Create NTLM Challenge_Message - How to get AV_PAIR values?

Question

I am currently trying to write a function to create a NTLM Challenge Message in python3.

Are there any modules/ functions which would help me to get the values to create the AV_PAIRs? I am not quite sure when to use which functions to get the right values and I also want to avoid the option via input string parameters.

 - MsvAvNbComputerName  (socket.gethostname())
 - MsvAvNbDomainName    
 - MsvAvDnsComputerName (socket.getfqdn())
 - MsvAvDnsDomainName
 - MsvAvDnsTreeName  
 - MsvAvFlags  
 - MsvAvTimestamp  
 - MsAvRestrictions 

NTLM AV_PAIR definition: http://msdn.microsoft.com/en-us/library/cc236646.aspx

Background: I want to write an NTLM authentication for Flask within Windows ActiveDirectory environment.

Answer 1

I'm not aware of any python modules that implement NTLM.

But I think this type of authenticated transaction is much more involved than what you're focusing on here. The link you referenced actually contains much more details if you change your starting point from AV_PAIRS structure to the Introduction instead: http://msdn.microsoft.com/en-us/library/cc236622.aspx

That said, in order to tackle this correctly, you must first learn about the struct module, because you'll need to use it to create the NTLM message headers. At the same time, also learn about bit shifting and network-byte-order/host-byte-order, because you're going to need that as well.

A simple protocol to practice on would be ICMP. Learn how to read and write that header first, using struct and the others I mentioned. When you're more comfortable, then try and tackle creating and reading NTLM messages.

Hope this helps.