All geek questions in one place

How to check NTLM type3 message? (node.js)

I want to write an http server with node.js that supports NTLMv2 authentication.

Evertything works great with handshak (type1, type2, type3 messages), and I get my type3 message from the client (Chrome browser). In this message that is sent to the server, there is an ntlmv2 response that I can read on my node.js. server How can I authenticate if this answer is valid?

In accordance with [1], I understood a message of type 3, and I was able to create my own node.js procedure to generate these hashes. So when I have a password, I can create a hash equal to the one I get from the browser. But how can I authenticate this hash / response without knowing the password? How can I authenticate this against a DomainController / ActiveDirectory on my network?

If you look at [2], there is a picture that perfectly describes my question. How can I follow steps "4" and "5" of this image?

Thanks Laryllan

[1] http://davenport.sourceforge.net/ntlm.html#theType3Message

[2] http://msdn.microsoft.com/en-us/library/cc239685.aspx

+4
source share
2 answers

A quick search on the Internet confirms that everyone seems to be stuck at about one point.

The best answer to this topic I've seen so far is here: Windows authentication headers without .NET. Maybe?

0
source

For valid NTLMv2 credentials, you need to run the SecureChannel RPC encrypted with the NETLOGON Active Directory domain controller service. That is, it is a difficult task. If your server supports Java Servlet Filters, Jespa .

Otherwise, there are modules that can perform authentication at the web server level, for example, the Apache module or the inclusion of IWA in IIS. But, of course, these types of solutions are somewhat limited in several ways.

0
source

Source: https://habr.com/ru/post/1488662/

More articles:


All Articles