ntlm

package
v0.0.104 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 7, 2025 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source 
const EmptyNTHash = "31D6CFE0D16AE931B73C59D7E0C089C0"

EmptyNTHash is the empty NT hash (for empty password)

View Source 
const StandardLMHash = "aad3b435b51404eeaad3b435b51404ee"

StandardLMHash is the standard empty LM hash value (always the same)

Variables

View Source 
var WindowsBuildMapping = map[string]string{

	"20348": "Windows Server 2022",
	"17763": "Windows Server 2019",
	"14393": "Windows Server 2016",
	"9600":  "Windows Server 2012 R2",
	"9200":  "Windows Server 2012",
	"7601":  "Windows Server 2008 R2 SP1",
	"6002":  "Windows Server 2008 SP2",
	"6001":  "Windows Server 2008 SP1",
	"6000":  "Windows Server 2008",

	"22631": "Windows 11 23H2",
	"22621": "Windows 11 22H2",
	"22000": "Windows 11 21H2",

	"19045": "Windows 10 22H2",
	"19044": "Windows 10 21H2",
	"19043": "Windows 10 21H1",
	"19042": "Windows 10 20H2",
	"19041": "Windows 10 2004",
	"18363": "Windows 10 1909",
	"18362": "Windows 10 1903",
	"17134": "Windows 10 1803",
	"16299": "Windows 10 1709",
	"15063": "Windows 10 1703",
	"10586": "Windows 10 1511",
	"10240": "Windows 10 1507",

	"7600": "Windows 7",
}

WindowsBuildMapping maps Windows build numbers to human-readable versions

Functions

func ConvertToLDAPServerInfo 

func ConvertToLDAPServerInfo(ntlmInfo *commonprotocolfern.NtlmServerInfo) *commonprotocolfern.LdapServerInfo

ConvertToLDAPServerInfo converts common NTLM server info to LDAP-specific format

func ExtractServerInfoFromChallenge 

func ExtractServerInfoFromChallenge(challengeMessage []byte, log svc1log.Logger) (*commonprotocolfern.NtlmServerInfo, error)

ExtractServerInfoFromChallenge extracts server information from NTLM Type 2 challenge message

func GetDomainName 

func GetDomainName(serverInfo *commonprotocolfern.NtlmServerInfo) string

GetDomainName extracts domain name from server info, preferring DNS domain name

func GetLDAPDomainName 

func GetLDAPDomainName(serverInfo *commonprotocolfern.LdapServerInfo) string

func GetLDAPServerName 

func GetLDAPServerName(serverInfo *commonprotocolfern.LdapServerInfo) string

GetLDAPServerName extracts server name from LDAP server info, preferring DNS computer name

func GetOSVersion 

func GetOSVersion(serverInfo *commonprotocolfern.NtlmServerInfo) string

GetOSVersion extracts parsed OS version from server info

func GetSMBDomainName 

func GetSMBDomainName(serverInfo *commonprotocolfern.SmbServerInfo) string

func GetSMBNetbiosDomain 

func GetSMBNetbiosDomain(serverInfo *commonprotocolfern.SmbServerInfo) string

GetSMBNetbiosDomain extracts NetBIOS domain name from SMB server info

func GetSMBOSVersion 

func GetSMBOSVersion(serverInfo *commonprotocolfern.SmbServerInfo) string

func GetSMBServerName 

func GetSMBServerName(serverInfo *commonprotocolfern.SmbServerInfo) string

GetSMBServerName extracts server name from SMB server info, preferring DNS computer name

func GetSMBSigningRequired 

func GetSMBSigningRequired(serverInfo *commonprotocolfern.SmbServerInfo) bool

func GetServerName 

func GetServerName(serverInfo *commonprotocolfern.NtlmServerInfo) string

GetServerName extracts server name from server info, preferring DNS computer name

func LogServerInfoDetails 

func LogServerInfoDetails(serverInfo *commonprotocolfern.NtlmServerInfo, target string, log svc1log.Logger)

LogServerInfoDetails logs detailed server info with all available fields

func ParseWindowsVersion 

func ParseWindowsVersion(rawOSVersion string) string

ParseWindowsVersion extracts and enhances Windows version information

Types

type HashProcessor 

type HashProcessor struct{}

HashProcessor provides utilities for processing NTLM hashes

func NewHashProcessor 

func NewHashProcessor() *HashProcessor

NewHashProcessor creates a new NTLM hash processor

func (*HashProcessor) IsEmptyNTHash 

func (p *HashProcessor) IsEmptyNTHash(hash string) bool

IsEmptyNTHash checks if the hash represents an empty password

func (*HashProcessor) IsValidNTHash 

func (p *HashProcessor) IsValidNTHash(hash string) bool

IsValidNTHash checks if a hash looks like a valid NT hash

func (*HashProcessor) ParseNTLMHash added in v0.0.80 

func (p *HashProcessor) ParseNTLMHash(ntlmHash string) ([]byte, error)

ParseNTLMHash parses an NTLM hash and returns the NT portion as bytes

func (*HashProcessor) ProcessHashForLDAP 

func (p *HashProcessor) ProcessHashForLDAP(ntlmHash string) string

ProcessHashForLDAP processes an NTLM hash for LDAP authentication (returns LM:NT format)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.