rubyntlm 0.5.3 → 0.6.0

data/spec/lib/net/ntlm/message/type2_spec.rb

@@ -1,132 +1,132 @@
-# encoding: UTF-8
-require 'spec_helper'
-
-describe Net::NTLM::Message::Type2 do
-
-  fields = [
-      { :name => :sign, :class => Net::NTLM::String, :value => Net::NTLM::SSP_SIGN, :active => true },
-      { :name => :type, :class => Net::NTLM::Int32LE, :value => 2, :active => true },
-      { :name => :challenge, :class => Net::NTLM::Int64LE, :value => 0, :active => true },
-      { :name => :context, :class => Net::NTLM::Int64LE, :value => 0, :active => false },
-      { :name => :flag, :class => Net::NTLM::Int32LE, :value =>  Net::NTLM::DEFAULT_FLAGS[:TYPE2], :active => true },
-      { :name => :target_name, :class => Net::NTLM::SecurityBuffer, :value => '', :active => true },
-      { :name => :target_info, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => false },
-      { :name => :os_version, :class => Net::NTLM::String, :value => '', :active => false },
-  ]
-  flags = [
-      :UNICODE
-  ]
-  it_behaves_like 'a fieldset', fields
-  it_behaves_like 'a message', flags
-
-  let(:type2_packet) {"TlRMTVNTUAACAAAAHAAcADgAAAAFgooCJ+UA1//+ZM4AAAAAAAAAAJAAkABUAAAABgGxHQAAAA9WAEEARwBSAEEATgBUAC0AMgAwADAAOABSADIAAgAcAFYAQQBHAFIAQQBOAFQALQAyADAAMAA4AFIAMgABABwAVgBBAEcAUgBBAE4AVAAtADIAMAAwADgAUgAyAAQAHAB2AGEAZwByAGEAbgB0AC0AMgAwADAAOABSADIAAwAcAHYAYQBnAHIAYQBuAHQALQAyADAAMAA4AFIAMgAHAAgAZBMdFHQnzgEAAAAA"}
-  let(:type3_packet) {"TlRMTVNTUAADAAAAGAAYAEQAAADAAMAAXAAAAAAAAAAcAQAADgAOABwBAAAUABQAKgEAAAAAAAA+AQAABYKKAgAAAADVS27TfQGmWxSSbXmolTUQyxJmD8ISQuBKKHFKC8GksUZISYc8Ps9RAQEAAAAAAAAANasTdCfOAcsSZg/CEkLgAAAAAAIAHABWAEEARwBSAEEATgBUAC0AMgAwADAAOABSADIAAQAcAFYAQQBHAFIAQQBOAFQALQAyADAAMAA4AFIAMgAEABwAdgBhAGcAcgBhAG4AdAAtADIAMAAwADgAUgAyAAMAHAB2AGEAZwByAGEAbgB0AC0AMgAwADAAOABSADIABwAIAGQTHRR0J84BAAAAAAAAAAB2AGEAZwByAGEAbgB0AGsAbwBiAGUALgBsAG8AYwBhAGwA"}
-
-  it 'should deserialize' do
-    t2 =  Net::NTLM::Message.decode64(type2_packet)
-    expect(t2.class).to eq(Net::NTLM::Message::Type2)
-    expect(t2.challenge).to eq(14872292244261496103)
-    expect(t2.context).to eq(0)
-    expect(t2.flag).to eq(42631685)
-    expect(t2.os_version).to eq(['0601b11d0000000f'].pack('H*'))
-    expect(t2.sign).to eq("NTLMSSP\0")
-
-    t2_target_info = Net::NTLM::EncodeUtil.decode_utf16le(t2.target_info)
-    if RUBY_VERSION == "1.8.7"
-      expect(t2_target_info).to eq("\x02\x1CVAGRANT-2008R2\x01\x1CVAGRANT-2008R2\x04\x1Cvagrant-2008R2\x03\x1Cvagrant-2008R2\a\b\e$(D+&\e(B\0\0")
-    else
-      expect(t2_target_info).to eq("\u0002\u001CVAGRANT-2008R2\u0001\u001CVAGRANT-2008R2\u0004\u001Cvagrant-2008R2\u0003\u001Cvagrant-2008R2\a\b፤ᐝ❴ǎ\0\0")
-    end
-
-    expect(Net::NTLM::EncodeUtil.decode_utf16le(t2.target_name)).to eq("VAGRANT-2008R2")
-    expect(t2.type).to eq(2)
-  end
-
-  it 'should serialize' do
-    source = Net::NTLM::Message.decode64(type2_packet)
-
-    t2 =  Net::NTLM::Message::Type2.new
-    t2.challenge = source.challenge
-    t2.context = source.context
-    t2.flag = source.flag
-    t2.os_version = source.os_version
-    t2.sign = source.sign
-    t2.target_info = source.target_info
-    t2.target_name = source.target_name
-    t2.type = source.type
-    t2.enable(:context)
-    t2.enable(:target_info)
-    t2.enable(:os_version)
-
-    expect(t2.encode64).to eq(type2_packet)
-  end
-
-  it 'should generate a type 3 response' do
-    t2 = Net::NTLM::Message.decode64(type2_packet)
-
-    type3_known = Net::NTLM::Message.decode64(type3_packet)
-    type3_known.flag = 0x028a8205
-    type3_known.enable(:session_key)
-    type3_known.enable(:flag)
-
-    t3 = t2.response({:user => 'vagrant', :password => 'vagrant', :domain => ''}, {:ntlmv2 => true, :workstation => 'kobe.local'})
-    expect(t3.domain).to eq(type3_known.domain)
-    expect(t3.flag).to eq(type3_known.flag)
-    expect(t3.sign).to eq("NTLMSSP\0")
-    expect(t3.workstation).to eq("k\0o\0b\0e\0.\0l\0o\0c\0a\0l\0")
-    expect(t3.user).to eq("v\0a\0g\0r\0a\0n\0t\0")
-    expect(t3.session_key).to eq('')
-  end
-
-  it 'should upcase domain when provided' do
-    t2 = Net::NTLM::Message.decode64(type2_packet)
-    t3 = t2.response({:user => 'vagrant', :password => 'vagrant', :domain => 'domain'}, {:ntlmv2 => true, :workstation => 'kobe.local'})
-    expect(t3.domain).to eq("D\0O\0M\0A\0I\0N\0")
-  end
-
-  describe '.parse' do
-    subject(:message) { described_class.parse(data) }
-    # http://davenport.sourceforge.net/ntlm.html#appendixC7
-    context 'NTLM2 Session Response Authentication; NTLM2 Signing and Sealing Using the 128-bit NTLM2 Session Response User Session Key With Key Exchange Negotiated' do
-      let(:data) do
-        [
-          '4e544c4d53535000020000000c000c0030000000358289e0677f1c557a5ee96c' \
-          '0000000000000000460046003c00000054004500530054004e00540002000c00' \
-          '54004500530054004e00540001000c004d0045004d0042004500520003001e00' \
-          '6d0065006d006200650072002e0074006500730074002e0063006f006d000000' \
-          '0000'
-        ].pack('H*')
-      end
-
-      it 'should set the magic' do
-        expect(message.sign).to eql(Net::NTLM::SSP_SIGN)
-      end
-      it 'should set the type' do
-        expect(message.type).to eq(2)
-      end
-      it 'should set the target name' do
-        # TESTNT
-        expect(message.target_name).to eq(["54004500530054004e005400"].pack('H*'))
-      end
-      it 'should set the flags' do
-        expect(message.flag).to eq(0xe0898235)
-      end
-      it 'should set the challenge' do
-        expect(message.challenge).to eq(0x6ce95e7a551c7f67)
-      end
-      it 'should set an empty context' do
-        expect(message.context).to be_zero
-      end
-      it 'should set target info' do
-        ti = [
-          '02000c0054004500530054004e00540001000c004d0045004d00420045005200' \
-          '03001e006d0065006d006200650072002e0074006500730074002e0063006f00' \
-          '6d0000000000'
-        ].pack('H*')
-        expect(message.target_info).to eq(ti)
-      end
-
-    end
-  end
-
-end
+# encoding: UTF-8
+require 'spec_helper'
+
+describe Net::NTLM::Message::Type2 do
+
+  fields = [
+      { :name => :sign, :class => Net::NTLM::String, :value => Net::NTLM::SSP_SIGN, :active => true },
+      { :name => :type, :class => Net::NTLM::Int32LE, :value => 2, :active => true },
+      { :name => :challenge, :class => Net::NTLM::Int64LE, :value => 0, :active => true },
+      { :name => :context, :class => Net::NTLM::Int64LE, :value => 0, :active => false },
+      { :name => :flag, :class => Net::NTLM::Int32LE, :value =>  Net::NTLM::DEFAULT_FLAGS[:TYPE2], :active => true },
+      { :name => :target_name, :class => Net::NTLM::SecurityBuffer, :value => '', :active => true },
+      { :name => :target_info, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => false },
+      { :name => :os_version, :class => Net::NTLM::String, :value => '', :active => false },
+  ]
+  flags = [
+      :UNICODE
+  ]
+  it_behaves_like 'a fieldset', fields
+  it_behaves_like 'a message', flags
+
+  let(:type2_packet) {"TlRMTVNTUAACAAAAHAAcADgAAAAFgooCJ+UA1//+ZM4AAAAAAAAAAJAAkABUAAAABgGxHQAAAA9WAEEARwBSAEEATgBUAC0AMgAwADAAOABSADIAAgAcAFYAQQBHAFIAQQBOAFQALQAyADAAMAA4AFIAMgABABwAVgBBAEcAUgBBAE4AVAAtADIAMAAwADgAUgAyAAQAHAB2AGEAZwByAGEAbgB0AC0AMgAwADAAOABSADIAAwAcAHYAYQBnAHIAYQBuAHQALQAyADAAMAA4AFIAMgAHAAgAZBMdFHQnzgEAAAAA"}
+  let(:type3_packet) {"TlRMTVNTUAADAAAAGAAYAEQAAADAAMAAXAAAAAAAAAAcAQAADgAOABwBAAAUABQAKgEAAAAAAAA+AQAABYKKAgAAAADVS27TfQGmWxSSbXmolTUQyxJmD8ISQuBKKHFKC8GksUZISYc8Ps9RAQEAAAAAAAAANasTdCfOAcsSZg/CEkLgAAAAAAIAHABWAEEARwBSAEEATgBUAC0AMgAwADAAOABSADIAAQAcAFYAQQBHAFIAQQBOAFQALQAyADAAMAA4AFIAMgAEABwAdgBhAGcAcgBhAG4AdAAtADIAMAAwADgAUgAyAAMAHAB2AGEAZwByAGEAbgB0AC0AMgAwADAAOABSADIABwAIAGQTHRR0J84BAAAAAAAAAAB2AGEAZwByAGEAbgB0AGsAbwBiAGUALgBsAG8AYwBhAGwA"}
+
+  it 'should deserialize' do
+    t2 =  Net::NTLM::Message.decode64(type2_packet)
+    expect(t2.class).to eq(Net::NTLM::Message::Type2)
+    expect(t2.challenge).to eq(14872292244261496103)
+    expect(t2.context).to eq(0)
+    expect(t2.flag).to eq(42631685)
+    expect(t2.os_version).to eq(['0601b11d0000000f'].pack('H*'))
+    expect(t2.sign).to eq("NTLMSSP\0")
+
+    t2_target_info = Net::NTLM::EncodeUtil.decode_utf16le(t2.target_info)
+    if RUBY_VERSION == "1.8.7"
+      expect(t2_target_info).to eq("\x02\x1CVAGRANT-2008R2\x01\x1CVAGRANT-2008R2\x04\x1Cvagrant-2008R2\x03\x1Cvagrant-2008R2\a\b\e$(D+&\e(B\0\0")
+    else
+      expect(t2_target_info).to eq("\u0002\u001CVAGRANT-2008R2\u0001\u001CVAGRANT-2008R2\u0004\u001Cvagrant-2008R2\u0003\u001Cvagrant-2008R2\a\b፤ᐝ❴ǎ\0\0")
+    end
+
+    expect(Net::NTLM::EncodeUtil.decode_utf16le(t2.target_name)).to eq("VAGRANT-2008R2")
+    expect(t2.type).to eq(2)
+  end
+
+  it 'should serialize' do
+    source = Net::NTLM::Message.decode64(type2_packet)
+
+    t2 =  Net::NTLM::Message::Type2.new
+    t2.challenge = source.challenge
+    t2.context = source.context
+    t2.flag = source.flag
+    t2.os_version = source.os_version
+    t2.sign = source.sign
+    t2.target_info = source.target_info
+    t2.target_name = source.target_name
+    t2.type = source.type
+    t2.enable(:context)
+    t2.enable(:target_info)
+    t2.enable(:os_version)
+
+    expect(t2.encode64).to eq(type2_packet)
+  end
+
+  it 'should generate a type 3 response' do
+    t2 = Net::NTLM::Message.decode64(type2_packet)
+
+    type3_known = Net::NTLM::Message.decode64(type3_packet)
+    type3_known.flag = 0x028a8205
+    type3_known.enable(:session_key)
+    type3_known.enable(:flag)
+
+    t3 = t2.response({:user => 'vagrant', :password => 'vagrant', :domain => ''}, {:ntlmv2 => true, :workstation => 'kobe.local'})
+    expect(t3.domain).to eq(type3_known.domain)
+    expect(t3.flag).to eq(type3_known.flag)
+    expect(t3.sign).to eq("NTLMSSP\0")
+    expect(t3.workstation).to eq("k\0o\0b\0e\0.\0l\0o\0c\0a\0l\0")
+    expect(t3.user).to eq("v\0a\0g\0r\0a\0n\0t\0")
+    expect(t3.session_key).to eq('')
+  end
+
+  it 'should upcase domain when provided' do
+    t2 = Net::NTLM::Message.decode64(type2_packet)
+    t3 = t2.response({:user => 'vagrant', :password => 'vagrant', :domain => 'domain'}, {:ntlmv2 => true, :workstation => 'kobe.local'})
+    expect(t3.domain).to eq("D\0O\0M\0A\0I\0N\0")
+  end
+
+  describe '.parse' do
+    subject(:message) { described_class.parse(data) }
+    # http://davenport.sourceforge.net/ntlm.html#appendixC7
+    context 'NTLM2 Session Response Authentication; NTLM2 Signing and Sealing Using the 128-bit NTLM2 Session Response User Session Key With Key Exchange Negotiated' do
+      let(:data) do
+        [
+          '4e544c4d53535000020000000c000c0030000000358289e0677f1c557a5ee96c' \
+          '0000000000000000460046003c00000054004500530054004e00540002000c00' \
+          '54004500530054004e00540001000c004d0045004d0042004500520003001e00' \
+          '6d0065006d006200650072002e0074006500730074002e0063006f006d000000' \
+          '0000'
+        ].pack('H*')
+      end
+
+      it 'should set the magic' do
+        expect(message.sign).to eql(Net::NTLM::SSP_SIGN)
+      end
+      it 'should set the type' do
+        expect(message.type).to eq(2)
+      end
+      it 'should set the target name' do
+        # TESTNT
+        expect(message.target_name).to eq(["54004500530054004e005400"].pack('H*'))
+      end
+      it 'should set the flags' do
+        expect(message.flag).to eq(0xe0898235)
+      end
+      it 'should set the challenge' do
+        expect(message.challenge).to eq(0x6ce95e7a551c7f67)
+      end
+      it 'should set an empty context' do
+        expect(message.context).to be_zero
+      end
+      it 'should set target info' do
+        ti = [
+          '02000c0054004500530054004e00540001000c004d0045004d00420045005200' \
+          '03001e006d0065006d006200650072002e0074006500730074002e0063006f00' \
+          '6d0000000000'
+        ].pack('H*')
+        expect(message.target_info).to eq(ti)
+      end
+
+    end
+  end
+
+end

data/spec/lib/net/ntlm/message/type3_spec.rb

@@ -1,225 +1,225 @@
-require 'spec_helper'
-
-describe Net::NTLM::Message::Type3 do
-
-  fields = [
-      { :name => :sign, :class => Net::NTLM::String, :value => Net::NTLM::SSP_SIGN, :active => true },
-      { :name => :type, :class => Net::NTLM::Int32LE, :value => 3, :active => true },
-      { :name => :lm_response, :class => Net::NTLM::SecurityBuffer, :value => '', :active => true },
-      { :name => :ntlm_response, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => true },
-      { :name => :domain, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => true },
-      { :name => :user, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => true },
-      { :name => :workstation, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => true },
-      { :name => :session_key, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => false },
-      { :name => :flag, :class => Net::NTLM::Int32LE, :value =>  0, :active => false },
-  ]
-  flags = []
-  it_behaves_like 'a fieldset', fields
-  it_behaves_like 'a message', flags
-
-  describe '.parse' do
-    subject(:message) { described_class.parse(data) }
-
-    context 'with NTLMv2 data' do
-      let(:data) do
-        # Captured NTLMSSP blob from smbclient with username 'administrator'
-        # and a blank password, i.e.:
-        #   smbclient -U 'administrator%' -L //192.168.100.140/
-        [
-          '4e544c4d53535000030000001800180040000000c400c4005800000012001200' \
-          '1c0100001a001a002e0100001a001a0048010000100010006201000015820860' \
-          'ced203d860b80c7350050754b238202a8c1c63134f0ae0f086a3fb147e8b2f9f' \
-          'de3ef1b1b43c83dc010100000000000080512dba020ed0011c5bc2c8339fd29a' \
-          '0000000002001e00570049004e002d00420035004a004e003300520048004700' \
-          '46003300310001001e00570049004e002d00420035004a004e00330052004800' \
-          '470046003300310004001e00570049004e002d00420035004a004e0033005200' \
-          '4800470046003300310003001e00570049004e002d00420035004a004e003300' \
-          '52004800470046003300310007000800a209e5ba020ed0010000000057004f00' \
-          '52004b00470052004f0055005000610064006d0069006e006900730074007200' \
-          '610074006f0072004100550053002d004c004500450054002d00310030003300' \
-          '31007036615cd6d9b19a685ded4312311cd7'
-        ].pack('H*')
-      end
-
-      let(:server_challenge) { ['f588469dc96fe809'].pack('H*') }
-
-      it 'should set the magic' do
-        expect(message.sign).to eql(Net::NTLM::SSP_SIGN)
-      end
-      it 'should set the type' do
-        expect(message.type).to eq(3)
-      end
-      it 'should set the LM response' do
-        lm_response = ['ced203d860b80c7350050754b238202a8c1c63134f0ae0f0'].pack('H*')
-        expect(message.lm_response).to eq(lm_response)
-      end
-      it 'should set the NTLM response' do
-        ntlm_response = [
-          '86a3fb147e8b2f9fde3ef1b1b43c83dc010100000000000080512dba020ed001' \
-          '1c5bc2c8339fd29a0000000002001e00570049004e002d00420035004a004e00' \
-          '330052004800470046003300310001001e00570049004e002d00420035004a00' \
-          '4e00330052004800470046003300310004001e00570049004e002d0042003500' \
-          '4a004e00330052004800470046003300310003001e00570049004e002d004200' \
-          '35004a004e00330052004800470046003300310007000800a209e5ba020ed001' \
-          '00000000'
-        ].pack('H*')
-        expect(message.ntlm_response).to eq(ntlm_response)
-      end
-      it 'should set the user' do
-        # administrator
-        user = ['610064006d0069006e006900730074007200610074006f007200'].pack('H*')
-        expect(message.user).to eq(user)
-      end
-      it 'should set the domain' do
-        # WORKGROUP
-        domain = ['57004f0052004b00470052004f0055005000'].pack('H*')
-        expect(message.domain).to eq(domain)
-      end
-      it 'should set the workstation' do
-        # AUS-LEET-1031
-        workstation = ['4100550053002d004c004500450054002d003100300033003100'].pack('H*')
-        expect(message.workstation).to eq(workstation)
-      end
-      it 'should set the session key' do
-        session_key = ['7036615cd6d9b19a685ded4312311cd7'].pack('H*')
-        expect(message.session_key).to eq(session_key)
-      end
-
-      it 'should set the flags' do
-        expect(message.flag).to eq(0x60088215)
-      end
-
-      it 'should NOT set the OS version structure' do
-        expect(message.os_version).to be_nil
-      end
-
-      describe '#blank_password?' do
-        it 'should be true' do
-          expect(message.blank_password?(server_challenge)).to be true
-        end
-      end
-
-      describe '#ntlm_version' do
-        let(:ver) { message.ntlm_version }
-        it 'should be :ntlmv2' do
-          expect(ver).to eq(:ntlmv2)
-        end
-      end
-
-    end
-
-    # http://davenport.sourceforge.net/ntlm.html#appendixC7
-    context 'NTLM2 Session Response Authentication; NTLM2 Signing and Sealing Using the 128-bit NTLM2 Session Response User Session Key With Key Exchange Negotiated' do
-
-      let(:data) do
-        [
-          '4e544c4d5353500003000000180018006000000018001800780000000c000c00' \
-          '40000000080008004c0000000c000c00540000001000100090000000358288e0' \
-          '54004500530054004e00540074006500730074004d0045004d00420045005200' \
-          '404d1b6f6915258000000000000000000000000000000000ea8cc49f24da157f' \
-          '13436637f77693d8b992d619e584c7ee727a5240822ec7af4e9100c43e6fee7f'
-        ].pack('H*')
-      end
-
-      it 'should set the LM response' do
-        lm_response = ['404d1b6f6915258000000000000000000000000000000000'].pack('H*')
-        expect(message.lm_response).to eq(lm_response)
-      end
-      it 'should set the NTLM response' do
-        ntlm_response = [ 'ea8cc49f24da157f13436637f77693d8b992d619e584c7ee' ].pack('H*')
-        expect(message.ntlm_response).to eq(ntlm_response)
-      end
-      it 'should set the domain' do
-        # TESTNT
-        domain = ['54004500530054004e005400'].pack('H*')
-        expect(message.domain).to eq(domain)
-      end
-      it 'should set the user' do
-        # test
-        user = ['7400650073007400'].pack('H*')
-        expect(message.user).to eq(user)
-      end
-      it 'should set the workstation' do
-        # MEMBER
-        workstation = ['4d0045004d00420045005200'].pack('H*')
-        expect(message.workstation).to eq(workstation)
-      end
-      it 'should set the session key' do
-        session_key = ['727a5240822ec7af4e9100c43e6fee7f'].pack('H*')
-        expect(message.session_key).to eq(session_key)
-      end
-
-      let(:server_challenge) { ['677f1c557a5ee96c'].pack('H*') }
-      describe '#password?' do
-        it 'should be true for "test1234"' do
-          expect(message.password?('test1234', server_challenge)).to be true
-        end
-      end
-      describe '#blank_password?' do
-        it 'should be false' do
-          expect(message.blank_password?(server_challenge)).to be false
-        end
-      end
-
-      describe '#ntlm_version' do
-        let(:ver) { message.ntlm_version }
-        it 'should be :ntlm2_session' do
-          expect(ver).to eq(:ntlm2_session)
-        end
-      end
-
-    end
-
-    # http://davenport.sourceforge.net/ntlm.html#appendixC9
-    context 'NTLMv2 Authentication; NTLM1 Signing and Sealing Using the 40-bit NTLMv2 User Session Key' do
-      let(:data) do
-        [
-          '4e544c4d5353500003000000180018006000000076007600780000000c000c00' \
-          '40000000080008004c0000000c000c005400000000000000ee00000035828000' \
-          '54004500530054004e00540074006500730074004d0045004d00420045005200' \
-          '5d55a02b60a40526ac9a1e4d15fa45a0f2e6329726c598e8f77c67dad00b9321' \
-          '6242b197fe6addfa0101000000000000502db638677bc301f2e6329726c598e8' \
-          '0000000002000c0054004500530054004e00540001000c004d0045004d004200' \
-          '4500520003001e006d0065006d006200650072002e0074006500730074002e00' \
-          '63006f006d000000000000000000'
-        ].pack 'H*'
-      end
-
-      it 'should set the NTLM response' do
-        ntlm_response = [
-          'f77c67dad00b93216242b197fe6addfa0101000000000000502db638677bc301' \
-          'f2e6329726c598e80000000002000c0054004500530054004e00540001000c00' \
-          '4d0045004d0042004500520003001e006d0065006d006200650072002e007400' \
-          '6500730074002e0063006f006d000000000000000000'
-        ].pack 'H*'
-        expect(message.ntlm_response).to eq(ntlm_response)
-      end
-
-      it 'should set the domain' do
-        # TESTNT
-        domain = ['54004500530054004e005400'].pack('H*')
-        expect(message.domain).to eq(domain)
-      end
-      it 'should set the user' do
-        # test
-        user = ['7400650073007400'].pack('H*')
-        expect(message.user).to eq(user)
-      end
-      it 'should set the workstation' do
-        # MEMBER
-        workstation = ['4d0045004d00420045005200'].pack('H*')
-        expect(message.workstation).to eq(workstation)
-      end
-
-      describe '#ntlm_version' do
-        let(:ver) { message.ntlm_version }
-        it 'should be :ntlmv2' do
-          expect(ver).to eq(:ntlmv2)
-        end
-      end
-
-    end
-
-  end
-
-end
+require 'spec_helper'
+
+describe Net::NTLM::Message::Type3 do
+
+  fields = [
+      { :name => :sign, :class => Net::NTLM::String, :value => Net::NTLM::SSP_SIGN, :active => true },
+      { :name => :type, :class => Net::NTLM::Int32LE, :value => 3, :active => true },
+      { :name => :lm_response, :class => Net::NTLM::SecurityBuffer, :value => '', :active => true },
+      { :name => :ntlm_response, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => true },
+      { :name => :domain, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => true },
+      { :name => :user, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => true },
+      { :name => :workstation, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => true },
+      { :name => :session_key, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => false },
+      { :name => :flag, :class => Net::NTLM::Int32LE, :value =>  0, :active => false },
+  ]
+  flags = []
+  it_behaves_like 'a fieldset', fields
+  it_behaves_like 'a message', flags
+
+  describe '.parse' do
+    subject(:message) { described_class.parse(data) }
+
+    context 'with NTLMv2 data' do
+      let(:data) do
+        # Captured NTLMSSP blob from smbclient with username 'administrator'
+        # and a blank password, i.e.:
+        #   smbclient -U 'administrator%' -L //192.168.100.140/
+        [
+          '4e544c4d53535000030000001800180040000000c400c4005800000012001200' \
+          '1c0100001a001a002e0100001a001a0048010000100010006201000015820860' \
+          'ced203d860b80c7350050754b238202a8c1c63134f0ae0f086a3fb147e8b2f9f' \
+          'de3ef1b1b43c83dc010100000000000080512dba020ed0011c5bc2c8339fd29a' \
+          '0000000002001e00570049004e002d00420035004a004e003300520048004700' \
+          '46003300310001001e00570049004e002d00420035004a004e00330052004800' \
+          '470046003300310004001e00570049004e002d00420035004a004e0033005200' \
+          '4800470046003300310003001e00570049004e002d00420035004a004e003300' \
+          '52004800470046003300310007000800a209e5ba020ed0010000000057004f00' \
+          '52004b00470052004f0055005000610064006d0069006e006900730074007200' \
+          '610074006f0072004100550053002d004c004500450054002d00310030003300' \
+          '31007036615cd6d9b19a685ded4312311cd7'
+        ].pack('H*')
+      end
+
+      let(:server_challenge) { ['f588469dc96fe809'].pack('H*') }
+
+      it 'should set the magic' do
+        expect(message.sign).to eql(Net::NTLM::SSP_SIGN)
+      end
+      it 'should set the type' do
+        expect(message.type).to eq(3)
+      end
+      it 'should set the LM response' do
+        lm_response = ['ced203d860b80c7350050754b238202a8c1c63134f0ae0f0'].pack('H*')
+        expect(message.lm_response).to eq(lm_response)
+      end
+      it 'should set the NTLM response' do
+        ntlm_response = [
+          '86a3fb147e8b2f9fde3ef1b1b43c83dc010100000000000080512dba020ed001' \
+          '1c5bc2c8339fd29a0000000002001e00570049004e002d00420035004a004e00' \
+          '330052004800470046003300310001001e00570049004e002d00420035004a00' \
+          '4e00330052004800470046003300310004001e00570049004e002d0042003500' \
+          '4a004e00330052004800470046003300310003001e00570049004e002d004200' \
+          '35004a004e00330052004800470046003300310007000800a209e5ba020ed001' \
+          '00000000'
+        ].pack('H*')
+        expect(message.ntlm_response).to eq(ntlm_response)
+      end
+      it 'should set the user' do
+        # administrator
+        user = ['610064006d0069006e006900730074007200610074006f007200'].pack('H*')
+        expect(message.user).to eq(user)
+      end
+      it 'should set the domain' do
+        # WORKGROUP
+        domain = ['57004f0052004b00470052004f0055005000'].pack('H*')
+        expect(message.domain).to eq(domain)
+      end
+      it 'should set the workstation' do
+        # AUS-LEET-1031
+        workstation = ['4100550053002d004c004500450054002d003100300033003100'].pack('H*')
+        expect(message.workstation).to eq(workstation)
+      end
+      it 'should set the session key' do
+        session_key = ['7036615cd6d9b19a685ded4312311cd7'].pack('H*')
+        expect(message.session_key).to eq(session_key)
+      end
+
+      it 'should set the flags' do
+        expect(message.flag).to eq(0x60088215)
+      end
+
+      it 'should NOT set the OS version structure' do
+        expect(message.os_version).to be_nil
+      end
+
+      describe '#blank_password?' do
+        it 'should be true' do
+          expect(message.blank_password?(server_challenge)).to be true
+        end
+      end
+
+      describe '#ntlm_version' do
+        let(:ver) { message.ntlm_version }
+        it 'should be :ntlmv2' do
+          expect(ver).to eq(:ntlmv2)
+        end
+      end
+
+    end
+
+    # http://davenport.sourceforge.net/ntlm.html#appendixC7
+    context 'NTLM2 Session Response Authentication; NTLM2 Signing and Sealing Using the 128-bit NTLM2 Session Response User Session Key With Key Exchange Negotiated' do
+
+      let(:data) do
+        [
+          '4e544c4d5353500003000000180018006000000018001800780000000c000c00' \
+          '40000000080008004c0000000c000c00540000001000100090000000358288e0' \
+          '54004500530054004e00540074006500730074004d0045004d00420045005200' \
+          '404d1b6f6915258000000000000000000000000000000000ea8cc49f24da157f' \
+          '13436637f77693d8b992d619e584c7ee727a5240822ec7af4e9100c43e6fee7f'
+        ].pack('H*')
+      end
+
+      it 'should set the LM response' do
+        lm_response = ['404d1b6f6915258000000000000000000000000000000000'].pack('H*')
+        expect(message.lm_response).to eq(lm_response)
+      end
+      it 'should set the NTLM response' do
+        ntlm_response = [ 'ea8cc49f24da157f13436637f77693d8b992d619e584c7ee' ].pack('H*')
+        expect(message.ntlm_response).to eq(ntlm_response)
+      end
+      it 'should set the domain' do
+        # TESTNT
+        domain = ['54004500530054004e005400'].pack('H*')
+        expect(message.domain).to eq(domain)
+      end
+      it 'should set the user' do
+        # test
+        user = ['7400650073007400'].pack('H*')
+        expect(message.user).to eq(user)
+      end
+      it 'should set the workstation' do
+        # MEMBER
+        workstation = ['4d0045004d00420045005200'].pack('H*')
+        expect(message.workstation).to eq(workstation)
+      end
+      it 'should set the session key' do
+        session_key = ['727a5240822ec7af4e9100c43e6fee7f'].pack('H*')
+        expect(message.session_key).to eq(session_key)
+      end
+
+      let(:server_challenge) { ['677f1c557a5ee96c'].pack('H*') }
+      describe '#password?' do
+        it 'should be true for "test1234"' do
+          expect(message.password?('test1234', server_challenge)).to be true
+        end
+      end
+      describe '#blank_password?' do
+        it 'should be false' do
+          expect(message.blank_password?(server_challenge)).to be false
+        end
+      end
+
+      describe '#ntlm_version' do
+        let(:ver) { message.ntlm_version }
+        it 'should be :ntlm2_session' do
+          expect(ver).to eq(:ntlm2_session)
+        end
+      end
+
+    end
+
+    # http://davenport.sourceforge.net/ntlm.html#appendixC9
+    context 'NTLMv2 Authentication; NTLM1 Signing and Sealing Using the 40-bit NTLMv2 User Session Key' do
+      let(:data) do
+        [
+          '4e544c4d5353500003000000180018006000000076007600780000000c000c00' \
+          '40000000080008004c0000000c000c005400000000000000ee00000035828000' \
+          '54004500530054004e00540074006500730074004d0045004d00420045005200' \
+          '5d55a02b60a40526ac9a1e4d15fa45a0f2e6329726c598e8f77c67dad00b9321' \
+          '6242b197fe6addfa0101000000000000502db638677bc301f2e6329726c598e8' \
+          '0000000002000c0054004500530054004e00540001000c004d0045004d004200' \
+          '4500520003001e006d0065006d006200650072002e0074006500730074002e00' \
+          '63006f006d000000000000000000'
+        ].pack 'H*'
+      end
+
+      it 'should set the NTLM response' do
+        ntlm_response = [
+          'f77c67dad00b93216242b197fe6addfa0101000000000000502db638677bc301' \
+          'f2e6329726c598e80000000002000c0054004500530054004e00540001000c00' \
+          '4d0045004d0042004500520003001e006d0065006d006200650072002e007400' \
+          '6500730074002e0063006f006d000000000000000000'
+        ].pack 'H*'
+        expect(message.ntlm_response).to eq(ntlm_response)
+      end
+
+      it 'should set the domain' do
+        # TESTNT
+        domain = ['54004500530054004e005400'].pack('H*')
+        expect(message.domain).to eq(domain)
+      end
+      it 'should set the user' do
+        # test
+        user = ['7400650073007400'].pack('H*')
+        expect(message.user).to eq(user)
+      end
+      it 'should set the workstation' do
+        # MEMBER
+        workstation = ['4d0045004d00420045005200'].pack('H*')
+        expect(message.workstation).to eq(workstation)
+      end
+
+      describe '#ntlm_version' do
+        let(:ver) { message.ntlm_version }
+        it 'should be :ntlmv2' do
+          expect(ver).to eq(:ntlmv2)
+        end
+      end
+
+    end
+
+  end
+
+end