Skip to content

Commit

Permalink
Fix CG
Browse files Browse the repository at this point in the history
- Replaced crypto package(DES-ECB and MD4 algorythms calls) to a packages as they are become legacy in openssl3 which is used new node
  • Loading branch information
DmitriiBobreshev committed Jun 3, 2024
1 parent ff807b1 commit b75d429
Showing 3 changed files with 29 additions and 20 deletions.
4 changes: 2 additions & 2 deletions lib/opensource/Node-SMB/lib/common.js
Original file line number Diff line number Diff line change
@@ -30,7 +30,7 @@ function oddpar(buf)
*/
function expandkey(key56)
{
var key64 = new Buffer(8);
var key64 = Buffer.alloc(8);

key64[0] = key56[0] & 0xFE;
key64[1] = ((key56[0] << 7) & 0xFF) | (key56[1] >> 1);
@@ -49,7 +49,7 @@ function expandkey(key56)
*/
function bintohex(bin)
{
var buf = (Buffer.isBuffer(buf) ? buf : new Buffer(bin, 'binary'));
var buf = (Buffer.isBuffer(buf) ? buf : Buffer.from(bin, 'binary'));
var str = buf.toString('hex').toUpperCase();
return zeroextend(str, 32);
}
24 changes: 15 additions & 9 deletions lib/opensource/Node-SMB/lib/ntlm.js
Original file line number Diff line number Diff line change
@@ -4,6 +4,7 @@ var $ = require('./common');
var lmhashbuf = require('./smbhash').lmhashbuf;
var nthashbuf = require('./smbhash').nthashbuf;

var desjs = require("des.js");

function encodeType1(hostname, ntdomain) {
hostname = hostname.toUpperCase();
@@ -12,7 +13,7 @@ function encodeType1(hostname, ntdomain) {
var ntdomainlen = Buffer.byteLength(ntdomain, 'ascii');

var pos = 0;
var buf = new Buffer(32 + hostnamelen + ntdomainlen);
var buf = Buffer.alloc(32 + hostnamelen + ntdomainlen);

buf.write('NTLMSSP', pos, 7, 'ascii'); // byte protocol[8];
pos += 7;
@@ -86,10 +87,10 @@ function encodeType3(username, hostname, ntdomain, nonce, password) {
hostname = hostname.toUpperCase();
ntdomain = ntdomain.toUpperCase();

var lmh = new Buffer(21);
var lmh = Buffer.alloc(21);
lmhashbuf(password).copy(lmh);
lmh.fill(0x00, 16); // null pad to 21 bytes
var nth = new Buffer(21);
var nth = Buffer.alloc(21);
nthashbuf(password).copy(nth);
nth.fill(0x00, 16); // null pad to 21 bytes

@@ -110,7 +111,7 @@ function encodeType3(username, hostname, ntdomain, nonce, password) {

var pos = 0;
var msg_len = 64 + ntdomainlen + usernamelen + hostnamelen + lmrlen + ntrlen;
var buf = new Buffer(msg_len);
var buf = Buffer.alloc(msg_len);

buf.write('NTLMSSP', pos, 7, 'ascii'); // byte protocol[8];
pos += 7;
@@ -189,12 +190,17 @@ function encodeType3(username, hostname, ntdomain, nonce, password) {

function makeResponse(hash, nonce)
{
var out = new Buffer(24);
var out = Buffer.alloc(24);

for (var i = 0; i < 3; i++) {
var keybuf = $.oddpar($.expandkey(hash.slice(i * 7, i * 7 + 7)));
var des = crypto.createCipheriv('DES-ECB', keybuf, '');
var str = des.update(nonce.toString('binary'), 'binary', 'binary');
out.write(str, i * 8, i * 8 + 8, 'binary');

var des = desjs.DES.create({type: 'encrypt', key: keybuf});
var magicKey = Buffer.from(nonce.toString('binary'));
var insertBuff = Buffer.from(des.update(magicKey));

out.fill(insertBuff, i * 8, i * 8 + 8, 'binary');

}
return out;
}
@@ -210,7 +216,7 @@ exports.challengeHeader = function (hostname, domain) {
};

exports.responseHeader = function (res, url, domain, username, password) {
var serverNonce = new Buffer((res.headers['www-authenticate'].match(/^NTLM\s+(.+?)(,|\s+|$)/) || [])[1], 'base64');
var serverNonce = Buffer.from((res.headers['www-authenticate'].match(/^NTLM\s+(.+?)(,|\s+|$)/) || [])[1], 'base64');
var hostname = require('url').parse(url).hostname;
return 'NTLM ' + exports.encodeType3(username, hostname, domain, exports.decodeType2(serverNonce), password).toString('base64')
};
21 changes: 12 additions & 9 deletions lib/opensource/Node-SMB/lib/smbhash.js
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
var crypto = require('crypto');
var $ = require('./common');

var jsmd4 = require("js-md4");
var desjs = require("des.js");

/*
* Generate the LM Hash
*/
@@ -11,7 +13,7 @@ function lmhashbuf(inputstr)
var xl = Buffer.byteLength(x, 'ascii');

/* null pad to 14 bytes */
var y = new Buffer(14);
var y = Buffer.alloc(14);
y.write(x, 0, xl, 'ascii');
y.fill(0, xl);

@@ -24,12 +26,13 @@ function lmhashbuf(inputstr)
/* DES encrypt magic number "KGS!@#$%" to two
* 8-byte ciphertexts, (ECB, no padding)
*/
var buf = new Buffer(16);
var buf = Buffer.alloc(16);
var pos = 0;
var cts = halves.forEach(function(z) {
var des = crypto.createCipheriv('DES-ECB', z, '');
var str = des.update('KGS!@#$%', 'binary', 'binary');
buf.write(str, pos, pos + 8, 'binary');
var des = desjs.DES.create({type: 'encrypt', key: z});
var magicKey = Buffer.from('KGS!@#$%', 'ascii');
var insertBuff = Buffer.from(des.update(magicKey));
buf.fill(insertBuff, pos, pos + 8, 'binary');
pos += 8;
});

@@ -41,10 +44,10 @@ function lmhashbuf(inputstr)
function nthashbuf(str)
{
/* take MD4 hash of UCS-2 encoded password */
var ucs2 = new Buffer(str, 'ucs2');
var md4 = crypto.createHash('md4');
var ucs2 = Buffer.from(str, 'ucs2');
var md4 = jsmd4.create();
md4.update(ucs2);
return new Buffer(md4.digest('binary'), 'binary');
return Buffer.from(md4.digest('binary'), 'binary');
}

function lmhash(is)

0 comments on commit b75d429

Please sign in to comment.