rubyntlm 0.5.3 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 044c8c3cccfa69d9397e63b89263b2ae5abef45d
-  data.tar.gz: d9b2964d47468ea490d127ba88dd2579a817cb5b
+  metadata.gz: 96ed497ebb6619b61911e39777bf3d193909bc45
+  data.tar.gz: 4396365cd33577c1b52db0ae516d8c1353293877
 SHA512:
-  metadata.gz: 6ffeaeb30b32bddab3468fe985657bf508a04e27f4327c26767a58d170bb8293c683e4d55cfdeeb78609deb26e7b3392c46312298adbe5867bffe5b50d86b3b5
-  data.tar.gz: 599b495aa2de031410ec8f630809e1017b2c79f912a5178aa53ee30d0a65f98ac1b965b108dd6a2068009f6b0cf10774cd345352313c97696bb2089352a96b60
+  metadata.gz: 5959b911914ac4b71dc44296ee98345f874db4786da7630db08d016856bfa5555103e94310dd1bb0252211646c45ff87a3f94a9399be939e35ab0c8d32e067be
+  data.tar.gz: 1ab87702641e2e9946527ee504020fad142445ce6ac78206102b3fa378550a9c44ebb51795089f081e72b56329234dd772c8da7281f44badfe976d28dbc47c73

data/.gitignore

@@ -1,3 +1,3 @@
-.yardoc
-/doc
-Gemfile.lock
+.yardoc
+/doc
+Gemfile.lock

data/.rspec

@@ -1,2 +1,2 @@
---format documentation
---color
+--format documentation
+--color

data/.travis.yml

@@ -1,11 +1,10 @@
-language: ruby
-rvm:
-  - 1.9.3
-  - 1.9.2
-  - 1.8.7
-  - 2.0.0
-  - rbx-19mode
-  - rbx-18mode
-  - jruby-19mode
-before_install:
-  - gem update bundler
+language: ruby
+rvm:
+  - 1.9.3
+  - 1.9.2
+  - 2.0.0
+  - rbx-19mode
+  - rbx-18mode
+  - jruby-19mode
+before_install:
+  - gem update bundler

data/CHANGELOG.md

@@ -1,6 +1,6 @@
-0.2.0 - Major changes to behavior!!!!
-  - Bug - Type 1 packets do not include a domain and workstation by defauly. Packet capture software will see this type of packet as malformed. All packets now include this information
-  - Bug - Type 3 packets do not include the calling workstation. This should be setup by default.
-
-0.1.2
+0.2.0 - Major changes to behavior!!!!
+  - Bug - Type 1 packets do not include a domain and workstation by defauly. Packet capture software will see this type of packet as malformed. All packets now include this information
+  - Bug - Type 3 packets do not include the calling workstation. This should be setup by default.
+
+0.1.2
  - Feature user can specify the target domain 

data/Gemfile

@@ -1,3 +1,3 @@
-source 'https://rubygems.org'
-
-gemspec
+source 'https://rubygems.org'
+
+gemspec

data/LICENSE

@@ -1,20 +1,20 @@
-The MIT License (MIT)
-
-Copyright (c) 2013 Paul Morton, Matt Zukowski, Kohei Kajimoto
-
-Permission is hereby granted, free of charge, to any person obtaining a copy of
-this software and associated documentation files (the "Software"), to deal in
-the Software without restriction, including without limitation the rights to
-use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
-the Software, and to permit persons to whom the Software is furnished to do so,
-subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
-FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
-COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
-IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+The MIT License (MIT)
+
+Copyright (c) 2013 Paul Morton, Matt Zukowski, Kohei Kajimoto
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -1,22 +1,22 @@
-require "bundler/gem_tasks"
-
-
-require 'rspec/core/rake_task'
-RSpec::Core::RakeTask.new(:spec)
-
-task :default => :spec
-
-desc "Generate code coverage"
-task :coverage do
-  ENV['COVERAGE'] = 'true'
-  Rake::Task["spec"].execute
-end
-
-desc "Open a Pry console for this library"
-task :console do
-  require 'pry'
-  require 'net/ntlm'
-  ARGV.clear
-  Pry.start
-end
-
+require "bundler/gem_tasks"
+
+
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec
+
+desc "Generate code coverage"
+task :coverage do
+  ENV['COVERAGE'] = 'true'
+  Rake::Task["spec"].execute
+end
+
+desc "Open a Pry console for this library"
+task :console do
+  require 'pry'
+  require 'net/ntlm'
+  ARGV.clear
+  Pry.start
+end
+

data/lib/net/ntlm.rb

@@ -1,263 +1,266 @@
-# encoding: UTF-8
-#
-# = net/ntlm.rb
-#
-# An NTLM Authentication Library for Ruby
-#
-# This code is a derivative of "dbf2.rb" written by yrock
-# and Minero Aoki. You can find original code here:
-# http://jp.rubyist.net/magazine/?0013-CodeReview
-# -------------------------------------------------------------
-# Copyright (c) 2005,2006 yrock
-#
-#
-# 2006-02-11 refactored by Minero Aoki
-# -------------------------------------------------------------
-#
-# All protocol information used to write this code stems from
-# "The NTLM Authentication Protocol" by Eric Glass. The author
-# would thank to him for this tremendous work and making it
-# available on the net.
-# http://davenport.sourceforge.net/ntlm.html
-# -------------------------------------------------------------
-# Copyright (c) 2003 Eric Glass
-#
-# -------------------------------------------------------------
-#
-# The author also looked Mozilla-Firefox-1.0.7 source code,
-# namely, security/manager/ssl/src/nsNTLMAuthModule.cpp and
-# Jonathan Bastien-Filiatrault's libntlm-ruby.
-# "http://x2a.org/websvn/filedetails.php?
-# repname=libntlm-ruby&path=%2Ftrunk%2Fntlm.rb&sc=1"
-# The latter has a minor bug in its separate_keys function.
-# The third key has to begin from the 14th character of the
-# input string instead of 13th:)
-#--
-# $Id: ntlm.rb,v 1.1 2006/10/05 01:36:52 koheik Exp $
-#++
-
-require 'base64'
-require 'openssl'
-require 'openssl/digest'
-require 'socket'
-
-# Load Order is important here
-require 'net/ntlm/field'
-require 'net/ntlm/int16_le'
-require 'net/ntlm/int32_le'
-require 'net/ntlm/int64_le'
-require 'net/ntlm/string'
-
-require 'net/ntlm/field_set'
-require 'net/ntlm/blob'
-require 'net/ntlm/security_buffer'
-require 'net/ntlm/message'
-require 'net/ntlm/message/type0'
-require 'net/ntlm/message/type1'
-require 'net/ntlm/message/type2'
-require 'net/ntlm/message/type3'
-
-require 'net/ntlm/encode_util'
-
-require 'net/ntlm/client'
-
-module Net
-  module NTLM
-
-    LM_MAGIC = "KGS!@\#$%"
-    TIME_OFFSET = 11644473600
-    MAX64 = 0xffffffffffffffff
-
-
-    class << self
-
-      # Valid format for LAN Manager hex digest portion: 32 hexadecimal characters.
-      LAN_MANAGER_HEX_DIGEST_REGEXP = /[0-9a-f]{32}/i
-      # Valid format for NT LAN Manager hex digest portion: 32 hexadecimal characters.
-      NT_LAN_MANAGER_HEX_DIGEST_REGEXP = /[0-9a-f]{32}/i
-      # Valid format for an NTLM hash composed of `'<LAN Manager hex digest>:<NT LAN Manager hex digest>'`.
-      DATA_REGEXP = /\A#{LAN_MANAGER_HEX_DIGEST_REGEXP}:#{NT_LAN_MANAGER_HEX_DIGEST_REGEXP}\z/
-
-      # Takes a string and determines whether it is a valid NTLM Hash
-      # @param [String] the string to validate
-      # @return [Boolean] whether or not the string is a valid NTLM hash
-      def is_ntlm_hash?(data)
-        decoded_data = data.dup
-        decoded_data = EncodeUtil.decode_utf16le(decoded_data)
-        if DATA_REGEXP.match(decoded_data)
-          true
-        else
-          false
-        end
-      end
-
-      # Conver the value to a 64-Bit Little Endian Int
-      # @param [String] val The string to convert
-      def pack_int64le(val)
-          [val & 0x00000000ffffffff, val >> 32].pack("V2")
-      end
-
-      # Builds an array of strings that are 7 characters long
-      # @param [String] str The string to split
-      # @api private
-      def split7(str)
-        s = str.dup
-        until s.empty?
-          (ret ||= []).push s.slice!(0, 7)
-        end
-        ret
-      end
-
-      # Not sure what this is doing
-      # @param [String] str String to generate keys for
-      # @api private
-      def gen_keys(str)
-        split7(str).map{ |str7|
-          bits = split7(str7.unpack("B*")[0]).inject('')\
-            {|ret, tkn| ret += tkn + (tkn.gsub('1', '').size % 2).to_s }
-          [bits].pack("B*")
-        }
-      end
-
-      def apply_des(plain, keys)
-        dec = OpenSSL::Cipher::Cipher.new("des-cbc")
-        dec.padding = 0
-        keys.map {|k|
-          dec.key = k
-          dec.encrypt.update(plain) + dec.final
-        }
-      end
-
-      # Generates a Lan Manager Hash
-      # @param [String] password The password to base the hash on
-      def lm_hash(password)
-        keys = gen_keys password.upcase.ljust(14, "\0")
-        apply_des(LM_MAGIC, keys).join
-      end
-
-      # Generate a NTLM Hash
-      # @param [String] password The password to base the hash on
-      # @option opt :unicode (false) Unicode encode the password
-      def ntlm_hash(password, opt = {})
-        pwd = password.dup
-        unless opt[:unicode]
-          pwd = EncodeUtil.encode_utf16le(pwd)
-        end
-        OpenSSL::Digest::MD4.digest pwd
-      end
-
-      # Generate a NTLMv2 Hash
-      # @param [String] user The username
-      # @param [String] password The password
-      # @param [String] target The domain or workstation to authenticate to
-      # @option opt :unicode (false) Unicode encode the domain
-      def ntlmv2_hash(user, password, target, opt={})
-        if is_ntlm_hash? password
-          decoded_password = EncodeUtil.decode_utf16le(password)
-          ntlmhash = [decoded_password.upcase[33,65]].pack('H32')
-        else
-          ntlmhash = ntlm_hash(password, opt)
-        end
-        userdomain = user.upcase + target
-        unless opt[:unicode]
-          userdomain = EncodeUtil.encode_utf16le(userdomain)
-        end
-        OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmhash, userdomain)
-      end
-
-      def lm_response(arg)
-        begin
-          hash = arg[:lm_hash]
-          chal = arg[:challenge]
-        rescue
-          raise ArgumentError
-        end
-        chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer)
-        keys = gen_keys hash.ljust(21, "\0")
-        apply_des(chal, keys).join
-      end
-
-      def ntlm_response(arg)
-        hash = arg[:ntlm_hash]
-        chal = arg[:challenge]
-        chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer)
-        keys = gen_keys hash.ljust(21, "\0")
-        apply_des(chal, keys).join
-      end
-
-      def ntlmv2_response(arg, opt = {})
-        begin
-          key = arg[:ntlmv2_hash]
-          chal = arg[:challenge]
-          ti = arg[:target_info]
-        rescue
-          raise ArgumentError
-        end
-        chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer)
-
-        if opt[:client_challenge]
-          cc  = opt[:client_challenge]
-        else
-          cc = rand(MAX64)
-        end
-        cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)
-
-        if opt[:timestamp]
-          ts = opt[:timestamp]
-        else
-          ts = Time.now.to_i
-        end
-        # epoch -> milsec from Jan 1, 1601
-        ts = 10_000_000 * (ts + TIME_OFFSET)
-
-        blob = Blob.new
-        blob.timestamp = ts
-        blob.challenge = cc
-        blob.target_info = ti
-
-        bb = blob.serialize
-
-        OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + bb) + bb
-      end
-
-      def lmv2_response(arg, opt = {})
-        key = arg[:ntlmv2_hash]
-        chal = arg[:challenge]
-
-        chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer)
-
-        if opt[:client_challenge]
-          cc  = opt[:client_challenge]
-        else
-          cc = rand(MAX64)
-        end
-        cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)
-
-        OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + cc) + cc
-      end
-
-      def ntlm2_session(arg, opt = {})
-        begin
-          passwd_hash = arg[:ntlm_hash]
-          chal = arg[:challenge]
-        rescue
-          raise ArgumentError
-        end
-        chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer)
-
-        if opt[:client_challenge]
-          cc = opt[:client_challenge]
-        else
-          cc = rand(MAX64)
-        end
-        cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)
-
-        keys = gen_keys(passwd_hash.ljust(21, "\0"))
-        session_hash = OpenSSL::Digest::MD5.digest(chal + cc).slice(0, 8)
-        response = apply_des(session_hash, keys).join
-        [cc.ljust(24, "\0"), response]
-      end
-    end
-
-  end
-end
+# encoding: UTF-8
+#
+# = net/ntlm.rb
+#
+# An NTLM Authentication Library for Ruby
+#
+# This code is a derivative of "dbf2.rb" written by yrock
+# and Minero Aoki. You can find original code here:
+# http://jp.rubyist.net/magazine/?0013-CodeReview
+# -------------------------------------------------------------
+# Copyright (c) 2005,2006 yrock
+#
+#
+# 2006-02-11 refactored by Minero Aoki
+# -------------------------------------------------------------
+#
+# All protocol information used to write this code stems from
+# "The NTLM Authentication Protocol" by Eric Glass. The author
+# would thank to him for this tremendous work and making it
+# available on the net.
+# http://davenport.sourceforge.net/ntlm.html
+# -------------------------------------------------------------
+# Copyright (c) 2003 Eric Glass
+#
+# -------------------------------------------------------------
+#
+# The author also looked Mozilla-Firefox-1.0.7 source code,
+# namely, security/manager/ssl/src/nsNTLMAuthModule.cpp and
+# Jonathan Bastien-Filiatrault's libntlm-ruby.
+# "http://x2a.org/websvn/filedetails.php?
+# repname=libntlm-ruby&path=%2Ftrunk%2Fntlm.rb&sc=1"
+# The latter has a minor bug in its separate_keys function.
+# The third key has to begin from the 14th character of the
+# input string instead of 13th:)
+#--
+# $Id: ntlm.rb,v 1.1 2006/10/05 01:36:52 koheik Exp $
+#++
+
+require 'base64'
+require 'openssl'
+require 'openssl/digest'
+require 'socket'
+
+# Load Order is important here
+require 'net/ntlm/exceptions'
+require 'net/ntlm/field'
+require 'net/ntlm/int16_le'
+require 'net/ntlm/int32_le'
+require 'net/ntlm/int64_le'
+require 'net/ntlm/string'
+
+require 'net/ntlm/field_set'
+require 'net/ntlm/blob'
+require 'net/ntlm/security_buffer'
+require 'net/ntlm/message'
+require 'net/ntlm/message/type0'
+require 'net/ntlm/message/type1'
+require 'net/ntlm/message/type2'
+require 'net/ntlm/message/type3'
+
+require 'net/ntlm/encode_util'
+
+require 'net/ntlm/client'
+require 'net/ntlm/channel_binding'
+require 'net/ntlm/target_info'
+
+module Net
+  module NTLM
+
+    LM_MAGIC = "KGS!@\#$%"
+    TIME_OFFSET = 11644473600
+    MAX64 = 0xffffffffffffffff
+
+
+    class << self
+
+      # Valid format for LAN Manager hex digest portion: 32 hexadecimal characters.
+      LAN_MANAGER_HEX_DIGEST_REGEXP = /[0-9a-f]{32}/i
+      # Valid format for NT LAN Manager hex digest portion: 32 hexadecimal characters.
+      NT_LAN_MANAGER_HEX_DIGEST_REGEXP = /[0-9a-f]{32}/i
+      # Valid format for an NTLM hash composed of `'<LAN Manager hex digest>:<NT LAN Manager hex digest>'`.
+      DATA_REGEXP = /\A#{LAN_MANAGER_HEX_DIGEST_REGEXP}:#{NT_LAN_MANAGER_HEX_DIGEST_REGEXP}\z/
+
+      # Takes a string and determines whether it is a valid NTLM Hash
+      # @param [String] the string to validate
+      # @return [Boolean] whether or not the string is a valid NTLM hash
+      def is_ntlm_hash?(data)
+        decoded_data = data.dup
+        decoded_data = EncodeUtil.decode_utf16le(decoded_data)
+        if DATA_REGEXP.match(decoded_data)
+          true
+        else
+          false
+        end
+      end
+
+      # Conver the value to a 64-Bit Little Endian Int
+      # @param [String] val The string to convert
+      def pack_int64le(val)
+          [val & 0x00000000ffffffff, val >> 32].pack("V2")
+      end
+
+      # Builds an array of strings that are 7 characters long
+      # @param [String] str The string to split
+      # @api private
+      def split7(str)
+        s = str.dup
+        until s.empty?
+          (ret ||= []).push s.slice!(0, 7)
+        end
+        ret
+      end
+
+      # Not sure what this is doing
+      # @param [String] str String to generate keys for
+      # @api private
+      def gen_keys(str)
+        split7(str).map{ |str7|
+          bits = split7(str7.unpack("B*")[0]).inject('')\
+            {|ret, tkn| ret += tkn + (tkn.gsub('1', '').size % 2).to_s }
+          [bits].pack("B*")
+        }
+      end
+
+      def apply_des(plain, keys)
+        dec = OpenSSL::Cipher::Cipher.new("des-cbc")
+        dec.padding = 0
+        keys.map {|k|
+          dec.key = k
+          dec.encrypt.update(plain) + dec.final
+        }
+      end
+
+      # Generates a Lan Manager Hash
+      # @param [String] password The password to base the hash on
+      def lm_hash(password)
+        keys = gen_keys password.upcase.ljust(14, "\0")
+        apply_des(LM_MAGIC, keys).join
+      end
+
+      # Generate a NTLM Hash
+      # @param [String] password The password to base the hash on
+      # @option opt :unicode (false) Unicode encode the password
+      def ntlm_hash(password, opt = {})
+        pwd = password.dup
+        unless opt[:unicode]
+          pwd = EncodeUtil.encode_utf16le(pwd)
+        end
+        OpenSSL::Digest::MD4.digest pwd
+      end
+
+      # Generate a NTLMv2 Hash
+      # @param [String] user The username
+      # @param [String] password The password
+      # @param [String] target The domain or workstation to authenticate to
+      # @option opt :unicode (false) Unicode encode the domain
+      def ntlmv2_hash(user, password, target, opt={})
+        if is_ntlm_hash? password
+          decoded_password = EncodeUtil.decode_utf16le(password)
+          ntlmhash = [decoded_password.upcase[33,65]].pack('H32')
+        else
+          ntlmhash = ntlm_hash(password, opt)
+        end
+        userdomain = user.upcase + target
+        unless opt[:unicode]
+          userdomain = EncodeUtil.encode_utf16le(userdomain)
+        end
+        OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmhash, userdomain)
+      end
+
+      def lm_response(arg)
+        begin
+          hash = arg[:lm_hash]
+          chal = arg[:challenge]
+        rescue
+          raise ArgumentError
+        end
+        chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer)
+        keys = gen_keys hash.ljust(21, "\0")
+        apply_des(chal, keys).join
+      end
+
+      def ntlm_response(arg)
+        hash = arg[:ntlm_hash]
+        chal = arg[:challenge]
+        chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer)
+        keys = gen_keys hash.ljust(21, "\0")
+        apply_des(chal, keys).join
+      end
+
+      def ntlmv2_response(arg, opt = {})
+        begin
+          key = arg[:ntlmv2_hash]
+          chal = arg[:challenge]
+          ti = arg[:target_info]
+        rescue
+          raise ArgumentError
+        end
+        chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer)
+
+        if opt[:client_challenge]
+          cc  = opt[:client_challenge]
+        else
+          cc = rand(MAX64)
+        end
+        cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)
+
+        if opt[:timestamp]
+          ts = opt[:timestamp]
+        else
+          ts = Time.now.to_i
+        end
+        # epoch -> milsec from Jan 1, 1601
+        ts = 10_000_000 * (ts + TIME_OFFSET)
+
+        blob = Blob.new
+        blob.timestamp = ts
+        blob.challenge = cc
+        blob.target_info = ti
+
+        bb = blob.serialize
+
+        OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + bb) + bb
+      end
+
+      def lmv2_response(arg, opt = {})
+        key = arg[:ntlmv2_hash]
+        chal = arg[:challenge]
+
+        chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer)
+
+        if opt[:client_challenge]
+          cc  = opt[:client_challenge]
+        else
+          cc = rand(MAX64)
+        end
+        cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)
+
+        OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + cc) + cc
+      end
+
+      def ntlm2_session(arg, opt = {})
+        begin
+          passwd_hash = arg[:ntlm_hash]
+          chal = arg[:challenge]
+        rescue
+          raise ArgumentError
+        end
+        chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer)
+
+        if opt[:client_challenge]
+          cc = opt[:client_challenge]
+        else
+          cc = rand(MAX64)
+        end
+        cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)
+
+        keys = gen_keys(passwd_hash.ljust(21, "\0"))
+        session_hash = OpenSSL::Digest::MD5.digest(chal + cc).slice(0, 8)
+        response = apply_des(session_hash, keys).join
+        [cc.ljust(24, "\0"), response]
+      end
+    end
+
+  end
+end