;ELC ;;; Compiled ;;; in Emacs version 28.0.50 ;;; with all optimizations. (byte-code "\300\301!\210\300\302!\210\300\303!\210\304\305\306\307\310\311\312\313&\210\314\315\316\317\320\321%\207" [require md4 hmac-md5 calc custom-declare-group ntlm nil "NTLM (NT LanManager) authentication." :version "25.1" :group comm custom-declare-variable ntlm-compatibility-level 5 "The NTLM compatibility level.\nOrdered from 0, the oldest, least-secure level through 5, the\nnewest, most-secure level. Newer servers may reject lower\nlevels. At levels 3 through 5, send LMv2 and NTLMv2 responses.\nAt levels 0, 1 and 2, send LM and NTLM responses.\n\nIn this implementation, levels 0, 1 and 2 are the same (old,\ninsecure), and levels 3, 4 and 5 are the same (new, secure). If\nNTLM authentication isn't working at level 5, try level 0. The\nother levels are only present because other clients have six\nlevels." :type (choice (const 0) (const 1) (const 2) (const 3) (const 4) (const 5))] 8) #@281 Return the NTLM authentication request string for USER and DOMAIN. USER is a string representing a user name to be authenticated and DOMAIN is a NT domain. USER can include a NT domain part as in user@domain where the string after @ is used as the domain if DOMAIN is not given. (defalias 'ntlm-build-auth-request #[(user &optional domain) "\306\307\310\311\"P\307\310\211\"\307\312\311\"P\307\310\313\"\307\310\314\"\307\310\315\"\307\310\311\"R\316\211\211\211\203O\317\320\"\203O\204G\311\224T\316O\311\211\224O;\203gG\311V\203g\f\310\321\f\310H\322\"I\210GG\323\211 \\ \f\324 !\324 !\325\311B!\324\n!\324\n!\325\311 B!\260 .\207" [off-u off-d ld lu request-flags request-msgType "NTLMSSP" make-string 1 0 3 7 130 8 nil string-match "@" logior 16 32 md4-pack-int16 md4-pack-int32 request-ident user domain] 12 (#$ . 999) nil]) #@169 Compute an NTLMv2 timestamp. Return a unibyte string representing the number of tenths of a microsecond since January 1, 1601 as a 64-bit little-endian signed integer. (defalias 'ntlm-compute-timestamp #[nil "\306\307\310\311\312\313\314 \315\n\316\260\317\320\321 \322\"$\323\324\325 W\203<\312\326\317 #\fB\312\327\317 # T\211\202!*\311\330\f\237\"-\207" [s-to-tenths-of-us us-to-tenths-of-us ps-to-tenths-of-us tenths-of-us-since-jan-1-1601 result-bytes byte "mul(add(lsh($1,16),$2),10000000)" "mul($3,10)" "idiv($4,100000)" apply calc-eval "add(add(add(" "," ")," "),116444736000000000)" rawnum append current-time (0 0) nil 8 0 "and($1,16#FF)" "rsh($1,8,64)" unibyte-string --dotimes-limit--] 10 (#$ . 1884)]) #@100 Generate a random nonce, not to be used more than once. Return a random eight byte unibyte string. (defalias 'ntlm-generate-nonce #[nil "\300\301\302!\301\302!\301\302!\301\302!\301\302!\301\302!\301\302!\301\302!&\207" [unibyte-string random 256] 10 (#$ . 2623)]) #@331 Return the response string to a challenge string CHALLENGE given by the NTLM based server for the user USER and the password hash list PASSWORD-HASHES. NTLM uses two hash values which are represented by PASSWORD-HASHES. PASSWORD-HASHES should be a return value of (list (ntlm-smb-passwd-hash password) (ntlm-md4hash password)) (defalias 'ntlm-build-auth-response #[(challenge user password-hashes) "\306!\211\307\310O\311\312\313\"\311\312\314\"\311\312\315\"\311\312\316\"R \310\317O \317\320O\321\21134\321\21156\321\21178\321\2119:\321\211;<\321\211=>\321\211?@\321\211AB\322\n\316\323O!3\324\n\325\315O!4\3267\3278\330\331C\"\203\204C\316\224T\321O7C\316\211\224OC7;\203\2347G\316V\203\234 \312\332 \312H\333\"I\210\325\316DEDEW\203\302\fD\334\fDH DH\"I\210DT\211D\202\244*F\250\203\327F\316Y\203\327F\335X\204\333\336\337!\210F\340Y\203tF\335X\203t4A\341W\203\370\336\342!\210\202\303\322 \343\344O!G\324 \345\341O!H HAHAG\\OI\346C\211G\"\226J\347J\3467\211G\"PKA@\"L\350 M\311\323\312\"\311\323\316\"\311\325\316\"\351 M\311\325\316\"I\260N\347 MPL\"O\347 NPL\"POMP5PNP6. \202\303\334\f\323H\315\"\316U\204\262\321\211QR\350 R\352\353 RP\321\211\354%\211Q\316\315OQR\311\333\316\"P5\355KA@Q\"6*\202\303\355K@ \"5\355KA@ \"65G96G:CG;7G<8G=\356\211@\323;_\\\211A\323<_\\\211B\323=_\\\211>9\\?\357\360\361!\3629!\3629!\360\316>B!\362:!\362:!\360\316?B!\362\323<_!\362\323<_!\360\316\356B!\362\323;_!\362\323;_!\360\316@B!\362\323=_!\362\323=_!\360\316BB!\362\316!\362\316!\360\316\211B!\f\346C;\"\3467<\"\3468=\"56\260.\207" [challenge rchallenge uDomain request-flags flags challengeData string-as-unibyte 12 20 make-string 1 7 130 8 0 24 32 nil md4-unpack-int16 2 md4-unpack-int32 4 "" "WORKSTATION" string-match "@" logior 16 logand 5 error "Invalid ntlm-compatibility-level value" 3 48 "Failed to find target information block" 40 42 44 ntlm-ascii2unicode hmac-md5 ntlm-generate-nonce ntlm-compute-timestamp secure-hash md5 t ntlm-smb-owf-encrypt 64 "NTLMSSP" md4-pack-int32 (0 . 3) md4-pack-int16 uDomain-len uDomain-offs lmRespData ntRespData domain workstation ll ln lu ld lw off-lm off-nt off-u off-d off-w user index --dotimes-limit-- ntlm-compatibility-level targetInfo-len targetInfo-offs targetInfo upcase-user password-hashes ntlmv2-hash nonce blob lm-interim nt-interim sessionHash randomString] 27 (#$ . 2896)]) #@75 Return a pair of SMB hash and NT MD4 hash of the given password PASSWORD. (defalias 'ntlm-get-password-hashes #[(password) "\301!\302!D\207" [password ntlm-smb-passwd-hash ntlm-md4hash] 3 (#$ . 5386)]) #@81 Convert an ASCII string into a NT Unicode string, which is little-endian utf16. (defalias 'ntlm-ascii2unicode #[(str len) "\305\306_\307\"\307\310\nW\2031\f\nH\211\307U\2041 \306\n_ I\210 \306\n_T\307I\210\nT\211\202\f +\207" [len val i utf str make-string 2 0 nil] 4 (#$ . 5596)]) #@78 Extract 7 bits ASCII part of a little endian utf16 string STR of length LEN. (defalias 'ntlm-unicode2ascii #[(str len) "\305\306\"\306\211\nW\203# \n\307\f H\310\"I\210\nT\311 \\\202 +\207" [len j i buf str make-string 0 logand 127 2] 5 (#$ . 5894)]) #@136 Return the SMB password hash string of 16 bytes long for the given password string PASSWD. PASSWD is truncated to 14 bytes if longer. (defalias 'ntlm-smb-passwd-hash #[(passwd) "G\302^\303\226\304 O\305\306 Z\304\"P!)\207" [passwd len 14 ntlm-smb-des-e-p16 0 make-string 15] 5 (#$ . 6162)]) #@192 Return the response string of 24 bytes long for the given password string PASSWD based on the DES encryption. PASSWD is of at most 14 bytes long and the challenge string C8 of 8 bytes long. (defalias 'ntlm-smb-owf-encrypt #[(passwd c8) "G\304^\305\306\nO\307\310\nZ\306\"P\311 \"*\207" [passwd p22 len c8 16 nil 0 make-string 22 ntlm-smb-des-e-p24] 4 (#$ . 6464)]) #@84 Return a 24 bytes hashed string for a 21 bytes string P22 and a 8 bytes string C8. (defalias 'ntlm-smb-des-e-p24 #[(p22 c8) "\302 \303#\302 \304\305O\303#\302 \306\305O\303#Q\207" [c8 p22 ntlm-smb-hash t 7 nil 14] 7 (#$ . 6842)]) (defconst ntlm-smb-sp8 [75 71 83 33 64 35 36 37]) #@60 Return a 16 bytes hashed string for a 15 bytes string P15. (defalias 'ntlm-smb-des-e-p16 #[(p15) "\302 \303#\302 \304\305O\303#P\207" [ntlm-smb-sp8 p15 ntlm-smb-hash t 7 nil] 6 (#$ . 7131)]) #@113 Return the hash string of length 8 for a string IN of length 8 and a string KEY of length 8. FORW is t or nil. (defalias 'ntlm-smb-hash #[(in key forw) "\306\307\310\"\311\306\312\310\"\306\312\310\"\313!\310\311\n\312W\203[\314\n\307\245H\315\316\317\n\307\246Z\"\"\310U\204; \n\316I\210\314 \n\307\245H\315\316\317\n\307\246Z\"\"\310U\204T\f\n\316I\210\nT\211\202\320 \f#\310\211\312W\203\224\nH\310U\204\215\n\307\245H\n\307\245\321 \315\316\317\n\307\246Z\"\"I\210\nT\211\202f.\207" [key aa i key2 keyb inb make-string 8 0 nil 64 ntlm-smb-str-to-key logand lsh 1 7 ntlm-smb-dohash logior outb out in forw] 10 (#$ . 7331)]) #@67 Return a string of length 8 for the given string STR of length 7. (defalias 'ntlm-smb-str-to-key #[(str) "\303\304\305\"\306\211\305\307\n\305H\310\"I\210 \311\312\307\313\n\305H\311\"\314\"\307\n\311H\315\"\"I\210 \316\312\307\313\n\311H\317\"\320\"\307\n\316H\321\"\"I\210 \317\312\307\313\n\316H\306\"\322\"\307\n\317H\323\"\"I\210 \322\312\307\313\n\317H\324\"\317\"\307\n\322H\325\"\"I\210 \320\312\307\313\n\322H\326\"\316\"\307\n\320H\327\"\"I\210 \314\312\307\313\n\320H\330\"\311\"\307\n\314H\331\"\"I\210 \306\313\n\314H\332\"I\210\305Y\203\260 \307 H\311\"I\210S\211\202\232 *\207" [i key str make-string 8 0 7 lsh -1 1 logior logand 6 -2 2 3 5 -3 4 -4 15 -5 31 -6 63 -7 127] 8 (#$ . 8002)]) (defconst ntlm-smb-perm1 [57 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 27 19 11 3 60 52 44 36 63 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4]) (defconst ntlm-smb-perm2 [14 17 11 24 1 5 3 28 15 6 21 10 23 19 12 4 26 8 16 7 27 20 13 2 41 52 31 37 47 55 30 40 51 45 33 48 44 49 39 56 34 53 46 42 50 36 29 32]) (defconst ntlm-smb-perm3 [58 50 42 34 26 18 10 2 60 52 44 36 28 20 12 4 62 54 46 38 30 22 14 6 64 56 48 40 32 24 16 8 57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3 61 53 45 37 29 21 13 5 63 55 47 39 31 23 15 7]) (defconst ntlm-smb-perm4 [32 1 2 3 4 5 4 5 6 7 8 9 8 9 10 11 12 13 12 13 14 15 16 17 16 17 18 19 20 21 20 21 22 23 24 25 24 25 26 27 28 29 28 29 30 31 32 1]) (defconst ntlm-smb-perm5 [16 7 20 21 29 12 28 17 1 15 23 26 5 18 31 10 2 8 24 14 32 27 3 9 19 13 30 6 22 11 4 25]) (defconst ntlm-smb-perm6 [40 8 48 16 56 24 64 32 39 7 47 15 55 23 63 31 38 6 46 14 54 22 62 30 37 5 45 13 53 21 61 29 36 4 44 12 52 20 60 28 35 3 43 11 51 19 59 27 34 2 42 10 50 18 58 26 33 1 41 9 49 17 57 25]) (defconst ntlm-smb-sc [1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1]) (defconst ntlm-smb-sbox [[[14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7] [0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8] [4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0] [15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13]] [[15 1 8 14 6 11 3 4 9 7 2 13 12 0 5 10] [3 13 4 7 15 2 8 14 12 0 1 10 6 9 11 5] [0 14 7 11 10 4 13 1 5 8 12 6 9 3 2 15] [13 8 10 1 3 15 4 2 11 6 7 12 0 5 14 9]] [[10 0 9 14 6 3 15 5 1 13 12 7 11 4 2 8] [13 7 0 9 3 4 6 10 2 8 5 14 12 11 15 1] [13 6 4 9 8 15 3 0 11 1 2 12 5 10 14 7] [1 10 13 0 6 9 8 7 4 15 14 3 11 5 2 12]] [[7 13 14 3 0 6 9 10 1 2 8 5 11 12 4 15] [13 8 11 5 6 15 0 3 4 7 2 12 1 10 14 9] [10 6 9 0 12 11 7 13 15 1 3 14 5 2 8 4] [3 15 0 6 10 1 13 8 9 4 5 11 12 7 2 14]] [[2 12 4 1 7 10 11 6 8 5 3 15 13 0 14 9] [14 11 2 12 4 7 13 1 5 0 15 10 3 9 8 6] [4 2 1 11 10 13 7 8 15 9 12 5 6 3 0 14] [11 8 12 7 1 14 2 13 6 15 0 9 10 4 5 3]] [[12 1 10 15 9 2 6 8 0 13 3 4 14 7 5 11] [10 15 4 2 7 12 9 5 6 1 13 14 0 11 3 8] [9 14 15 5 2 8 12 3 7 0 4 10 1 13 11 6] [4 3 2 12 9 5 15 10 11 14 1 7 6 0 8 13]] [[4 11 2 14 15 0 8 13 3 12 9 7 5 10 6 1] [13 0 11 7 4 9 1 10 14 3 5 12 2 15 8 6] [1 4 11 13 12 3 7 14 10 15 6 8 0 5 9 2] [6 11 13 8 1 4 10 7 9 5 0 15 14 2 3 12]] [[13 2 8 4 6 15 11 1 10 9 3 14 5 0 12 7] [1 15 13 8 10 3 7 4 12 5 6 11 0 14 9 2] [7 11 4 1 9 12 14 2 0 6 10 13 15 3 5 8] [2 1 14 7 4 10 8 13 15 12 9 0 3 5 6 11]]]) #@130 Return a string of length N for a string IN and a permutation vector PERM of size N. The length of IN should be height of PERM. (defalias 'ntlm-string-permute #[(in perm n) "\305\306\305\"\211W\203 \n \f\nHSHI\210\nT\211\202 *\207" [n out i in perm 0 make-string] 6 (#$ . 11148)]) (byte-code "\300\301\302\303#\304\301\305\306#\207" [function-put ntlm-string-permute speed -1 put byte-optimizer byte-compile-inline-expand] 5) #@97 Return a string by circularly shifting a string STR by COUNT to the left. length of STR is LEN. (defalias 'ntlm-string-lshift #[(str count len) " \246 \n O \304\nOP)\207" [count len c str 0] 4 (#$ . 11590)]) (byte-code "\300\301\302\303#\304\301\305\306#\207" [function-put ntlm-string-lshift speed -1 put byte-optimizer byte-compile-inline-expand] 5) #@47 Return exclusive-or of sequences in1 and in2. (defalias 'ntlm-string-xor #[(in1 in2 n) "\305\306\"\306 W\203 \n \307 H\f H\"I\210 T\211\202\n*\207" [n i w in1 in2 make-string 0 logxor] 7 (#$ . 11950)]) (byte-code "\300\301\302\303#\304\301\305\306#\207" [function-put ntlm-string-xor speed -1 put byte-optimizer byte-compile-inline-expand] 5) #@135 Return the hash value for a string IN and a string KEY. Length of IN and KEY are 64. FORW non-nil means forward, nil means backward. (defalias 'ntlm-smb-dohash #[(in key forw) "\306\211\211\211\307\310\311\"\306\211\211\211\311\211\211 !\"#\312$%&\311\313$\311\"'\211$W\203P'\n&%\nHSHI\210\nT\211\2026'-\211!\311\314O !\314\312O\311\211\310W\203\377 (\nH\314)*+*)\246 + )O+\311 OP, (\nH\314)*+*)\246 + )O+\311 OP, \311\314O\311\314OP\n,\315$%&\311\313$\311\"'\211$W\203\363'\n&%\nHSHI\210\nT\211\202\331'-I\210\nT\211\202e&-\316$%&\311\313$\311\"'\211$W\203.'\n&%\nHSHI\210\nT\211\202'-\211\311\317O\317\316O\311\306\211\307\320\311\"\306\211\211\211\211\211\211\211./$01234567\n\310W\203\f8\315$%&\311\313$\311\"'\211$W\203\230'\n&%\nHSHI\210\nT\211\202~'-\21179\203\251\n\202\254\321\nZH\315$:;\313$\311\"\311<\n$W\203\332<\n\322;\nH:\nH\"I\210\nT\211\202\276<-6\311\211\320W\203\323 _15 61\211\323\\OI\210 T\211\202\342\311\211\320W\203u5 H/\324\325/\311H\326\"/\327H\"0\324\325/\326H\330\"\325/\331H\331\"\325/\330H\326\"/\332H$$\311= H0H$H.\332W\203n/\333.\325\326\330Z\"\"\311U\203d\311\202e\326I\210T\211\202I T\211\202\311\3064 \320W\203\22345 H\311\332OP4 T\211\202{4>\317$%&\311\313$\311\"'\211$W\203\302'\n&%\nHSHI\210\nT\211\202\250'-3 3\317$:;\313$\311\"\311<\n$W\203\367<\n\322;\nH:\nH\"I\210\nT\211\202\333<-2\f2\nT\211\202e. \f P\211?\316$%&\311\313$\311\"'\211$W\203<'\n&%\nHSHI\210\nT\211\202\"'.\207" [k j i rl r l nil make-vector 16 0 56 make-string 28 48 64 32 8 15 logxor 6 logior lsh 1 5 3 2 4 logand pd1 ki cd d c pk1 key ntlm-smb-perm1 n perm in out ntlm-smb-sc len count str ntlm-smb-perm2 ntlm-smb-perm3 sbox-jmn bj m jj r2 pcb cb b erk er ntlm-smb-perm4 forw in2 in1 w ntlm-smb-sbox ntlm-smb-perm5 ntlm-smb-perm6] 13 (#$ . 12309)]) #@137 Return the 16 bytes MD4 hash of a string PASSWD after converting it into a Unicode string. PASSWD is truncated to 128 bytes if longer. (defalias 'ntlm-md4hash #[(passwd) "\303\211\nG\211\304V\203\304\305\n \" \306_\307 \"*\207" [wpwd len passwd nil 128 ntlm-ascii2unicode 2 md4] 4 (#$ . 14348)]) (provide 'ntlm)