTLM_Unknown9 : 0x00000008, 18 | NTLM_NegotiateSign : 0x00000010, 19 | NTLM_NegotiateSeal : 0x00000020, 20 | NTLM_NegotiateDatagram : 0x00000040, 21 | NTLM_NegotiateLanManagerKey : 0x00000080, 22 | NTLM_Unknown8 : 0x00000100, 23 | NTLM_NegotiateNTLM : 0x00000200, 24 | NTLM_NegotiateNTOnly : 0x00000400, 25 | NTLM_Anonymous : 0x00000800, 26 | NTLM_NegotiateOemDomainSupplied : 0x00001000, 27 | NTLM_NegotiateOemWorkstationSupplied : 0x00002000, 28 | NTLM_Unknown6 : 0x00004000, 29 | NTLM_NegotiateAlwaysSign : 0x00008000, 30 | NTLM_TargetTypeDomain : 0x00010000, 31 | NTLM_TargetTypeServer : 0x00020000, 32 | NTLM_TargetTypeShare : 0x00040000, 33 | NTLM_NegotiateExtendedSecurity : 0x00080000, 34 | NTLM_NegotiateIdentify : 0x00100000, 35 | NTLM_Unknown5 : 0x00200000, 36 | NTLM_RequestNonNTSessionKey : 0x00400000, 37 | NTLM_NegotiateTargetInfo : 0x00800000, 38 | NTLM_Unknown4 : 0x01000000, 39 | NTLM_NegotiateVersion : 0x02000000, 40 | NTLM_Unknown3 : 0x04000000, 41 | NTLM_Unknown2 : 0x08000000, 42 | NTLM_Unknown1 : 0x10000000, 43 | NTLM_Negotiate128 : 0x20000000, 44 | NTLM_NegotiateKeyExchange : 0x40000000, 45 | NTLM_Negotiate56 : 0x80000000 46 | }; 47 | var typeflags = { 48 | NTLM_TYPE1_FLAGS : flags.NTLM_NegotiateUnicode 49 | + flags.NTLM_NegotiateOEM 50 | + flags.NTLM_RequestTarget 51 | + flags.NTLM_NegotiateNTLM 52 | + flags.NTLM_NegotiateOemDomainSupplied 53 | + flags.NTLM_NegotiateOemWorkstationSupplied 54 | + flags.NTLM_NegotiateAlwaysSign 55 | + flags.NTLM_NegotiateExtendedSecurity 56 | + flags.NTLM_NegotiateVersion 57 | + flags.NTLM_Negotiate128 58 | + flags.NTLM_Negotiate56, 59 | 60 | NTLM_TYPE2_FLAGS : flags.NTLM_NegotiateUnicode 61 | + flags.NTLM_RequestTarget 62 | + flags.NTLM_NegotiateNTLM 63 | + flags.NTLM_NegotiateAlwaysSign 64 | + flags.NTLM_NegotiateExtendedSecurity 65 | + flags.NTLM_NegotiateTargetInfo 66 | + flags.NTLM_NegotiateVersion 67 | + flags.NTLM_Negotiate128 68 | + flags.NTLM_Negotiate56 69 | }; 70 | 71 | function createType1Message(options){ 72 | if(!options.domain) options.domain = ''; 73 | if(!options.workstation) options.workstation = ''; 74 | 75 | var domain = escape(options.domain.toUpperCase()); 76 | var workstation = escape(options.workstation.toUpperCase()); 77 | var protocol = 'NTLMSSP\0'; 78 | 79 | var BODY_LENGTH = 40; 80 | 81 | var type1flags = typeflags.NTLM_TYPE1_FLAGS; 82 | if(!domain || domain === '') 83 | type1flags = type1flags - flags.NTLM_NegotiateOemDomainSupplied; 84 | 85 | var pos = 0; 86 | var buf = Buffer.alloc(BODY_LENGTH + domain.length + workstation.length); 87 | 88 | 89 | buf.write(protocol, pos, protocol.length); pos += protocol.length; // protocol 90 | buf.writeUInt32LE(1, pos); pos += 4; // type 1 91 | buf.writeUInt32LE(type1flags, pos); pos += 4; // TYPE1 flag 92 | 93 | buf.writeUInt16LE(domain.length, pos); pos += 2; // domain length 94 | buf.writeUInt16LE(domain.length, pos); pos += 2; // domain max length 95 | buf.writeUInt32LE(BODY_LENGTH + workstation.length, pos); pos += 4; // domain buffer offset 96 | 97 | buf.writeUInt16LE(workstation.length, pos); pos += 2; // workstation length 98 | buf.writeUInt16LE(workstation.length, pos); pos += 2; // workstation max length 99 | buf.writeUInt32LE(BODY_LENGTH, pos); pos += 4; // workstation buffer offset 100 | 101 | buf.writeUInt8(5, pos); pos += 1; //ProductMajorVersion 102 | buf.writeUInt8(1, pos); pos += 1; //ProductMinorVersion 103 | buf.writeUInt16LE(2600, pos); pos += 2; //ProductBuild 104 | 105 | buf.writeUInt8(0 , pos); pos += 1; //VersionReserved1 106 | buf.writeUInt8(0 , pos); pos += 1; //VersionReserved2 107 | buf.writeUInt8(0 , pos); pos += 1; //VersionReserved3 108 | buf.writeUInt8(15, pos); pos += 1; //NTLMRevisionCurrent 109 | 110 | 111 | // length checks is to fix issue #46 and possibly #57 112 | if(workstation.length !=0) buf.write(workstation, pos, workstation.length, 'ascii'); pos += workstation.length; // workstation string 113 | if(domain.length !=0) buf.write(domain , pos, domain.length , 'ascii'); pos += domain.length; // domain string 114 | 115 | return 'NTLM ' + buf.toString('base64'); 116 | } 117 | 118 | function parseType2Message(rawmsg, callback){ 119 | var match = rawmsg.match(/NTLM (.+)?/); 120 | if(!match || !match[1]) { 121 | callback(new Error("Couldn't find NTLM in the message type2 coming from the server")); 122 | return null; 123 | } 124 | 125 | var buf = Buffer.from(match[1], 'base64'); 126 | 127 | var msg = {}; 128 | 129 | msg.signature = buf.slice(0, 8); 130 | msg.type = buf.readInt16LE(8); 131 | 132 | if(msg.type != 2) { 133 | callback(new Error("Server didn't return a type 2 message")); 134 | return null; 135 | } 136 | 137 | msg.targetNameLen = buf.readInt16LE(12); 138 | msg.targetNameMaxLen = buf.readInt16LE(14); 139 | msg.targetNameOffset = buf.readInt32LE(16); 140 | msg.targetName = buf.slice(msg.targetNameOffset, msg.targetNameOffset + msg.targetNameMaxLen); 141 | 142 | msg.negotiateFlags = buf.readInt32LE(20); 143 | msg.serverChallenge = buf.slice(24, 32); 144 | msg.reserved = buf.slice(32, 40); 145 | 146 | if(msg.negotiateFlags & flags.NTLM_NegotiateTargetInfo){ 147 | msg.targetInfoLen = buf.readInt16LE(40); 148 | msg.targetInfoMaxLen = buf.readInt16LE(42); 149 | msg.targetInfoOffset = buf.readInt32LE(44); 150 | msg.targetInfo = buf.slice(msg.targetInfoOffset, msg.targetInfoOffset + msg.targetInfoLen); 151 | } 152 | return msg; 153 | } 154 | 155 | function createType3Message(msg2, options){ 156 | if(!options.domain) options.domain = ''; 157 | if(!options.workstation) options.workstation = ''; 158 | if(!options.username) options.username = ''; 159 | if(!options.password) options.password = ''; 160 | 161 | var nonce = msg2.serverChallenge; 162 | var username = options.username; 163 | var password = options.password; 164 | var lm_password = options.lm_password; 165 | var nt_password = options.nt_password; 166 | var negotiateFlags = msg2.negotiateFlags; 167 | 168 | var isUnicode = negotiateFlags & flags.NTLM_NegotiateUnicode; 169 | var isNegotiateExtendedSecurity = negotiateFlags & flags.NTLM_NegotiateExtendedSecurity; 170 | 171 | var BODY_LENGTH = 72; 172 | 173 | var domainName = escape(options.domain.toUpperCase()); 174 | var workstation = escape(options.workstation.toUpperCase()); 175 | 176 | var workstationBytes, domainNameBytes, usernameBytes, encryptedRandomSessionKeyBytes; 177 | 178 | var encryptedRandomSessionKey = ""; 179 | if(isUnicode){ 180 | workstationBytes = Buffer.from(workstation, 'utf16le'); 181 | domainNameBytes = Buffer.from(domainName, 'utf16le'); 182 | usernameBytes = Buffer.from(username, 'utf16le'); 183 | encryptedRandomSessionKeyBytes = Buffer.from(encryptedRandomSessionKey, 'utf16le'); 184 | }else{ 185 | workstationBytes = Buffer.from(workstation, 'ascii'); 186 | domainNameBytes = Buffer.from(domainName, 'ascii'); 187 | usernameBytes = Buffer.from(username, 'ascii'); 188 | encryptedRandomSessionKeyBytes = Buffer.from(encryptedRandomSessionKey, 'ascii'); 189 | } 190 | 191 | var lmChallengeResponse = calc_resp((lm_password!=null)?lm_password:create_LM_hashed_password_v1(password), nonce); 192 | var ntChallengeResponse = calc_resp((nt_password!=null)?nt_password:create_NT_hashed_password_v1(password), nonce); 193 | 194 | if(isNegotiateExtendedSecurity){ 195 | /* 196 | * NTLMv2 extended security is enabled. While this technically can mean NTLMv2 extended security with NTLMv1 protocol, 197 | * servers that support extended security likely also support NTLMv2, so use NTLMv2. 198 | * This is also how curl implements NTLMv2 "detection". 199 | * By using NTLMv2, this supports communication with servers that forbid the use of NTLMv1 (e.g. via windows policies) 200 | * 201 | * However, the target info is needed to construct the NTLMv2 response so if it can't be negotiated, 202 | * fall back to NTLMv1 with NTLMv2 extended security. 203 | */ 204 | var pwhash = (nt_password!=null)?nt_password:create_NT_hashed_password_v1(password); 205 | var clientChallenge = ""; 206 | for(var i=0; i < 8; i++){ 207 | clientChallenge += String.fromCharCode( Math.floor(Math.random()*256) ); 208 | } 209 | var clientChallengeBytes = Buffer.from(clientChallenge, 'ascii'); 210 | var challenges = msg2.targetInfo 211 | ? calc_ntlmv2_resp(pwhash, username, domainName, msg2.targetInfo, nonce, clientChallengeBytes) 212 | : ntlm2sr_calc_resp(pwhash, nonce, clientChallengeBytes); 213 | lmChallengeResponse = challenges.lmChallengeResponse; 214 | ntChallengeResponse = challenges.ntChallengeResponse; 215 | } 216 | 217 | var signature = 'NTLMSSP\0'; 218 | 219 | var pos = 0; 220 | var buf = Buffer.alloc(BODY_LENGTH + domainNameBytes.length + usernameBytes.length + workstationBytes.length + lmChallengeResponse.length + ntChallengeResponse.length + encryptedRandomSessionKeyBytes.length); 221 | 222 | buf.write(signature, pos, signature.length); pos += signature.length; 223 | buf.writeUInt32LE(3, pos); pos += 4; // type 1 224 | 225 | buf.writeUInt16LE(lmChallengeResponse.length, pos); pos += 2; // LmChallengeResponseLen 226 | buf.writeUInt16LE(lmChallengeResponse.length, pos); pos += 2; // LmChallengeResponseMaxLen 227 | buf.writeUInt32LE(BODY_LENGTH + domainNameBytes.length + usernameBytes.length + workstationBytes.length, pos); pos += 4; // LmChallengeResponseOffset 228 | 229 | buf.writeUInt16LE(ntChallengeResponse.length, pos); pos += 2; // NtChallengeResponseLen 230 | buf.writeUInt16LE(ntChallengeResponse.length, pos); pos += 2; // NtChallengeResponseMaxLen 231 | buf.writeUInt32LE(BODY_LENGTH + domainNameBytes.length + usernameBytes.length + workstationBytes.length + lmChallengeResponse.length, pos); pos += 4; // NtChallengeResponseOffset 232 | 233 | buf.writeUInt16LE(domainNameBytes.length, pos); pos += 2; // DomainNameLen 234 | buf.writeUInt16LE(domainNameBytes.length, pos); pos += 2; // DomainNameMaxLen 235 | buf.writeUInt32LE(BODY_LENGTH, pos); pos += 4; // DomainNameOffset 236 | 237 | buf.writeUInt16LE(usernameBytes.length, pos); pos += 2; // UserNameLen 238 | buf.writeUInt16LE(usernameBytes.length, pos); pos += 2; // UserNameMaxLen 239 | buf.writeUInt32LE(BODY_LENGTH + domainNameBytes.length, pos); pos += 4; // UserNameOffset 240 | 241 | buf.writeUInt16LE(workstationBytes.length, pos); pos += 2; // WorkstationLen 242 | buf.writeUInt16LE(workstationBytes.length, pos); pos += 2; // WorkstationMaxLen 243 | buf.writeUInt32LE(BODY_LENGTH + domainNameBytes.length + usernameBytes.length, pos); pos += 4; // WorkstationOffset 244 | 245 | buf.writeUInt16LE(encryptedRandomSessionKeyBytes.length, pos); pos += 2; // EncryptedRandomSessionKeyLen 246 | buf.writeUInt16LE(encryptedRandomSessionKeyBytes.length, pos); pos += 2; // EncryptedRandomSessionKeyMaxLen 247 | buf.writeUInt32LE(BODY_LENGTH + domainNameBytes.length + usernameBytes.length + workstationBytes.length + lmChallengeResponse.length + ntChallengeResponse.length, pos); pos += 4; // EncryptedRandomSessionKeyOffset 248 | 249 | // Fix #98 250 | var flagsToWrite = isUnicode 251 | ? typeflags.NTLM_TYPE2_FLAGS 252 | : typeflags.NTLM_TYPE2_FLAGS - flags.NTLM_NegotiateUnicode; 253 | buf.writeUInt32LE(flagsToWrite , pos); pos += 4; // NegotiateFlags 254 | 255 | buf.writeUInt8(5, pos); pos++; // ProductMajorVersion 256 | buf.writeUInt8(1, pos); pos++; // ProductMinorVersion 257 | buf.writeUInt16LE(2600, pos); pos += 2; // ProductBuild 258 | buf.writeUInt8(0, pos); pos++; // VersionReserved1 259 | buf.writeUInt8(0, pos); pos++; // VersionReserved2 260 | buf.writeUInt8(0, pos); pos++; // VersionReserved3 261 | buf.writeUInt8(15, pos); pos++; // NTLMRevisionCurrent 262 | 263 | domainNameBytes.copy(buf, pos); pos += domainNameBytes.length; 264 | usernameBytes.copy(buf, pos); pos += usernameBytes.length; 265 | workstationBytes.copy(buf, pos); pos += workstationBytes.length; 266 | lmChallengeResponse.copy(buf, pos); pos += lmChallengeResponse.length; 267 | ntChallengeResponse.copy(buf, pos); pos += ntChallengeResponse.length; 268 | encryptedRandomSessionKeyBytes.copy(buf, pos); pos += encryptedRandomSessionKeyBytes.length; 269 | 270 | return 'NTLM ' + buf.toString('base64'); 271 | } 272 | 273 | function create_LM_hashed_password_v1(password){ 274 | // fix the password length to 14 bytes 275 | password = password.toUpperCase(); 276 | var passwordBytes = Buffer.from(password, 'ascii'); 277 | 278 | var passwordBytesPadded = Buffer.alloc(14); 279 | passwordBytesPadded.fill("\0"); 280 | var sourceEnd = 14; 281 | if(passwordBytes.length < 14) sourceEnd = passwordBytes.length; 282 | passwordBytes.copy(passwordBytesPadded, 0, 0, sourceEnd); 283 | 284 | // split into 2 parts of 7 bytes: 285 | var firstPart = passwordBytesPadded.slice(0,7); 286 | var secondPart = passwordBytesPadded.slice(7); 287 | 288 | function encrypt(buf){ 289 | var key = insertZerosEvery7Bits(buf); 290 | var des = desjs.DES.create({type: 'encrypt', key: key}); 291 | var magicKey = Buffer.from('KGS!@#$%', 'ascii'); // page 57 in [MS-NLMP] 292 | var encrypted = des.update(magicKey); 293 | return Buffer.from(encrypted); 294 | } 295 | 296 | var firstPartEncrypted = encrypt(firstPart); 297 | var secondPartEncrypted = encrypt(secondPart); 298 | 299 | return Buffer.concat([firstPartEncrypted, secondPartEncrypted]); 300 | } 301 | 302 | function insertZerosEvery7Bits(buf){ 303 | var binaryArray = bytes2binaryArray(buf); 304 | var newBinaryArray = []; 305 | for(var i=0; i array.length) 368 | break; 369 | 370 | var binString1 = '' + array[i] + '' + array[i+1] + '' + array[i+2] + '' + array[i+3]; 371 | var binString2 = '' + array[i+4] + '' + array[i+5] + '' + array[i+6] + '' + array[i+7]; 372 | var hexchar1 = binary2hex[binString1]; 373 | var hexchar2 = binary2hex[binString2]; 374 | 375 | var buf = Buffer.from(hexchar1 + '' + hexchar2, 'hex'); 376 | bufArray.push(buf); 377 | } 378 | 379 | return Buffer.concat(bufArray); 380 | } 381 | 382 | function create_NT_hashed_password_v1(password){ 383 | var buf = Buffer.from(password, 'utf16le'); 384 | var md4 = jsmd4.create(); 385 | md4.update(buf); 386 | return Buffer.from(md4.digest()); 387 | } 388 | 389 | function calc_resp(password_hash, server_challenge){ 390 | // padding with zeros to make the hash 21 bytes long 391 | var passHashPadded = Buffer.alloc(21); 392 | passHashPadded.fill("\0"); 393 | password_hash.copy(passHashPadded, 0, 0, password_hash.length); 394 | 395 | var resArray = []; 396 | 397 | var des = desjs.DES.create({type: 'encrypt', key: insertZerosEvery7Bits(passHashPadded.slice(0,7))}); 398 | resArray.push( Buffer.from(des.update(server_challenge.slice(0,8))) ); 399 | 400 | des = desjs.DES.create({type: 'encrypt', key: insertZerosEvery7Bits(passHashPadded.slice(7,14))}); 401 | resArray.push( Buffer.from(des.update(server_challenge.slice(0,8))) ); 402 | 403 | des = desjs.DES.create({type: 'encrypt', key: insertZerosEvery7Bits(passHashPadded.slice(14,21))}); 404 | resArray.push( Buffer.from(des.update(server_challenge.slice(0,8))) ); 405 | 406 | return Buffer.concat(resArray); 407 | } 408 | 409 | function hmac_md5(key, data){ 410 | var hmac = crypto.createHmac('md5', key); 411 | hmac.update(data); 412 | return hmac.digest(); 413 | } 414 | 415 | function ntlm2sr_calc_resp(responseKeyNT, serverChallenge, clientChallenge){ 416 | // padding with zeros to make the hash 16 bytes longer 417 | var lmChallengeResponse = Buffer.alloc(clientChallenge.length + 16); 418 | lmChallengeResponse.fill("\0"); 419 | clientChallenge.copy(lmChallengeResponse, 0, 0, clientChallenge.length); 420 | 421 | var buf = Buffer.concat([serverChallenge, clientChallenge]); 422 | var md5 = crypto.createHash('md5'); 423 | md5.update(buf); 424 | var sess = md5.digest(); 425 | var ntChallengeResponse = calc_resp(responseKeyNT, sess.slice(0,8)); 426 | 427 | return { 428 | lmChallengeResponse: lmChallengeResponse, 429 | ntChallengeResponse: ntChallengeResponse 430 | }; 431 | } 432 | 433 | function calc_ntlmv2_resp(pwhash, username, domain, targetInfo, serverChallenge, clientChallenge){ 434 | var responseKeyNTLM = NTOWFv2(pwhash, username, domain); 435 | 436 | var lmV2ChallengeResponse = Buffer.concat([ 437 | hmac_md5(responseKeyNTLM, Buffer.concat([serverChallenge, clientChallenge])), 438 | clientChallenge 439 | ]); 440 | 441 | // 11644473600000 = diff between 1970 and 1601 442 | var now = Date.now(); 443 | var timestamp = ((BigInt(now) + BigInt(11644473600000)) * BigInt(10000)); // we need BigInt to be able to write it to a buffer 444 | var timestampBuffer = Buffer.alloc(8); 445 | timestampBuffer.writeBigUInt64LE(timestamp); 446 | 447 | var zero32Bit = Buffer.alloc(4, 0) 448 | var temp = Buffer.concat([ 449 | // Version 450 | Buffer.from([0x01, 0x01, 0x00, 0x00]), 451 | zero32Bit, 452 | timestampBuffer, 453 | clientChallenge, 454 | zero32Bit, 455 | targetInfo, 456 | zero32Bit 457 | ]); 458 | var proofString = hmac_md5(responseKeyNTLM, Buffer.concat([serverChallenge, temp])); 459 | var ntV2ChallengeResponse = Buffer.concat([proofString, temp]); 460 | 461 | return { 462 | lmChallengeResponse: lmV2ChallengeResponse, 463 | ntChallengeResponse: ntV2ChallengeResponse 464 | }; 465 | } 466 | 467 | function NTOWFv2(pwhash, user, domain){ 468 | return hmac_md5(pwhash, Buffer.from(user.toUpperCase() + domain, 'utf16le')); 469 | } 470 | 471 | exports.createType1Message = createType1Message; 472 | exports.parseType2Message = parseType2Message; 473 | exports.createType3Message = createType3Message; 474 | exports.create_NT_hashed_password = create_NT_hashed_password_v1; 475 | exports.create_LM_hashed_password = create_LM_hashed_password_v1; 476 | 477 | 478 | 479 | 480 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "httpntlm", 3 | "description": "httpntlm is a Node.js library to do HTTP NTLM authentication", 4 | "version": "1.8.13", 5 | "dependencies": { 6 | "des.js": "^1.0.1", 7 | "httpreq": ">=0.4.22", 8 | "js-md4": "^0.3.2", 9 | "underscore": "~1.12.1" 10 | }, 11 | "author": { 12 | "name": "Sam Decrock", 13 | "url": "https://github.com/SamDecrock/" 14 | }, 15 | "contributors": [ 16 | { 17 | "name": "Martin Andreas Ullrich", 18 | "url": "https://github.com/dasMulli" 19 | } 20 | ], 21 | "bugs": { 22 | "url": "https://github.com/SamDecrock/node-http-ntlm/issues" 23 | }, 24 | "engines": { 25 | "node": ">=10.4.0" 26 | }, 27 | "repository": { 28 | "type": "git", 29 | "url": "git://github.com/SamDecrock/node-http-ntlm.git" 30 | }, 31 | "main": "./httpntlm", 32 | "licenses": [ 33 | { 34 | "type": "MIT", 35 | "url": "http://www.opensource.org/licenses/mit-license.php" 36 | } 37 | ], 38 | "scripts": { 39 | "test": "mocha" 40 | }, 41 | "funding": [ 42 | { 43 | "type": "paypal", 44 | "url": "https://www.paypal.com/donate/?hosted_button_id=2CKNJLZJBW8ZC" 45 | }, 46 | { 47 | "type": "buymeacoffee", 48 | "url": "https://www.buymeacoffee.com/samdecrock" 49 | } 50 | ], 51 | "devDependencies": { 52 | "express": "^4.18.2", 53 | "express-ntlm": "^2.6.2", 54 | "mocha": "^10.2.0", 55 | "rewire": "^6.0.0" 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /test/integration.js: -------------------------------------------------------------------------------- 1 | var httpntlm = require('../httpntlm'); 2 | var httpreq = require('httpreq'); 3 | var http = require('http'); 4 | var https = require('https'); 5 | var assert = require('assert'); 6 | var express = require('express'); 7 | var ntlm = require('express-ntlm'); 8 | 9 | 10 | var server; 11 | 12 | 13 | describe('Integration tests', () => { 14 | 15 | before(function (done) { 16 | // Start express.js server 17 | var app = express(); 18 | 19 | app.use(ntlm({ 20 | debug: function() { 21 | var args = Array.prototype.slice.apply(arguments); 22 | console.log.apply(null, args); 23 | }, 24 | domain: 'MYDOMAIN', 25 | 26 | // use different port (default: 389) 27 | // domaincontroller: 'ldap://myad.example:3899', 28 | })); 29 | 30 | app.all('*', function(request, response) { 31 | // console.log('> incoming NTLM request'); 32 | // console.log('> headers:', request.headers); 33 | // console.log('> ntlm data:', request.ntlm); 34 | 35 | var data = { 36 | ntlm: request.ntlm, 37 | headers: request.headers 38 | } 39 | 40 | response.end(JSON.stringify(data)); 41 | }); 42 | 43 | 44 | 45 | server = app.listen(3000, () => { 46 | // console.log(`Listening on port 3000`); 47 | done(); 48 | }); 49 | }); 50 | 51 | after(function () { 52 | // Stop express.js server 53 | server.close(); 54 | }); 55 | 56 | 57 | it('simple authorization', (done) => { 58 | httpntlm.get({ 59 | url: "http://localhost:3000", 60 | username: 'm$', 61 | password: 'stinks', 62 | workstation: 'choose.something', 63 | domain: 'somedomain' 64 | }, function (err, res){ 65 | if(err) return done(err); 66 | 67 | // console.log(res.headers); 68 | var data = JSON.parse(res.body); 69 | assert.equal(data.ntlm.Authenticated, true); 70 | done(); 71 | }); 72 | }); 73 | 74 | it('reuse keep-alive agent', (done) => { 75 | var myKeepaliveAgent = new http.Agent({keepAlive: true}); 76 | 77 | httpntlm.get({ 78 | url: "http://localhost:3000", 79 | username: 'm$', 80 | password: 'stinks', 81 | workstation: 'choose.something', 82 | domain: 'somedomain', 83 | agent: myKeepaliveAgent 84 | }, function (err, res){ 85 | if(err) return done(err); 86 | 87 | 88 | httpntlm.get({ 89 | url: "http://localhost:3000", 90 | username: 'm$', 91 | password: 'stinks', 92 | workstation: 'choose.something', 93 | domain: 'somedomain', 94 | agent: myKeepaliveAgent 95 | }, function (err, res){ 96 | if(err) return done(err); 97 | 98 | 99 | var data = JSON.parse(res.body); 100 | assert.equal(data.ntlm.Authenticated, true); 101 | done(); 102 | }); 103 | 104 | }); 105 | }); 106 | 107 | it('custom headers', (done) => { 108 | httpntlm.get({ 109 | url: "http://localhost:3000/testheaders", 110 | username: 'm$', 111 | password: 'stinks', 112 | workstation: 'choose.something', 113 | domain: 'somedomain', 114 | headers: { 115 | 'user-agent': 'my-useragent', 116 | 'Authorization': 'will-be-omitted-by-the-module' 117 | } 118 | }, function (err, res){ 119 | if(err) return done(err); 120 | 121 | var data = JSON.parse(res.body); 122 | assert.equal(data.ntlm.Authenticated, true); 123 | assert.equal(data.headers['user-agent'], 'my-useragent'); 124 | done(); 125 | }); 126 | }); 127 | 128 | }); 129 | 130 | -------------------------------------------------------------------------------- /test/unit.js: -------------------------------------------------------------------------------- 1 | var rewire = require("rewire"); 2 | var ntlm = rewire("../ntlm.js"); 3 | var assert = require('assert'); 4 | 5 | 6 | describe('Unit tests', () => { 7 | it('create_LM_hashed_password_v1', () => { 8 | const create_LM_hashed_password_v1 = ntlm.__get__("create_LM_hashed_password_v1"); 9 | 10 | var realResponse = create_LM_hashed_password_v1('Azx123456'); 11 | // console.log('realResponse', realResponse); 12 | 13 | var expectedResponse = Buffer.from([0xb7, 0xb4, 0x13, 0x5f, 0xa3, 0x05, 0x76, 0x82, 0x1e, 0x92, 0x9f, 0xfc, 0x01, 0x39, 0x51, 0x27]); 14 | assert.deepEqual(realResponse, expectedResponse); 15 | }); 16 | 17 | it('create_LM_hashed_password_v1', () => { 18 | const create_LM_hashed_password_v1 = ntlm.__get__("create_LM_hashed_password_v1"); 19 | 20 | var realResponse = create_LM_hashed_password_v1('Azx123456Azx123456'); 21 | // console.log('realResponse', realResponse); 22 | 23 | var expectedResponse = Buffer.from([0xb7, 0xb4, 0x13, 0x5f, 0xa3, 0x05, 0x76, 0x82, 0x17, 0x48, 0x74, 0x2b, 0xc4, 0xcf, 0xed, 0x38]); 24 | assert.deepEqual(realResponse, expectedResponse); 25 | }); 26 | 27 | it('createType1Message', () => { 28 | const createType1Message = ntlm.__get__("createType1Message"); 29 | 30 | var options = { 31 | url: "https://someurl.com", 32 | username: 'someUsername', 33 | password: 'stinks', 34 | workstation: 'choose.something', 35 | domain: 'someDomain' 36 | }; 37 | 38 | var realResponse = createType1Message(options); 39 | // console.log('type1 message:', realResponse); 40 | 41 | var expectedResponse = "NTLM TlRMTVNTUAABAAAAB7IIogoACgA4AAAAEAAQACgAAAAFASgKAAAAD0NIT09TRS5TT01FVEhJTkdTT01FRE9NQUlO"; 42 | assert.equal(realResponse, expectedResponse); 43 | }); 44 | 45 | it('createType1Message (no domain)', () => { 46 | const createType1Message = ntlm.__get__("createType1Message"); 47 | 48 | var options = { 49 | url: "https://someurl.com", 50 | username: 'm$', 51 | password: 'stinks', 52 | workstation: 'choose.something', 53 | domain: '' 54 | }; 55 | 56 | var realResponse = createType1Message(options); 57 | // console.log('type1 message:', realResponse); 58 | 59 | var expectedResponse = "NTLM TlRMTVNTUAABAAAAB6IIogAAAAA4AAAAEAAQACgAAAAFASgKAAAAD0NIT09TRS5TT01FVEhJTkc="; 60 | assert.equal(realResponse, expectedResponse); 61 | }); 62 | 63 | it('createType1Message (no workstation)', () => { 64 | const createType1Message = ntlm.__get__("createType1Message"); 65 | 66 | var options = { 67 | url: "https://someurl.com", 68 | username: 'm$', 69 | password: 'stinks', 70 | workstation: '', 71 | domain: '' 72 | }; 73 | 74 | var realResponse = createType1Message(options); 75 | // console.log('type1 message:', realResponse); 76 | 77 | var expectedResponse = "NTLM TlRMTVNTUAABAAAAB6IIogAAAAAoAAAAAAAAACgAAAAFASgKAAAADw=="; 78 | assert.equal(realResponse, expectedResponse); 79 | }); 80 | 81 | it('createType1Message (empty options)', () => { 82 | const createType1Message = ntlm.__get__("createType1Message"); 83 | 84 | var options = {}; 85 | 86 | var realResponse = createType1Message(options); 87 | // console.log('type1 message (empty options):', realResponse); 88 | 89 | var expectedResponse = "NTLM TlRMTVNTUAABAAAAB6IIogAAAAAoAAAAAAAAACgAAAAFASgKAAAADw=="; 90 | assert.equal(realResponse, expectedResponse); 91 | }); 92 | 93 | it('parseType2Message', () => { 94 | const parseType2Message = ntlm.__get__("parseType2Message"); 95 | 96 | var type2Message = 'NTLM ' + 97 | 'TlRMTVNTUAACAAAAHgAeADgAAAAFgoqiBevywvJykjAAAAAAAAAAAJgAmABWAAAA' + 98 | 'CgC6RwAAAA9EAEUAUwBLAFQATwBQAC0ASgBTADQAVQBKAFQARAACAB4ARABFAFMA' + 99 | 'SwBUAE8AUAAtAEoAUwA0AFUASgBUAEQAAQAeAEQARQBTAEsAVABPAFAALQBKAFMA' + 100 | 'NABVAEoAVABEAAQAHgBEAEUAUwBLAFQATwBQAC0ASgBTADQAVQBKAFQARAADAB4A' + 101 | 'RABFAFMASwBUAE8AUAAtAEoAUwA0AFUASgBUAEQABwAIADmguzCHn9UBAAAAAA=='; 102 | 103 | var realResponse = parseType2Message(type2Message, function (err) { 104 | console.log(err); 105 | }); 106 | // console.log('parsed type2 message:', realResponse); 107 | 108 | // var dd = Array.prototype.map.call(new Uint8Array(realResponse.targetInfo), 109 | // x => ('00' + x.toString(16)).slice(-2)) 110 | // .join('').match(/[a-fA-F0-9]{2}/g).join(', 0x'); 111 | // console.log(dd); 112 | 113 | var expectedResponse = { 114 | signature: Buffer.from([0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00]), 115 | type: 2, 116 | targetNameLen: 30, 117 | targetNameMaxLen: 30, 118 | targetNameOffset: 56, 119 | targetName: Buffer.from([0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00]), 120 | negotiateFlags: -1567981051, 121 | serverChallenge: Buffer.from([0x05, 0xeb, 0xf2, 0xc2, 0xf2, 0x72, 0x92, 0x30]), 122 | reserved: Buffer.from([0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]), 123 | targetInfoLen: 152, 124 | targetInfoMaxLen: 152, 125 | targetInfoOffset: 86, 126 | targetInfo: Buffer.from([0x02, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x01, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x04, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x03, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x07, 0x00, 0x08, 0x00, 0x39, 0xa0, 0xbb, 0x30, 0x87, 0x9f, 0xd5, 0x01, 0x00, 0x00, 0x00, 0x00]) 127 | }; 128 | 129 | assert.deepEqual(realResponse, expectedResponse); 130 | }); 131 | 132 | it('createType3Message', () => { 133 | const createType3Message = ntlm.__get__("createType3Message"); 134 | 135 | var mathMock = { 136 | random: function () { 137 | return 0.8092; 138 | }, 139 | floor: Math.floor 140 | }; 141 | ntlm.__set__("Math", mathMock); 142 | 143 | var dateMock = { 144 | now: function () { 145 | return 1679346960095; 146 | } 147 | }; 148 | ntlm.__set__("Date", dateMock); 149 | 150 | var type2Message = { 151 | signature: Buffer.from([0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00]), 152 | type: 2, 153 | targetNameLen: 30, 154 | targetNameMaxLen: 30, 155 | targetNameOffset: 56, 156 | targetName: Buffer.from([0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00]), 157 | negotiateFlags: -1567981051, 158 | serverChallenge: Buffer.from([0x05, 0xeb, 0xf2, 0xc2, 0xf2, 0x72, 0x92, 0x30]), 159 | reserved: Buffer.from([0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]), 160 | targetInfoLen: 152, 161 | targetInfoMaxLen: 152, 162 | targetInfoOffset: 86, 163 | targetInfo: Buffer.from([0x02, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x01, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x04, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x03, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x07, 0x00, 0x08, 0x00, 0x39, 0xa0, 0xbb, 0x30, 0x87, 0x9f, 0xd5, 0x01, 0x00, 0x00, 0x00, 0x00]) 164 | }; 165 | 166 | var options = { 167 | url: "https://someurl.com", 168 | username: 'm$', 169 | password: 'stinks', 170 | workstation: 'choose.something', 171 | domain: '' 172 | }; 173 | 174 | var realResponse = createType3Message(type2Message, options); 175 | // console.log('type3 message:', realResponse); 176 | 177 | var expectedResponse = "NTLM TlRMTVNTUAADAAAAGAAYAGwAAADIAMgAhAAAAAAAAABIAAAABAAEAEgAAAAgACAATAAAAAAAAABMAQAABYKIogUBKAoAAAAPbQAkAEMASABPAE8AUwBFAC4AUwBPAE0ARQBUAEgASQBOAEcA34OQvQRxhMrl/ZdqHfdXsc/Pz8/Pz8/PBRktHt+/zDBHvSp4tqmfpwEBAAAAAAAA8OZaK3Fb2QHPz8/Pz8/PzwAAAAACAB4ARABFAFMASwBUAE8AUAAtAEoAUwA0AFUASgBUAEQAAQAeAEQARQBTAEsAVABPAFAALQBKAFMANABVAEoAVABEAAQAHgBEAEUAUwBLAFQATwBQAC0ASgBTADQAVQBKAFQARAADAB4ARABFAFMASwBUAE8AUAAtAEoAUwA0AFUASgBUAEQABwAIADmguzCHn9UBAAAAAAAAAAA="; 178 | assert.equal(realResponse, expectedResponse); 179 | }); 180 | 181 | it('createType3Message (negotiateFlags zero)', () => { 182 | const createType3Message = ntlm.__get__("createType3Message"); 183 | 184 | var mathMock = { 185 | random: function () { 186 | return 0.8092; 187 | }, 188 | floor: Math.floor 189 | }; 190 | ntlm.__set__("Math", mathMock); 191 | 192 | var dateMock = { 193 | now: function () { 194 | return 1679346960095; 195 | } 196 | }; 197 | ntlm.__set__("Date", dateMock); 198 | 199 | var type2Message = { 200 | signature: Buffer.from([0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00]), 201 | type: 2, 202 | targetNameLen: 30, 203 | targetNameMaxLen: 30, 204 | targetNameOffset: 56, 205 | targetName: Buffer.from([0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00]), 206 | negotiateFlags: 0, 207 | serverChallenge: Buffer.from([0x05, 0xeb, 0xf2, 0xc2, 0xf2, 0x72, 0x92, 0x30]), 208 | reserved: Buffer.from([0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]), 209 | targetInfoLen: 152, 210 | targetInfoMaxLen: 152, 211 | targetInfoOffset: 86, 212 | targetInfo: Buffer.from([0x02, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x01, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x04, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x03, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x07, 0x00, 0x08, 0x00, 0x39, 0xa0, 0xbb, 0x30, 0x87, 0x9f, 0xd5, 0x01, 0x00, 0x00, 0x00, 0x00]) 213 | }; 214 | 215 | var options = { 216 | url: "https://someurl.com", 217 | username: 'm$', 218 | password: 'stinks', 219 | workstation: 'choose.something', 220 | domain: '' 221 | }; 222 | 223 | var realResponse = createType3Message(type2Message, options); 224 | // console.log('type3 message:', realResponse); 225 | 226 | var expectedResponse = "NTLM TlRMTVNTUAADAAAAGAAYAFoAAAAYABgAcgAAAAAAAABIAAAAAgACAEgAAAAQABAASgAAAAAAAACKAAAABIKIogUBKAoAAAAPbSRDSE9PU0UuU09NRVRISU5HEBenAMbG/BJagLAbC+ssxjoV6DmoMZnLPnIxjabRKh2kis6avHJoHUvdnSQrhLYz"; 227 | assert.equal(realResponse, expectedResponse); 228 | }); 229 | 230 | it('createType3Message (empty options)', () => { 231 | const createType3Message = ntlm.__get__("createType3Message"); 232 | 233 | var mathMock = { 234 | random: function () { 235 | return 0.8092; 236 | }, 237 | floor: Math.floor 238 | }; 239 | ntlm.__set__("Math", mathMock); 240 | 241 | var dateMock = { 242 | now: function () { 243 | return 1679346960095; 244 | } 245 | }; 246 | ntlm.__set__("Date", dateMock); 247 | 248 | var type2Message = { 249 | signature: Buffer.from([0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00]), 250 | type: 2, 251 | targetNameLen: 30, 252 | targetNameMaxLen: 30, 253 | targetNameOffset: 56, 254 | targetName: Buffer.from([0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00]), 255 | negotiateFlags: -1567981051, 256 | serverChallenge: Buffer.from([0x05, 0xeb, 0xf2, 0xc2, 0xf2, 0x72, 0x92, 0x30]), 257 | reserved: Buffer.from([0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]), 258 | targetInfoLen: 152, 259 | targetInfoMaxLen: 152, 260 | targetInfoOffset: 86, 261 | targetInfo: Buffer.from([0x02, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x01, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x04, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x03, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x07, 0x00, 0x08, 0x00, 0x39, 0xa0, 0xbb, 0x30, 0x87, 0x9f, 0xd5, 0x01, 0x00, 0x00, 0x00, 0x00]) 262 | }; 263 | 264 | var options = {}; 265 | 266 | var realResponse = createType3Message(type2Message, options); 267 | // console.log('type3 message:', realResponse); 268 | 269 | var expectedResponse = "NTLM TlRMTVNTUAADAAAAGAAYAEgAAADIAMgAYAAAAAAAAABIAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAoAQAABYKIogUBKAoAAAAPwARIPPqPB18BtDy2SiF1us/Pz8/Pz8/P52yYCH+rc7F7jUeUnayiPQEBAAAAAAAA8OZaK3Fb2QHPz8/Pz8/PzwAAAAACAB4ARABFAFMASwBUAE8AUAAtAEoAUwA0AFUASgBUAEQAAQAeAEQARQBTAEsAVABPAFAALQBKAFMANABVAEoAVABEAAQAHgBEAEUAUwBLAFQATwBQAC0ASgBTADQAVQBKAFQARAADAB4ARABFAFMASwBUAE8AUAAtAEoAUwA0AFUASgBUAEQABwAIADmguzCHn9UBAAAAAAAAAAA="; 270 | assert.equal(realResponse, expectedResponse); 271 | }); 272 | 273 | it('insertZerosEvery7Bits', () => { 274 | const insertZerosEvery7Bits = ntlm.__get__("insertZerosEvery7Bits"); 275 | 276 | 277 | var realResponse = insertZerosEvery7Bits(Buffer.from([0x41, 0x5a, 0x58, 0x31, 0x32, 0x33, 0x34])); 278 | // console.log('realResponse:', realResponse); 279 | 280 | var expectedResponse = Buffer.from([0x40, 0xac, 0x96, 0x06, 0x12, 0x90, 0xcc, 0x68]); 281 | assert.deepEqual(realResponse, expectedResponse); 282 | }); 283 | 284 | it('bytes2binaryArray', () => { 285 | const bytes2binaryArray = ntlm.__get__("bytes2binaryArray"); 286 | 287 | 288 | var realResponse = bytes2binaryArray(Buffer.from([0x41, 0x5a, 0x58, 0x31, 0x32, 0x33, 0x34])); 289 | // console.log('realResponse:', realResponse); 290 | 291 | var expectedResponse = [ 292 | 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 293 | 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 0, 294 | 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 295 | 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 296 | 0, 0, 1, 1, 0, 1, 0, 0 297 | ]; 298 | assert.deepEqual(realResponse, expectedResponse); 299 | }); 300 | 301 | it('binaryArray2bytes', () => { 302 | const binaryArray2bytes = ntlm.__get__("binaryArray2bytes"); 303 | 304 | 305 | var realResponse = binaryArray2bytes([ 306 | 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 307 | 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 0, 308 | 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 309 | 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 310 | 0, 0, 1, 1, 0, 1, 0, 0 311 | ]); 312 | // console.log('realResponse:', realResponse); 313 | 314 | var expectedResponse = Buffer.from([0x41, 0x5a, 0x58, 0x31, 0x32, 0x33, 0x34]); 315 | assert.deepEqual(realResponse, expectedResponse); 316 | }); 317 | 318 | it('create_NT_hashed_password_v1', () => { 319 | const create_NT_hashed_password_v1 = ntlm.__get__("create_NT_hashed_password_v1"); 320 | 321 | var realResponse = create_NT_hashed_password_v1('Azx123456'); 322 | // console.log('realResponse', realResponse); 323 | 324 | var expectedResponse = Buffer.from([0x96, 0x1b, 0x07, 0xdb, 0xdc, 0xcf, 0x86, 0x9f, 0x2a, 0x3c, 0x99, 0x1c, 0x83, 0x94, 0x0e, 0x01]); 325 | assert.deepEqual(realResponse, expectedResponse); 326 | }); 327 | 328 | it('calc_resp', () => { 329 | const calc_resp = ntlm.__get__("calc_resp"); 330 | 331 | var password_hash = Buffer.from([ 183, 180, 19, 95, 163, 5, 118, 130, 30, 146, 159, 1, 57, 81, 39, 252, 1, 57, 81, 39, 252 ]); 332 | var server_challenge = Buffer.from([150, 27, 7, 219, 220, 207, 134, 159]); 333 | 334 | var realResponse = calc_resp(password_hash, server_challenge); 335 | // console.log('calc_resp:', realResponse); 336 | 337 | var expectedResponse = Buffer.from([0xaf, 0x00, 0xee, 0x2f, 0xd7, 0x8c, 0xaf, 0x4a, 0xab, 0x57, 0xcc, 0xcb, 0xb0, 0x93, 0x58, 0x62, 0x31, 0x69, 0x02, 0x92, 0x4d, 0x34, 0xbc, 0x92]); 338 | assert.deepEqual(realResponse, expectedResponse); 339 | }); 340 | 341 | it('hmac_md5', () => { 342 | const hmac_md5 = ntlm.__get__("hmac_md5"); 343 | 344 | 345 | var realResponse = hmac_md5('somekey', 'somedata'); 346 | // console.log('realResponse:', realResponse); 347 | 348 | var expectedResponse = Buffer.from([0x7e, 0x58, 0x72, 0xda, 0x5d, 0x34, 0xa8, 0x22, 0x58, 0x4a, 0x69, 0x8f, 0xe7, 0xdb, 0x6c, 0x10]); 349 | assert.deepEqual(realResponse, expectedResponse); 350 | }); 351 | 352 | it('ntlm2sr_calc_resp', () => { 353 | const ntlm2sr_calc_resp = ntlm.__get__("ntlm2sr_calc_resp"); 354 | 355 | var realResponse = ntlm2sr_calc_resp( 356 | Buffer.from([0x1b, 0xc8, 0x2f, 0x16, 0xdd, 0xcc, 0xbd, 0x4d, 0xac, 0xfc, 0xba, 0x4d, 0xcb, 0xc3, 0x51, 0x9d]), 357 | Buffer.from([0x05, 0xeb, 0xf2, 0xc2, 0xf2, 0x72, 0x92, 0x30]), 358 | Buffer.from([0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf]) 359 | ); 360 | // console.log('realResponse:', realResponse); 361 | 362 | var expectedResponse = { 363 | lmChallengeResponse: Buffer.from([0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]), 364 | ntChallengeResponse: Buffer.from([0x2b, 0x8f, 0x56, 0xa4, 0x3f, 0x61, 0xdd, 0x6a, 0xa1, 0xa5, 0x57, 0xbe, 0xea, 0x81, 0x4b, 0x2c, 0x36, 0x56, 0x79, 0x5d, 0x7f, 0xa5, 0x3a, 0x51]) 365 | } 366 | assert.deepEqual(realResponse, expectedResponse); 367 | }); 368 | 369 | it('calc_ntlmv2_resp', () => { 370 | const calc_ntlmv2_resp = ntlm.__get__("calc_ntlmv2_resp"); 371 | 372 | var dateMock = { 373 | now: function () { 374 | return 1679346960095; 375 | } 376 | }; 377 | ntlm.__set__("Date", dateMock); 378 | 379 | 380 | var realResponse = calc_ntlmv2_resp( 381 | Buffer.from([0x1b, 0xc8, 0x2f, 0x16, 0xdd, 0xcc, 0xbd, 0x4d, 0xac, 0xfc, 0xba, 0x4d, 0xcb, 0xc3, 0x51, 0x9d]), 382 | 'm$', 383 | '', 384 | Buffer.from([0x02, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x01, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x04, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x03, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x07, 0x00, 0x08, 0x00, 0x39, 0xa0, 0xbb, 0x30, 0x87, 0x9f, 0xd5, 0x01, 0x00, 0x00, 0x00, 0x00]), 385 | Buffer.from([0x05, 0xeb, 0xf2, 0xc2, 0xf2, 0x72, 0x92, 0x30]), 386 | Buffer.from([0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf]) 387 | ); 388 | // console.log('realResponse:', realResponse); 389 | 390 | 391 | var expectedResponse = { 392 | lmChallengeResponse: Buffer.from([0xdf, 0x83, 0x90, 0xbd, 0x04, 0x71, 0x84, 0xca, 0xe5, 0xfd, 0x97, 0x6a, 0x1d, 0xf7, 0x57, 0xb1, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf]), 393 | ntChallengeResponse: Buffer.from([0x05, 0x19, 0x2d, 0x1e, 0xdf, 0xbf, 0xcc, 0x30, 0x47, 0xbd, 0x2a, 0x78, 0xb6, 0xa9, 0x9f, 0xa7, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf0, 0xe6, 0x5a, 0x2b, 0x71, 0x5b, 0xd9, 0x01, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x01, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x04, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x03, 0x00, 0x1e, 0x00, 0x44, 0x00, 0x45, 0x00, 0x53, 0x00, 0x4b, 0x00, 0x54, 0x00, 0x4f, 0x00, 0x50, 0x00, 0x2d, 0x00, 0x4a, 0x00, 0x53, 0x00, 0x34, 0x00, 0x55, 0x00, 0x4a, 0x00, 0x54, 0x00, 0x44, 0x00, 0x07, 0x00, 0x08, 0x00, 0x39, 0xa0, 0xbb, 0x30, 0x87, 0x9f, 0xd5, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]) 394 | } 395 | assert.deepEqual(realResponse, expectedResponse); 396 | }); 397 | 398 | it('NTOWFv2', () => { 399 | const NTOWFv2 = ntlm.__get__("NTOWFv2"); 400 | 401 | 402 | var realResponse = NTOWFv2( 403 | Buffer.from([0x1b, 0xc8, 0x2f, 0x16, 0xdd, 0xcc, 0xbd, 0x4d, 0xac, 0xfc, 0xba, 0x4d, 0xcb, 0xc3, 0x51, 0x9d]), 404 | 'someUsername', 405 | 'someDomain'); 406 | // console.log('realResponse', realResponse); 407 | 408 | var expectedResponse = Buffer.from([0x26, 0xd9, 0xf6, 0xea, 0x4d, 0x31, 0xd7, 0xf5, 0x12, 0xfb, 0x5f, 0xb4, 0x50, 0xd0, 0x9d, 0xf4]); 409 | assert.deepEqual(realResponse, expectedResponse); 410 | }); 411 | }); 412 | --------------------------------------------------------------------------------