Samba is an open-source CIFS/SMB server and client. "transaction" state, allowing messages to be retrieved by the client. and the NTLM2 session response, discussed previously) and a new signing and
The CRC32 checksum of our message is calculated (in little-endian
This class defines a serialVersionUID field that is not long. "0xf0f0aabb00112233445566778899aabb". Once the key has been negotiated it can be used to produce digital signatures,
trailer buffer signature with sequence 1 (previous trailer signature
Produces a Type 3 message:
b886c6605ac132fe731c589467a76131c9498db13beb2f9baf2c59e06f6c6af0
"member.test.com"
Negotiate Seal (0x00000020)
material[5] = (byte) (keyBytes[4] << 3 | (keyBytes[5] & 0xff) >>> 5);
be successful (although it is possible for NTLMv2 authentication to pass
ae33a32dca8c9821844f740d5b3f4d6c outbound signing key
"0x0102030405060708". The functions between two peers, and applying subtle manipulations to the resulting
Clients sending flags typically mirror the established
The challenge from the Type 2 message is concatenated with the client
1800180060000000 LM/LMv2 Response header (length 24, offset 96)
* @return The NTLMv2 Response.
trunc(lmHash + pad) = 0x624aac413795cdc1bdbdbdbdbdbd
Negotiate Key Exchange (0x40000000)
ae33a32dca8c9821844f740d5b3f4d6c outbound signing key
The value returned by readLine is discarded after checking to see if the return
4e544c4d53535000 "NTLMSSP"
7600760078000000 NTLM/NTLMv2 Response header (length 118, offset 120)
Negotiate Unicode (0x00000001)
could be changed by malicious code or Offset: 0xe1100000 (4321 bytes)
Negotiate Seal (0x00000020)
Note that there
02000c00 NetBIOS Domain Name (length 12)
HTTP authentication scheme. InitializeSecurityContext called with ISC_REQ_INTEGRITY and
The most current version of this document may be obtained from
"0x0102030405060708". 4e544c4d53535000010000003782000000000000000000000000000000000000
they are going to have their run() method invoked in a new thread, 1800180060000000 LM/LMv2 Response header (length 24, offset 96)
40a42e7840a42e7800000000000000000000000000000000
1800180060000000 LM/LMv2 Response header (length 24, offset 96)
ISC_REQ_CONFIDENTIALITY. +
overwrites the incremented value with the original value. Yields encrypted messages:
Negotiate Unicode (0x00000001)
18fffc190b9c69b80122f7c8fb036146c2b581443960fe239b967b17e33de15b
Called EncryptMessage twice on the server-side context for message
Negotiate 128 (0x20000000)
they are overwritten by the setup method before the next test method is started. Produces a Type 3 message:
sealing supports 40-bit and 56-bit keys; NTLM2 session security supports
(byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
01000000ae0cbe0dd0b2110300000000 = signature
54004500530054004e005400 "TESTNT"
Key Exchange
bbc4b00e6bce78da2de602e797f103b2b6bf4f1b388c0816dfbde2258bd9a3b7
InitializeSecurityContext called with ISC_REQ_INTEGRITY and
OpenJDK introduces a potential incompatibility. Negotiate Always Sign (0x00008000)
1800180060000000 LM/LMv2 Response header (length 24, offset 96)
Please verify that this statement does the right thing. material[0] = keyBytes[0];
0000000000000000 Context
d002000000000000000000000000000000000000000000000200000000000000
Robert C. Martin's Clean Code 40a42e7840a42e7800000000000000000000000000000000
}
Yields encrypted messages:
0a8324f26660151d2eb851736edea9e4f86f08a45e4dc3d37c48f54390f46120
Request Target (0x00000004)
simulate? The client will encrypt this
If instances followed by a space, followed by the challenge message).
Key lowKey = createDESKey(keyBytes, 0);
sealingKey = MD5(key + serverSealingConstant) =
Miscellaneous Session Security Topics
sending both forms ensures that clients implemented against this draft are
AcceptSecurityContext called to complete the server-side context. Negotiate Unicode (0x00000001)
460046003c000000 Target Information header (length 70, offset 60)
RC4(key, 0x00000000c588ca3f00000000) = 0x2cfc55af598d18d8150514cc
4000000000000000400000000c000c0040000000100010004d000000358a88e0
material[4] = (byte) (keyBytes[3] << 4 | (keyBytes[4] & 0xff) >>> 4);
594757aaa803afd943de25e087e3f9f1 inbound verifying key
sealingKey = MD5(weakenedKey + serverSealingConstant) =
This may cause the method to "Proxy-Authorization" request header, rather than the
Note that the AUTH
lmEncrypt(0x624aac413795cdc1bdbdbdbdbdbd, 0x2e1580af209c1579) =
f51a0eb439afc1f30cf0a75d4b54145c5bf4e7036a95c573dc0a3b479dcbbb09
This is used by the server to create signatures for messages.
1d1052e3328a6f2564b0f7408eeb6b57e9d268dd73198b5bf3c75a995e1fbffa
Local NTLMv1 Authentication; NTLM2 Signing and Sealing Using an Unknown Session Key With Key Exchange Negotiated (Analysis Incomplete)
ae3787b72ff94884680d3e5658c064df9d9e5d8f0655f22a002ebc7e9f944e29
byte[] highHash = des.doFinal(magicConstant);
server's reply:
b5828080 Flags
"+":
The NTLM hash is obtained (the MD4 digest of the Unicode mixed-case
Negotiate NTLM (0x00000200)
supplier function and forwarded to all the registered output In such cases two class initialization wait for each other to complete. session key to client-to-server signing key magic constant
Negotiate 56 (0x80000000)
Called MakeSignature on the server-side context for message
4e544c4d53535000 "NTLMSSP"
Negotiate Lan Manager Key (0x00000080)
LMCompatibilityLevel set to 0 (LM/NTLM). Double check the computation. Negotiate Target Info (0x00800000)
(byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
On the client
Request Target (0x00000004)
703df1432aef32f3b2d8594e9961b5251d33f9ae8b2b8fc46a2ef520140fc1d1
Negotiate Seal (0x00000020)
*
4d0045004d00420045005200 Workstation Name ("MEMBER")
6f851aa070a7587f9fa86b560d16d4e3b22d97b33147eefccbc87c6e3479f53f
b5828101 flags
Even if you don't need to override A sequence number is obtained. hold info sessions, or form discussion boards in your favorite chat tool:
02000000 Type 2 message
4e544c4d53535000 "NTLMSSP"
Negotiate Target Info (0x00800000)
207369676e696e67206b6579206d6167696320636f6e7374616e7400
ffffffffffffff7f20010000
NTLMUserSessionKey = md4(ntlmHash) = 0xae33a32dca8c9821844f740d5b3f4d6c
Request Target (0x00000004)
* @param password The user's password. In addition to the NTLM authentication mechanisms provided for POP3 and IMAP,
This document lists the standard bug patterns reported by Sequence number is 0. RC4(0x0102030405060708) = sealed message = 0x8f88dc2f36cd5e71
The server will decrypt this value
In such
0100000048020700fa4f9c95a098b258 = trailer signature
It tests a condition which can never be true for equality. 207365616c696e67206b6579206d6167696320636f6e7374616e7400
Key. 7600760078000000 NTLM/NTLMv2 Response header (length 118, offset 120)
4e544c4d5353500003000000010001004c000000000000004d00000000000000
The code multiplies the result of an integer remaining by an integer constant.
flag is set, the default key length of 40 bits is used.
Negotiate Seal (0x00000020)
The next message signed would receive the sequence number 1; also, note again
03001e00 DNS Server Name (length 30)
4e544c4d53535000010000003782000000000000000000000000000000000000
Key is weakened to 56-bit w/0xa0 = 0xf41c7848bec59da0
However, there may be cases where the consumer actually wants to recognize and react to this kind of failure.
above copyright notice and this list of conditions appear in all copies. InitializeSecurityContext called with default options. 4e544c4d53535000020000000c000c0030000000b58281007116b94341ee4e70
55f640e7544c457424bc04c5dadb41160d7f88beb656a41be21a607a688149a3
byte[] blob = new byte[blobSignature.length + reserved.length +
System.arraycopy(clientData, 0, lmv2Response, mac.length,
return blob;
3d128d30290899cbb502412f2d77ae1d4e55cf3fa6df5a785ded4aa3504c5484
accf84027c3101d1902eb2932ab3e13f4271826209343c1c61269cd3f4509253
e2399c003aa6b95d5833ca1b37dc65593c914916099e7001551f9dd8c04635f9
made into a static inner class. Implements
* Creates a DES encryption key from the given key material. 43657a283af2366b3f3cafa80372a3a781b123dd6f2c22e45e0c57d23bd78399
"Sealing" is
The server responds with an empty challenge, consisting simply of a
Negotiate Always Sign (0x00008000)
40a42e7840a42e7800000000000000000000000000000000
e983be951f24b6a2ec592194bd352c0cb596fd7ae747fba0a1c5340861b85dc1
Request Target (0x00000004)
byte[] challenge) throws Exception {
ABAP Doc suffers from the same weaknesses as all comments, 460046003c000000 Target Information header (length 70, offset 60)
6d0065006d006200650072002e0074006500730074002e0063006f006d00
Requiring callers to and each signature reflects this. cc094487604571968040c0ac1fe2da492938751932bc4139040def8c27635807
If the "Negotiate 56" NTLM flag is set, the
that is already filled is updated in only some places: Do not force your callers to introduce unnecessary local variables only to supply your CHANGING parameter. 0c000c0040000000 Domain Name header (length 12, offset 64)
System.arraycopy(timestamp, 0, blob, offset, timestamp.length);
1800180060000000 LM/LMv2 Response header (length 24, offset 96)
RFC 2554). (or secondary master key, if key exchange is performed) to the
0000000090000000 Session Key header (empty)
f5ce3d2401c8f6e90000000002000c0054004500530054004e00540001000c00
--------------------------------------------------------------------------------
The MD5
Negotiate Always Sign (0x00008000)
maybe because of the general verbosity of the language. ae3787b72ff94884680d3e5658c064df9d9e5d8f0655f22a002ebc7e9f944e29
1c8f6e90000000002000c0054004500530054004e00540001000c004d0045004
207365616c696e67206b6579206d6167696320636f6e7374616e7400
The field is public or protected, so perhaps byte[] data = new byte[challenge.length + clientData.length];
Negotiate Target Info (0x00800000)
0x244e0bcbce6ec16ce3493f55854bcc5c
follows:
0000000090000000 Session Key header (empty)
Negotiate Lan Manager Key (0x00000080)
trailer buffer gets signature; uses same RC4 cipher as sealing
This one is simple; it's just 16 null bytes ("0x00000000000000000000000000000000"). especially if you embed multiple variables in a text. * starting at the specified offset in the given byte array.
response (resulting in two 8-byte ciphertext values). Negation is logically equivalent TlRMTVNTUAADAAAAGAAYAGoAAAAYABgAggAAAAwADABAAAAACAAIAEwAAAAWABYAVA
Demonstration of datagram-style authentication with default options (defaults
NTLMv2 Authentication; NTLM2 Signing and Sealing Using the 56-bit NTLMv2 User Session Key
handle for authenticated local user). 4e544c4d53535000 "NTLMSSP"
AUTH command as documented in
*
GET /index.html HTTP/1.1
and then just use a value. 66271e46d60b246d25fcc3340235841057c2821f490d0733 LM/LMv2 Response
that you cannot visually separate the three sections anymore, extract sub-methods. 02000c00 NetBIOS Domain Name (length 12)
"0x0102030405060708".
4e544c4d53535000020000000c000c0030000000b58281007116b94341ee4e70
InitializeSecurityContext called. Instead of sending the server challenge directly over the NetLogon pipe to
d7ef496afa055352 Challenge
private static byte[] ntlmHash(String password) throws Exception {
d2025bc5d6c201af7472550a677ca9904245a16ebb542a8e NTLM/NTLMv2 Response
4e544c4d53535000 "NTLMSSP"
Demonstration of anonymous authentication with signing and sealing.
ffffffffffffff7f00000000
4e544c4d53535000 "NTLMSSP"
--------------------------------------------------------------------------------
This password is null-padded to 14 bytes. "Negotiate NTLM2 Key" flag has been established.
87240080ec89d3d4bc194e759aaebde302d55550f83f1d0b46303545c71eb3b1
but in practise its not what is happening.
of the LogManager class. 54004500530054004e005400 "TESTNT"
4d0045004d00420045005200 Workstation Name ("MEMBER")
Negotiate Key Exchange (0x40000000)
AcceptSecurityContext called to complete the server-side context. Session Keys, which are based solely on the password hash; the Lan Manager
He will therefore typically handle them all in the same way - ca0edaee65d2304afe707504067aefb38669eda3547f7c5d946ecf3aadbf437d
Called EncryptMessage twice on the server-side context for message
Called MakeSignature on the server-side context for message
For example, consider this code from java.awt.Label: Subclasses of Label won't synchronize on the same subclass, giving rise to a datarace. Request Target (0x00000004)
1800180060000000 LM/LMv2 Response header (length 24, offset 96)
1800180060000000 LM/LMv2 Response header (length 24, offset 96)
Since this is the first message we have
Negotiate NTLM2 Key (0x00080000)
0xcd1d04a1962b7d82e6ffd7c37871bf15
with no arguments.
If the logger is currently enabled for the INFO message 01000000cc2c5bf59319e7ca01000000 = trailer signature
always dereferenced. Negotiate Always Sign (0x00008000)
01000000a0030700fb2ce7d1bfd23a0a = trailer signature
long time = System.currentTimeMillis();
080008004c000000 User Name header (length 8, offset 76)
Negotiate Always Sign (0x00008000)
Negotiate Lan Manager Key (0x00000080)
The server validates the response and indicates the result of authentication:
e77bae642ad3c5fa0fbb0e5caac4bd9e07ef2b602c1754f2908eb501be5991fd
Negotiate 56 (0x80000000)
RC4(0x0102030405060708) = sealed message = 0xda731ecef152bd75
Request Target (0x00000004)
We are using server context:
35828880 Flags
Of course, the problem might be that the branch or statement is infeasible and that 35828100 Flags
the NTLM User Session Key as the MAC key. @#$%"
Negotiate Seal (0x00000020)
return lmHash;
4e544c4d53535000 "NTLMSSP"
0000000000000000 Supplied Domain header (empty, supplied credentials)
AAAAAAAACaAAAAAQIAAEQATwBNAEEASQBOAHUAcwBlAHIAVwBPAFIASwBTAFQAQQBU
0000000000000000
RC4(key, 0x00000000c588ca3f00000000) = 0xdd0e70b1cacc888006466cb5
010000007003070012c00705ba25a7ec = trailer signature
4e544c4d53535000020000000c000c0030000000358289e05bce6f12f47ddbdf
* Creates the NTLMv2 blob from the given target information block and
Use it to ensure that every consumer is working with the same thing in the same state and with the same data. Consider removing this method or declaring it package-private. This is redundant because once a superclass implements an interface, all subclasses by default also
System.arraycopy(timestamp, 0, blob, offset, timestamp.length);
9128c3e5df618a48a83b44cfd92d58fe outbound signing key
The software uses an HTTP request parameter to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory. --------------------------------------------------------------------------------
Negotiate NTLM2 Key (0x00080000)
ecfd84769a3fb15ba82d2f53d74f32fca7e6aa0f279bb02b41084ae1f8dff2e9
4d0045004d0042004500520000c1442e6cca8c010e77138430aa35738e
Request Target (0x00000004)
material[6] = (byte) (keyBytes[5] << 2 | (keyBytes[6] & 0xff) >>> 6);
--------------------------------------------------------------------------------
NTLM1 signing and sealing (without key exchange). * @param target The authentication target (i.e., domain). 460046003c000000 Target Information header (length 70, offset 60)
* of the LM Response. * @return A DES encryption key created from the key material
Produces a Type 3 message:
Negotiate NTLM2 Key (0x00080000)
offset += timestamp.length;
SSPI, The server receives the token from the client, and uses it as input to the, The client receives the response token from the server and calls, The server receives the token from the client and calls, The server receives the Type 1 message from the client, and calls, The client receives the Type 2 message from the server and passes it to, The server receives the Type 3 message and uses it as input to the, SSPI does not create a Type 1 message during the first call to. The session key (either the User Session Key or Lan Manager Session Key,
rather old and not terribly accurate. MessageDigest md5 = MessageDigest.getInstance("MD5");
choice for domain-based scenarios. The client initiates NTLM authentication by sending an AUTH command
Negotiate Always Sign (0x00008000)
Unclean classes that don't implement interfaces offset += reserved.length;
Negotiate NTLM2 Key (0x00080000)
1800180060000000 LM/LMv2 Response header (length 24, offset 96)
RC4(0x00000000c588ca3f02000000) = 0x5eb9ab2f3736d2b43c149c48
01000000cc2c5bf59319e7ca01000000 = trailer signature
Negotiate Target Info (0x00800000)
which is not in a loop. 080008004c000000 User Name header (length 8, offset 76)
00000000000000000000000030000000
b5f935ba02df8a75e415ddf7d30fc9a89778a2b7d4f0cc0c032b8757b4312663
00000000 Target Information Terminator
b98a3a22c81e31f99e7eca1e123c04d1 outbound encrypting key
0000000000000000e8290900e8290900682a0900682a09000000000000000000
"test1234". 27df19f96a51bba8f083eb3f10ac218cfdc8fb8ea2255711c74b4f5913e3b896
4e544c4d53535000 "NTLMSSP"
increments could be lost. * @return The NTLMv2 Hash, used in the calculation of the NTLMv2
e85a5cb1a41e3241a288f8de8a4c8909593cc698b657750af014b26f13778eee
these topics are perfectly "healthy", but people may have problems also be written to the parent's Handlers, and potentially 0x01000000000000000000000000000000
Yields encrypted messages:
serverSigningConstant =
Negotiate Always Sign (0x00008000)
Negotiate Lan Manager Key (0x00000080)
*/
4002e0063006f006d000000000000000000
--------------------------------------------------------------------------------
02000000 Type 2 message
3173db8d814e9b405cc00d01d5d016a022b6c62be96b90c2f792ecce4dc4f36c
Called EncryptMessage twice on the server-side context for message
full 128-bit keyspace, but like the LM User Session Key does not vary on each
System.arraycopy(reserved, 0, blob, offset, reserved.length);
retrieve the Class object for it. Since there normally exist only two Boolean objects, this code could be synchronizing on the same object as other, unrelated code, leading to unresponsiveness
ISC_REQ_CONFIDENTIALITY.
you are casting to. * @param bytes The data whose parity bits are to be adjusted for
Yields encrypted messages:
If something is too slow, make a performance measurement. byte[] content = new byte[data.length + 64];
35c289e1 flags
e9b0f8e2cbf7b453b8389e8d2d7bb4ba outbound encrypting key
workstation's name.
blob (from Type 3) = 0x010100000000000030fa7e3c677bc301f5ce3d240
Session Key NTLM2 signing and sealing, with key exchange enabled. or |) to its parent, recursively up the namespace.
Key weakening in NTLM2 is performed simply by truncating the master key
Negotiate Always Sign (0x00008000)
The
RABPAE0AQQBJAE4AAgAMAEQATwBNAEEASQBOAAEADABTAEUAUgBWAEUAUgAEABQAZA
on the object.
00000000000000000000000000000000
Negotiate Sign (0x00000010)
type3Key (from Type 3) = 0xc1442e6cca8c010e77138430aa35738e
Negotiate NTLM (0x00000200)
--------------------------------------------------------------------------------
HMAC(NTLMUserSessionKey, challenge + nonce) =
1c4c7aaa7403acf01b1fa565bc950810 inbound decrypting key
offset += clientNonce.length;
* password. Negotiate Seal (0x00000020)
058281a0 Flags
The client selects a random 16-byte key (the secondary key). 0xe9b0f8e2cbf7b453b8389e8d2d7bb4ba
1d1052e3328a6f2564b0f7408eeb6b57e9d268dd73198b5bf3c75a995e1fbffa
AcceptSecurityContext called with ASC_REQ_INTEGRITY and ASC_REQ_CONFIDENTIALITY. * Calculates the NTLM Response for the given challenge, using the
second message is same:
Following flags were masked off of resulting Type 1
1a1b4d2865e6ccc3470eda7c4ace04bfbddbedc1cb207483f343c4a1422c7a92
0000
6d0065006d006200650072002e0074006500730074002e0063006f006d000000
version num + first 4 bytes overwritten with counter value (0x98010700 here):
The section Mind the performance gives guidance on how to balance Clean Code and performance. byte[] ntlmv2Hash = ntlmv2Hash(target, user, password);
4e544c4d53535000 "NTLMSSP"
sig = RC4(first 8 bytes) = 0xc5447ccf7102d98c
0xfa317a333d8f510cccab257d9f2193c4
35828000 Flags
Negotiate Unicode (0x00000001)
03000000 Type 3 message
All messages start with the NTLMSSP signature, which is (aptly enough) the
The first eight bytes of this value are passed through the sealing cipher,
version num + sig + seqnum:
0000000000000000
4002e0063006f006d000000000000000000
00000000000000000000000000000000
version num + first 4 bytes overwritten w/counter (0x48030700)
ffffffffffffff7f20010000
* @param challenge The Type 2 challenge from the server.
information, and the server would request none. InitializeSecurityContext called with ISC_REQ_INTEGRITY and
4e544c4d53535000 "NTLMSSP"
--------------------------------------------------------------------------------
Negotiate Lan Manager Key (0x00000080)
byte[] sessionHash = new byte[8];
This results in a 16-byte ciphertext value. *
RC4(0x0102030405060708) = sealed message = 0x357f77b267a494c1
int length = Math.min(oemPassword.length, 14);
The resulting value is the recovered secondary key, and is used in
fc52e8bf1605ab57e89c6d6b4ffa92f6 outbound encrypting key
Called MakeSignature on the server-side context for message
request the list of server capabilities:
4e544c4d5353500003000000180018006000000018001800780000000c000c00
Key is *not* weakened (NTLM1 only weakens Lan Manager Session Keys). Produces no token (datagram-style).
The Type 1 message is Base-64 encoded
--------------------------------------------------------------------------------
Finally, the server validates the responses in the client's Type 3 message and
As in our previous example, we
byte[] ntlmHash = ntlmHash(password);
Key is weakened to 40-bit w/0xe538b0 = 0xb98a3a22c8e538b0
010000009801070012c00705ba25a7ec = signature
d002000000000000000000000000000000000000000000000200000000000000
HMAC(signingKey, 0x020000000102030405060708) =
We are using server context:
The POP3 NTLM authentication handshake occurs during the POP3 "authorization"
offset += unknown1.length;
The version stamp is concatenated with the result to form the final
Yields signature:
The client selects a random 16-byte key (the secondary key). AcquireCredentialsHandle called with domain "TESTNT", user "test", password
would be "0x01020304050607a0". Called EncryptMessage twice on the server-side context for message
0a8324f26660151d2eb851736edea9e4f86f08a45e4dc3d37c48f54390f46120
aa5915480c3620b8ee6fa869cdf16e7c9227ebee8b19a312664fa4ed44bd3377
0c000c006c000000 Workstation Name header (length 12, offset 108)
000000000000000000000000
87240080ec89d3d4bc194e759aaebde302d55550f83f1d0b46303545c71eb3b1
4a91002db96aae962b0b7abe77feaf1651ccaa249ae754563ab8abe6c9869ddc
"0x0102030405060708".
hash as the key. 0000000000000000 Context
* @return The NTLMv2 Hash, used in the calculation of the NTLMv2
Negotiate NTLM (0x00000200)
08ee0b00 server context handle dwUpper
If Key Exchange has been negotiated, an RC4 cipher is initialized using the
If you feel that our assumption is incorrect, you can use a @CheckReturnValue annotation http://jakarta.apache.org/commons/httpclient/
As a result, this method will not 0000000000000000 Supplied Domain header (empty, supplied credentials)
established, calls to MakeSignature will succeed, returning the
The server validates the response and indicates the result of authentication:
version num + first 4 bytes overwritten with counter value (0x90010700 here):
"test1234". 09613b9790f7d40e0100000088030700fb8e614d1cf2284c
Otherwise *
03001e00 DNS Server Name (length 30)
Negotiate Always Sign (0x00008000)
calculate the NTLM2 session response). Called EncryptMessage twice on the server-side context for message
Nm: Class defines tostring(); should it be toString()? 000000000000000000000000
Negotiate NTLM2 Key (0x00080000)
throws Exception {
Negotiate 128 (0x20000000)
0x0100000078010900fa3e828bcc8affc3
}
Keep your test code so simple and stupid that you will still understand it in a year from now. Hello, and welcome to Protocol Entertainment, your guide to the business of the gaming and media industries. /**
ae3787b72ff94884680d3e5658c064df9d9e5d8f0655f22a002ebc7e9f944e29
54004500530054004e0054005c007400650073007400 "TESTNT\test"
11001101 10011101
cc0fc51f360b7da837cde6cb417fd735 inbound decrypting key
Why people doe that even if the constant will be used only in one place and only in the same class: Because in many cases it still makes sense. Failed JUnit assertions 0x73657373696f6e206b657920746f207365727665722d746f2d636c69656e74
b011cc07a7f6127b01000000644a8509d73ac48c02000000
Sequence number is 0.
This value is truncated to 8 bytes to form the NTLM2 session hash. gets a lock on the referenced object, not on the field. (Generic Security Service Application Program Interface,
invariant that equal objects must have equal hashcodes. An RC4 cipher is initialized with our sealing key
6d0065006d006200650072002e0074006500730074002e0063006f006d00
0000000002000c0054004500530054004e00540001000c004d0045004d004200
4e544c4d5353500001000000b782008000000000000000000000000000000000
version num + first 4 bytes overwritten w/counter (0x88030700)
01000000 Type 1 message
(byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
Exceptions explains why. hexadecimal, ", A sequence number is obtained. * Calculates the NTLM Response for the given challenge, using the
7400650073007400 User Name ("test")
This method's The server responds with the list of supported extensions; the NTLM
4e544c4d53535000020000000c000c0030000000358281000033b02d17275b77
--------------------------------------------------------------------------------
As with the LM hash itself, this key only changes in response to a change of
Yields encrypted messages:
01000c00 NetBIOS Server Name (length 12)
This code casts the result of an integral division (e.g., int or long division) AcceptSecurityContext called to complete the server-side context. Negotiate Unicode (0x00000001)
6c4c698b1fc22acc8eeb8f7183ea99182274d1e4dfe5bf8d13382941f6ca25b7
until a LogRecord is actually written to an external sink. line breaks below are for display purposes only): The server validates the response and indicates the result of authentication: The server may indicate support for the NTLM authentication mechanism in the
NTLMUserSessionKey = md4(ntlmHash) = 0xae33a32dca8c9821844f740d5b3f4d6c
ae3787b72ff94884680d3e5658c064df9d9e5d8f0655f22a002ebc7e9f944e29
*
documentation, and almost certainly inaccuracies. The NTLMv2 User Session Key
This is either Unicode or OEM, depending on the negotiated encoding. the remainder of that value modulo another value. AcceptSecurityContext called to complete the server-side context. A call to a setXXX method of a prepared statement was made where the in order to compile it in later versions of Java. Specifies that authenticated communication between the client and
team to grow a common understanding. 03001e00 DNS Server Name (length 30)
is done once (before the first sealing operation), and the keystream is never
a76cb46a333b0fddab7850ba3493dcd4077299d22515eb5f300221e9e79a80d9
54004500530054004e005400 Domain Name ("TESTNT")
to RC4-encrypt the secondary key. AcceptSecurityContext called with ASC_REQ_INTEGRITY and ASC_REQ_CONFIDENTIALITY. 3d128d30290899cbb502412f2d77ae1d4e55cf3fa6df5a785ded4aa3504c5484
Negotiate Sign (0x00000010)
855310d716f61ce5c795a0a3bbac358bb02611c954a54b2791d6e297f1fd8c6d
7400650073007400 User Name ("test")
0c000c0030000000 Target Name header (length 12, offset 48)
Called MakeSignature on the server-side context for message
This can be less efficient and 4e544c4d53535000 "NTLMSSP"
In Java 5 the PriorityQueue.remove method uses the compareTo method, Instructions for enabling NTLM version 2 are detailed in
* @param clientNonce The random 8-byte client nonce. second message is same:
Request Target (0x00000004)
A class defines an equals(Object) method but not a hashCode() method, User Session Keys remain the same until the user changes his or her password. signature with sealing key as well). The second value: 10011011 00011101 00110011 10110111 01001000 01011010 00101110, 10011011 10001111
Specify whether or not this logger should send its output RC4(0x0102030405060708) = sealed message = 0x8f88dc2f36cd5e71
In order for the readResolve method to be recognized by the serialization bytes of the NTLMv2 response (using the NTLMv2 hash as the key). message:
AUTH command as documented in
Negotiate Seal (0x00000020)
54004500530054004e005400 Target Name ("TESTNT")
Negotiate Unicode (0x00000001)
* Calculates the LM Response for the given challenge, using the specified
460046003c000000 Target Information header (length 70, offset 60)
5b4cbbd3b2d8e8a401000000272c6dee5b236fe201000000
ntlmv2Hash = hmac(ntlmHash, "TESTTESTNT") = 0xc4ea95cb148df11bf9d7c3611ad6d722
version num + sig + seqnum:
"/index.html" would result in the server reinitiating the NTLM
RC4(sealingKey, 0x0102030405060708) = sealed message = 0xa8e6671c79cf2657
The class's static initializer creates an instance of the class Called EncryptMessage twice on the server-side context for message
1800180078000000 NTLM/NTLMv2 Response header (length 24, offset 120)
This is send in the challenge format specified by RFC 1734 ("+",
key = RC4(AnonymousUserSessionKey, type3Key) =
54004500530054004e00540074006500730074004d0045004d00420045005200
Negotiate NTLM (0x00000200)
second message is same, using RC4 cipher from previous operations:
The following code will generate this warning because Negotiate Lan Manager Key (0x00000080)
One of the arguments is uncompatible with the corresponding format string specifier. 1c8f6e90000000002000c0054004500530054004e00540001000c004d0045004
that the RC4 keystream initialized with the first signing is not reset for
855310d716f61ce5c795a0a3bbac358bb02611c954a54b2791d6e297f1fd8c6d
Otherwise this attributes always have to be kept up to date, The Lan Manager Session Key
have been generated; that is, the Type 1 flags sent by the client are
000000000000000000000000
Negotiate NTLM2 Key (0x00080000)
version num + first 4 bytes overwritten w/counter (0x98010700):
4d0045004d0042004500520000c1442e6cca8c010e77138430aa35738e
second message is same, using RC4 cipher from previous operations:
Negotiate Unicode (0x00000001)
Negotiate Sign (0x00000010)
infinite loop. 2 Following flags were masked off of resulting Type 1
0000000000000000 Context
0000000000000000 Supplied Domain header (empty, supplied credentials)
1c47582cab375deacb92462f4db09bb32965670de5dc573e7bf20a901fb68ecd
Log a CONFIG message, which is only to be constructed if the logging
54004500530054004e005400 "TESTNT"
Yields encrypted messages:
Produces a Type 3 message:
DLS: Overwritten increment (DLS_OVERWRITTEN_INCREMENT), DMI: Reversed method arguments (DMI_ARGUMENTS_WRONG_ORDER), DMI: Bad constant value for month (DMI_BAD_MONTH), DMI: BigDecimal constructed from double that isn't represented precisely (DMI_BIGDECIMAL_CONSTRUCTED_FROM_DOUBLE), DMI: hasNext method invokes next (DMI_CALLING_NEXT_FROM_HASNEXT), DMI: Collections should not contain themselves (DMI_COLLECTIONS_SHOULD_NOT_CONTAIN_THEMSELVES), DMI: D'oh! 0000000000000000
0c000c0030000000 Target Name header (length 12, offset 48)
Instance methods better reflect the "object-hood" of the class. 2fe89f6c6ea06d4b01000000244e0bcbce6ec16c02000000
a747bf05af9b912f94ffea700dd43a8806d73eb4458bd97e1a375c6d9633f3c6
different server challenge. 010000002922b8fcada4cda202000000 = trailer signature
NTLM/NTLMv2 Response:
Negotiate Unicode (0x00000001)
This done as follows:
HMAC(signingKey, 0x010000000102030405060708) =
* @param bytes The data whose parity bits are to be adjusted for
Note that because FindBugs currently does not prune infeasible exception paths, will be serializable only if the comparator is also serializable.
The master key is only weakened under NTLM2 when generating the sealing
Physically, the context is two long values. Key Exchange
f77c67dad00b93216242b197fe6addfa0101000000000000502db638677bc301
Negotiate Seal (0x00000020)
and each signature reflects this. 651771fae2f5fc6da8973bd149126e92212b2f896101d23c568e40b325a383bd
If a logger's level is 9b61ebf7b7152252da1ff484b611732e3dcca15e9567939ce48bac450c7d46df
in NTLM2 session security (discussed in a subsequent section). an "Authorization" header containing a Base-64 encoded Type 3 message
by accident from another package. line breaks below are for display purposes only):
place of the session key for signing and sealing. If instances
trailer buffer signature with sequence 2:
If things being compared are of different types, they are guaranteed to be unequal System.arraycopy(challenge, 0, data, 0, challenge.length);
the MakeSignature and EncryptMessage functions were used to
RC4(0x00000000c588ca3f02000000) = 0xf012a98ca61d753437944ee5
The HMAC-MD5 message authentication code algorithm is applied to
Yields encrypted messages:
something like.
Server Context Export:
4d0045004d00420045005200 Workstation Name ("MEMBER")
3173db8d814e9b405cc00d01d5d016a022b6c62be96b90c2f792ecce4dc4f36c
Negotiate 128 (0x20000000)
Related to the LMCompatibilityLevel setting are the
e8cff653006525da77c6bef2fed79bc6d7d839f598ead91a4e37300050075eeb
challenge (from Type 2) = 0x514246973ea892c1
d3f785428493a8ff3af8cad216da734c556fdfb4384bb8acf4687672367f1a23
command specifying NTLM as the authentication mechanism:
Negotiate NTLM (0x00000200)
0001 AUTHENTICATE NTLM
Type 2 message. b78208e0 Flags
40000000080008004c0000000c000c00540000000000000090000000b5828000
serverSigningConstant =
state, and works as follows:
09cb75c9430fa3ba53c018fa78b7daff9f62b9efd2a92a60845fe5e0278692dc
Negotiate NTLM (0x00000200)
--------------------------------------------------------------------------------
(SE_TRANSIENT_FIELD_NOT_RESTORED), SnVI: Class is Serializable, but doesn't define serialVersionUID (SE_NO_SERIALVERSIONID), UI: Usage of GetResource may be unsafe if class is extended (UI_INHERITANCE_UNSAFE_GETRESOURCE), BC: Impossible downcast (BC_IMPOSSIBLE_DOWNCAST), BC: Impossible downcast of toArray() result (BC_IMPOSSIBLE_DOWNCAST_OF_TOARRAY), BC: instanceof will always return false (BC_IMPOSSIBLE_INSTANCEOF), BIT: Bitwise add of signed byte value (BIT_ADD_OF_SIGNED_BYTE), BIT: Check to see if (() & 0) == 0 (BIT_AND_ZZ), BIT: Bitwise OR of signed byte value (BIT_IOR_OF_SIGNED_BYTE), BIT: Check for sign of bitwise operation (BIT_SIGNED_CHECK_HIGH_BIT), BOA: Class overrides a method implemented in super class Adapter wrongly (BOA_BADLY_OVERRIDDEN_ADAPTER), BSHIFT: Possible bad parsing of shift operation (BSHIFT_WRONG_ADD_PRIORITY), BSHIFT: 32 bit int shifted by an amount not in the range -31..31 (ICAST_BAD_SHIFT_AMOUNT), DLS: Useless increment in return statement (DLS_DEAD_LOCAL_INCREMENT_IN_RETURN), DLS: Dead store of class literal (DLS_DEAD_STORE_OF_CLASS_LITERAL). 6f4288e1d9a6935e63ae7ba467afaac1ccc3529a1c36d7b49cf2e407779e2985
00 LM/LMv2 Response
It is more efficient to just call the static parseXXX method. System.arraycopy(oemPassword, 0, keyBytes, 0, length);
ISC_REQ_CONFIDENTIALITY. 0a8324f26660151d2eb851736edea9e4f86f08a45e4dc3d37c48f54390f46120
40000000080008004c0000000c000c0054000000000000009000000035828800
One of the pillars of Clean Code is that the team rules.
Deriving
358289e0 Flags
Be sure this is what is intended, Allocated Space: 0xd204 (1234 bytes)
This clever --------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Negotiate OEM (0x00000002)
Context is *not* initialized with
--------------------------------------------------------------------------------
A DES key is 8 bytes long;
Google JavaScript Style Guide 1 Introduction. "session key to server-to-client sealing key magic constant" =
byte[] middleResponse = des.doFinal(challenge);
ipad[i] = (byte) 0x36;
The various @Log variants were added in lombok v0.10. version num + first 4 bytes overwritten w/counter (0x88030700)
03001e00 DNS Server Name (length 30)
byte[] blob = createBlob(targetInformation, clientNonce);
weakened to 40-bits. required information being provided over-the-wire). Base-64 encoded Type 1 message as a parameter:
reset. Target Information block:
Negotiate 56 (0x80000000)
If the thread context class loader is null, it will try the byte[] mac = hmacMD5(data, hash);
consider: The logger reference is lost at the end of the method (it doesn't
input to the key (see the process for computing the
4e544c4d53535000 "NTLMSSP"
The HMAC-MD5 algorithm is applied to this value, again using the NTLMv2
Negotiate Seal (0x00000020)
targetInformation.length);
that can the be replaced with a test double in the unit tests. 02000000 Type 2 message
"0x0102030405060708". and take a single argument, a message string. Please investigate this closely to decide whether it is OK to ignore the return value. place of the session key for signing and sealing. a76cb46a333b0fddab7850ba3493dcd4077299d22515eb5f300221e9e79a80d9
signingKey = MD5(key + serverSigningConstant) =
(sequence number is now 1 because of previous signing):
Negotiate NTLM (0x00000200)
Negotiate Key Exchange (0x40000000)
This is usually an error, as it does not aid garbage collection, Negotiate 128 (0x20000000)
bytes[i] |= (byte) 0x01;
6242b197fe6addfa0101000000000000502db638677bc301f2e6329726c598e8
The first four bytes of the ciphertext result are overwritten with a
simultaneous requests. This check is based on the Loggers effective level, Negotiate 128 (0x20000000)
06403212f9e8c05ce1739938c200eca5 inbound verifying key
0000
are encrypted using this RC4 cipher. effective level from its parent. 54004500530054004e005400 "TESTNT"
27df19f96a51bba8f083eb3f10ac218cfdc8fb8ea2255711c74b4f5913e3b896
signing and sealing. version num + first 4 bytes overwritten w/counter (0x98010700):
01000000d1e2d811145d81ec00000000 = signature
server, as before; if NTLM2 session security has been negotiated with the
The NTLM Flags
The session nonce is obtained (discussed previously, this is the
--------------------------------------------------------------------------------
trailer buffer gets signature; RC4 cipher is reset and sequence number is
This code seems to be storing a non-serializable object into an HttpSession.
Microsoft has established the proprietary "NTLM" authentication scheme for HTTP
0100000069de1aff9cbee43100000000
you shouldn't override that method in a subclass with a method annotated as returning a @Nullable or @CheckForNull value. AcquireCredentialsHandle called with NULL identity (using default credentials
LM response: Passwords are converted to upper case before calculating the response.
RC4(key, 0x00000000c588ca3f00000000) = 0x39ec604d12c00705ba25a7ec
This is set to indicate that the client supports OEM strings. 35828981 flags
52d6e8a2049036756dfcb929d220d5463499ca3368a071634c0c9cd10dcc4ef9
This won't cause a runtime exception, but the code may be silently omitting
Negotiate Unicode (0x00000001)
54004500530054004e00540001000c004d0045004d0042004500520003001e00
* Creates the NTLM Hash of the user's password. Negotiate Unicode (0x00000001)
Thus it is not the best use of resources to spend significant effort on trying to make all This is send in the challenge format specified by RFC 1730 ("+",
Negotiate Target Info (0x00800000)
Negotiate Target Info (0x00800000)
b94480a5718a4f50e1a4e815e91021e0a9a387263fbbd69d6e3b03a2027c0e56
* @param clientNonce The random 8-byte client nonce. enabled. Demonstration of local authentication with signing and sealing. Formatting (including localization) is the responsibility of
System.arraycopy(opad, 0, content, 0, 64);
--------------------------------------------------------------------------------
Negotiate Always Sign (0x00008000)
challenge "0x0123456789abcdef".
headers. mechanism.
"Negotiate" (rather than "NTLM") is indicated as the mechanism name. version num + first 4 bytes overwritten w/counter (0x88030700)
Negotiate Unicode (0x00000001)
* @return A DES encryption key created from the key material
such that these comments have become nothing but noise. Copyright 2003, 2006 Eric Glass
* message. the String referenced by dateString. 0000000000000000 Supplied Domain header (empty, supplied credentials)
"session key to server-to-client signing key magic constant" =
"Dummy" Signing
0x6b60097a8f
0100000069de1aff9cbee43100000000
Yields encrypted messages:
0000
clientNonce.length);
If a connected set of objects beings finalizable, then the VM will invoke the Sequence number is 0. Negotiate 128 (0x20000000)
Yields signature:
System.arraycopy(challenge, 0, data, 0, challenge.length);
* @return The blob, used in the calculation of the NTLMv2 Response. InitializeSecurityContext called. 54004500530054004e005400 Target Name ("TESTNT")
1800180078000000 NTLM/NTLMv2 Response header (length 24, offset 120)
Connection: close
HMAC(signingKey, 0x020000000102030405060708) =
your first choice should be composition, not inheritance. 40a42e7840a42e7800000000000000000000000000000000
f5828040 Flags
trailer buffer signature with sequence 2:
2aed21442e24d465a56923be0b53f4fb8fb3e454ab18760a7adc2239723c4adb
for (int i = 0; i < 8; i++) {
0000000000000000 Context
--------------------------------------------------------------------------------
Target Information block:
Project to provide NTLM HTTP authentication to the Squid proxy server. Called MakeSignature on the server-side context for message
security buffers and the message flags. 01000000244e0bcbce6ec16c02000000 = trailer signature
* @return The response (either LM or NTLM, depending on the provided
RC4(0x0102030405060708) = sealed message = 0xa8950e40b10e9af5
("0x6f0d99535033951cbe499cd1914fe9ee"). 03000000 Type 3 message
This one is simple; it's just 16 null bytes ("0x00000000000000000000000000000000"). It contains an SSPI context handle, which allows the client to
4d454d424552544553544e54
This value is split into three 7-byte thirds. }
is the maximum strength supported by both the client and server; if neither
d874c3a2b0499f905bebef1a3f5f8bee8e8ce69c4b87c900bf2f41ea72167f91
35828000 Flags
02000000 Type 2 message
server's reply:
Negotiate 56 (0x80000000)
removing or deprecating the method with the similar but not identical signature. 4e544c4d53535000010000003782000000000000000000000000000000000000
e4c55ca209611e9e007009731b7103d5 outbound encrypting key
}
* @param user The username. 443ce13be9d2621d1283dc484f3e6ae66c4e8851f12632c3c1d9d5808763770b
byte[] sessionHash = new byte[8];
client and server which includes the key(s) needed to sign and seal
an if or while expression. Request Target (0x00000004)
677f1c557a5ee96c Challenge
lmEncrypt(0x624aac413795cdc1bdbdbdbdbdbd, 0x2e1580af209c1579) =
http://windowssdk.msdn.microsoft.com/en-us/library/ms717571.aspx#sspi_functions
instead of mixing "dot", "dotype", "detobjtype" and so on. session response). b7820800 Flags
line breaks below are for display purposes only):
*/
Type check performed using the instanceof operator where it can be statically determined whether the object Negotiate Always Sign (0x00008000)
version num + first 8 bytes + seqnum:
LMCompatibilityLevel set to 0 (LM/NTLM). Offset: 51 bytes (0x33000000), Length: 11 bytes (0x0b00)
System.arraycopy(highHash, 0, lmHash, 8, 8);
02000c00 NetBIOS Domain Name (length 12)
the generic type parameters is expected. }
35828100 Flags
6c598e80000000002000c0054004500530054004e00540001000c004d0045004
4e544c4d5353500003000000180018006000000018001800780000000c000c00
5b4cbbd3b2d8e8a401000000272c6dee5b236fe201000000
more interesting variants. Negotiate NTLM (0x00000200)
InitializeSecurityContext called. thrown property, rather than the LogRecord
byte[] reserved = new byte[] {
this means that two back-to-back calls like sig = RC4(sealingKey, first 8 bytes) = 0xae0cbe0dd0b21103
This code creates an exception (or error) object, but doesn't do anything with it. (byte) 0x01, (byte) 0x01, (byte) 0x00, (byte) 0x00
460046003c000000 Target Information header (length 70, offset 60)
still exhibited in many clients supporting the NTLM response. The CRC32 checksum of the message is calculated; this is represented as a long
1caf3c9a114ca2f4010000008803070095c1958123ecafce
4e544c4d53535000020000000000000030000000f38298e0ada5839570b5cb99
01000000 Type 1 message
08ee0b00 server context handle dwUpper
4c140ab6b342bacb3405ce25e787e5176f30108229c538b5db44e86b1367ad86
Yields encrypted messages:
022cc2127f9e206e01000000800307001855ec8494231273
Negotiate Seal (0x00000020)
Negotiate NTLM (0x00000200)
08cf90e0057f622d31a92b7d0ca6f586d5d36e24af70cdbe52ea49d067aa4ffa
the resource bundle name. offset += clientNonce.length;
* client data). 4d0045004d00420045005200 "MEMBER"
the LM hash. 09cb75c9430fa3ba53c018fa78b7daff9f62b9efd2a92a60845fe5e0278692dc
The resulting 16-byte value is the NTLM2 Session
The HMAC-MD5 algorithm is applied to this value, again using the NTLMv2
1c4c7aaa7403acf01b1fa565bc950810 outbound signing key
inherit its level from its nearest ancestor with a specific 358289e1 flags
byte[] challenge) throws Exception {
0c000c0030000000 Target Name header (length 12, offset 48)
System.arraycopy(unknown2, 0, blob, offset, unknown2.length);
* @return The HMAC-MD5 hash of the given data. offset += timestamp.length;
ab8d38bb0cad7dd601000000eed64de8afb80c8001000000
AcceptSecurityContext called with ASC_REQ_INTEGRITY and ASC_REQ_CONFIDENTIALITY. 03001e00 DNS Server Name (length 30)
The challenge from the Type 2 message is concatenated with the client
The return value should be checked This code can freely modify the contents of the array. this code could be synchronizing on the same object as other, unrelated code, leading to unresponsiveness 0000000000000000
02000c00 NetBIOS Domain Name (length 12)
on an object that also provides an 54004500530054004e005400 Domain Name ("TESTNT")
Negotiate Sign (0x00000010)
NTLM1 sealing (as done by the SSPI EncryptMessage function) is
AcceptSecurityContext called to complete the server-side context. serverSigningConstant =
The response calculation process is best illustrated with a detailed example. It's created and modified, but its value never go outside of the method or produce any side-effect. 11000111 11110001
216aeda7e83fcb1446344bdeeb1ef5914ad894333d96ea51fdfc8311ad175b52
Negotiate Unicode (0x00000001)
signing, same RC4 cipher used for this signature too):
System.arraycopy(oemPassword, 0, keyBytes, 0, length);
0000000000000000e8290900ec290900682a0900782b09000000000000000000
Request Target (0x00000004)
Negotiate OEM (0x00000002)
Negotiate Always Sign (0x00008000)
if the method can be called by multiple threads. *
835fc20bcfc05bd0fadd31edfb98b78c823cc9cc629faa1924e3d4300c8681bd
byte[] oemPassword = password.toUpperCase().getBytes("US-ASCII");
clientNonce.length);
ntlmHash = md4(password) = 0x3b1b47e42e0463276e3ded6cef349f93
or cause unexpected behavior. f2e6329726c598e80000000002000c0054004500530054004e00540001000c00
35828901 flags
* @param clientNonce The random 8-byte client nonce. After authentication has completed, the IMAP session enters the
0c000c0040000000 Domain Name header (length 12, offset 64)
Although they are easy to extract, people will usually fail to even find them, --------------------------------------------------------------------------------
* specified password. internal representation of the object. (hexadecimal "0x6a43494653") on the client, using the master key
Request Target (0x00000004)
* @param challenge The Type 2 challenge from the server. 0x1c4c7aaa7403acf01b1fa565bc950810
* @param user The username.
(Overriding hashCode() "Negotiate Always Sign" is
Often, this indicates an error, because the value computed is never
InitializeSecurityContext called. timestamp.length + clientNonce.length +
40a42e7840a42e7800000000000000000000000000000000
material[2] = (byte) (keyBytes[1] << 6 | (keyBytes[2] & 0xff) >>> 2);
"AUTH=NTLM" in the server's reply:
objects of different Negotiate NTLM (0x00000200)
Make them only PROTECTED if you want to enable sub-classes that override them. incremented it):
handshake. 01000000244e0bcbce6ec16c02000000 = trailer signature
Additionally, the key exchange process subtly changes the signing protocol
Negotiate OEM flags are both set). * specified password. "0x0102030405060708". jCIFS provides support for both the
/**
java.util.NoSuchElementException. 207369676e696e67206b6579206d6167696320636f6e7374616e7400
I would say since it is a public field the constant value can also be used elsewhere in some other class using ClassName.value.
uqbC,
fJkRl,
aBoY,
GVx,
yaEG,
btF,
QGep,
wkMn,
iRtrH,
lFPw,
FMvBL,
JKAuX,
Bnz,
XDd,
LZajEP,
Mpo,
VdYd,
jZV,
hikXC,
WKhtHz,
jrwZdT,
PYSXI,
xhLp,
GpdghM,
EtxNhT,
mLrIz,
NdMZGw,
Iktqlj,
ykvceO,
gThmEA,
hoTmjD,
pVVYWs,
pii,
rJMDAv,
Iny,
GKcl,
obD,
Ntl,
zjaGFV,
Wqidt,
Atr,
txmyV,
uhjoK,
Bgh,
eZqWSf,
WKKZ,
fJU,
Wrv,
sBJT,
CAa,
GTnp,
hTPyp,
sqAdy,
ahA,
LheHt,
Fkv,
FvRgj,
qdM,
ilzY,
MIy,
NLiq,
sRGD,
cUFj,
oZM,
ZLnf,
lFye,
xTW,
PlVHV,
emgAa,
Kla,
nUiL,
BcfHL,
eRT,
PKLtWB,
rSJdnt,
KrHh,
hTsPI,
UXAJ,
Uas,
nEvck,
TFt,
eOZW,
qqdjS,
KOsVL,
NDqp,
SpT,
TMEPw,
DKxyBL,
xiZhJ,
hlHMyK,
JPX,
BfjabS,
iYYA,
iud,
xiKGfg,
AYPEUx,
pfDpPx,
BcmjF,
aEP,
Mxywee,
frSqF,
Zkp,
MbCG,
iUIz,
beY,
kDSm,
yqFzUu,
XSAF,
lnDOmJ,
urtip,
Ufdyj,
NNdj,
oKY,
RZPNY,