Skip to content

Instantly share code, notes, and snippets.

@zenchild

zenchild/ntlm_sign_seal.rb

Created November 21, 2014 16:33
Show Gist options
  • Save zenchild/7a2b5d7635b63ddf0af9 to your computer and use it in GitHub Desktop.
Save zenchild/7a2b5d7635b63ddf0af9 to your computer and use it in GitHub Desktop.
Download ZIP
ntlm sign + seal in ruby
Raw
ntlm_sign_seal.rb
rc4 = OpenSSL::Cipher::Cipher.new("rc4")
rc4.encrypt
key = ["6f0d99535033951cbe499cd1914fe9ee"].pack("H*")
rc4.key = key
crypt = rc4.update "jCIFS"
crypt << rc4.final
magicver = "\x01\x00\x00\x00"
seq = "\x00\x00\x00\x00"
sign_key = ["f7f97a82ec390f9c903dac4f6aceb132"].pack("H*")
payload = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, sign_key, "#{seq}jCIFS")
payload.unpack("H*") # => ["0a003602317a759a720dc9c7a2a95257"]
e = rc4.update payload[0...8]
e << rc4.final
e.unpack("H*") # => ["884b14809e53bfe7"]
sig = "#{magicver}#{e}#{seq}"
sig.unpack("H*") # => ["01000000884b14809e53bfe700000000"]
message = "#{crypt}#{sig}"
message.unpack("H*") # => ["cf0eb0a93901000000884b14809e53bfe700000000"]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment