我很难理解如何在NTLM消息上正确读取和构造我的NegotiateFlags参数。在official protocol specification我根本无法理解那张桌子。我认为它代表一个32位,因为NegotiateFlags是4个字节,但是这些字母是什么意思?怎么设置?
在Google上搜索我发现了另一个例子,这对我来说更有意义:
0x00000001 Negotiate Unicode
0x00000002 Negotiate OEM
0x00000004 Request Target
0x00000008 unknown
0x00000010 Negotiate Sign
0x00000020 Negotiate Seal
0x00000040 Negotiate Datagram Style
0x00000080 Negotiate Lan Manager Key
0x00000100 Negotiate Netware
0x00000200 Negotiate NTLM
0x00000400 unknown
0x00000800 Negotiate Anonymous
0x00001000 Negotiate Domain Supplied
0x00002000 Negotiate Workstation Supplied
0x00004000 Negotiate Local Call *//Sent by the server*
0x00008000 Negotiate Always Sign
0x00010000 Target Type Domain *//Sent by the server in the Type 2 message*
0x00020000 Target Type Server *//Sent by the server in the Type 2 message*
0x00040000 Target Type Share *//Sent by the server in the Type 2 message*
0x00080000 Negotiate NTLM2 Key
0x00100000 Request Init Response
0x00200000 Request Accept Response
0x00400000 Request Non-NT Session Key
0x00800000 Negotiate Target Info
0x01000000 unknown
0x02000000 unknown
0x04000000 unknown
0x08000000 unknown
0x10000000 unknown
0x20000000 Negotiate 128
0x40000000 Negotiate Key Exchange
0x80000000 Negotiate 56
但是看FreeRDP example NegotiateFlags是:
b7 82 08 e2
在小端读书我有:
e2 08 = 57864
82 b7 = 33463
值之和= 91327
我无法通过上面显示的示例表获得此值的总和...我应该如何计算? (我接受的解释让我理解微软的官方表格,当然)
答案 0 :(得分:0)
您的字节序转换错误。
应该是E20882B7
0x是十六进制的标准表示法。
第一个数字是,所以 0x00000001协商Unicode + 0x00000002协商OEM + 0x00000004请求目标
第二位是B,所以 0x00000010协商签名+ 0x00000020协商印章+ 0x00000080协商Lan Manager密钥
等等。