From 331d9abbabfecc66e927c8f6d5c045bb2f8e0cfb Mon Sep 17 00:00:00 2001 From: Michael Grafnetter Date: Mon, 6 Aug 2018 23:56:22 +0200 Subject: [PATCH] Fixed NTLM hash input validation --- .../ManagedPasswordTester.cs | 7 ------- Src/DSInternals.Common/Interop/NativeMethods.cs | 13 +++++++++++-- 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/Src/DSInternals.Common.Test/ManagedPasswordTester.cs b/Src/DSInternals.Common.Test/ManagedPasswordTester.cs index b243995..652a0d4 100644 --- a/Src/DSInternals.Common.Test/ManagedPasswordTester.cs +++ b/Src/DSInternals.Common.Test/ManagedPasswordTester.cs @@ -20,12 +20,5 @@ namespace DSInternals.Common.Test string actualHash = NTHash.ComputeHash(pwd.CurrentPassword.ToSecureString()).ToHex(false); Assert.AreEqual(expectedHash, actualHash); } - - [TestMethod] - public void ManagedPassword_Vector2() - { - // Test PreviousPassword - throw new AssertInconclusiveException(); - } } } diff --git a/Src/DSInternals.Common/Interop/NativeMethods.cs b/Src/DSInternals.Common/Interop/NativeMethods.cs index ad821dc..1a98a07 100644 --- a/Src/DSInternals.Common/Interop/NativeMethods.cs +++ b/Src/DSInternals.Common/Interop/NativeMethods.cs @@ -14,7 +14,7 @@ namespace DSInternals.Common.Interop internal const int LMHashNumBits = 128; internal const int LMHashNumBytes = NTHashNumBits / 8; internal const int LMPasswordMaxChars = 14; - internal const int NTPasswordMaxChars = 127; + internal const int NTPasswordMaxChars = 128; private const int MaxRegistryKeyClassSize = 256; private const string Advapi = "advapi32.dll"; @@ -197,7 +197,16 @@ namespace DSInternals.Common.Interop } [DllImport(CryptDll, CharSet = CharSet.Auto, SetLastError = true)] - internal static extern NtStatus CDLocateCSystem(KerberosKeyType type, out KerberosCryptoSystem cryptoSystem); + private static extern NtStatus CDLocateCSystem(KerberosKeyType type, out IntPtr cryptoSystem); + + internal static NtStatus CDLocateCSystem(KerberosKeyType type, out KerberosCryptoSystem cryptoSystem) + { + IntPtr cryptoSystemPtr; + NtStatus status = CDLocateCSystem(type, out cryptoSystemPtr); + + cryptoSystem = (status == NtStatus.Success) ? (KerberosCryptoSystem)Marshal.PtrToStructure(cryptoSystemPtr, typeof(KerberosCryptoSystem)) : null; + return status; + } /// /// Creates a subkey under HKEY_USERS or HKEY_LOCAL_MACHINE and loads the data from the specified registry hive into that subkey.