pkg ntlm

pkg/ntlm - NTLM Authentication Protocol

Complete NTLMv2 client implementation supporting password and pass-the-hash authentication. Used internally by the SMB, LDAP, and DCE/RPC packages.

Types

Client

type Client struct {
    User        string // Username
    Password    string // Password (plaintext)
    Hash        []byte // NT hash (16 bytes) for pass-the-hash
    Domain      string // e.g. "WORKGROUP", "CORP"
    Workstation string
    TargetSPN   string // SPN for MIC calculation
}

Session

Returned by Client.Session() after successful authentication. Provides signing and sealing methods for authenticated protocols.

Three-Message Handshake

// Step 1: Create NEGOTIATE message
func (c *Client) Negotiate() ([]byte, error)

// Step 2: Process CHALLENGE, create AUTHENTICATE message
func (c *Client) Authenticate(challengeMsg []byte) ([]byte, error)

// Step 3: Get session for signing/sealing
func (c *Client) Session() *Session

Example: NTLM Exchange

ntlmClient := &ntlm.Client{
    User:     "admin",
    Password: "Password1",
    Domain:   "CORP",
}

negotiateMsg, _ := ntlmClient.Negotiate()
// ... send to server, receive challenge ...

authMsg, _ := ntlmClient.Authenticate(challengeMsg)
// ... send to server ...

session := ntlmClient.Session()

Example: Pass-the-Hash

ntHash, _ := hex.DecodeString("aad3b435b51404eeaad3b435b51404ee")

ntlmClient := &ntlm.Client{
    User:   "admin",
    Hash:   ntHash,
    Domain: "CORP",
}

negotiateMsg, _ := ntlmClient.Negotiate()
// ... continue handshake ...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

pkg ntlm

pkg/ntlm - NTLM Authentication Protocol

Types

Client

Session

Three-Message Handshake

Example: NTLM Exchange

Example: Pass-the-Hash

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally