Skip to content

NLA Win7 Win2K8R2

Jump to bottom Edit New page
Marc-André Moreau edited this page Dec 16, 2011 · 4 revisions

NLA Win7 Win2K8R2

NTLMv2 Authentication, Windows 7 to Windows Server 2008 R2, Domain Logon

nla_win7_win2k8r2.zip

NEGOTIATE_MESSAGE


4e 54 4c 4d 53 53 50 00 01 00 00 00 b7 82 08 e2 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
06 01 b0 1d 00 00 00 0f 

30 37 a0 03 02 01 02 a1 30 30 2e 30 2c a0 2a 04 28 
4e 54 4c 4d 53 53 50 00 Signature "NTLMSSP" 
01 00 00 00 MessageType (NEGOTIATE) 
b7 82 08 e2 NegotiateFlags 
00 00 00 00 00 00 00 00 DomainName (length 0, offset 0) 
00 00 00 00 00 00 00 00 Workstation (length 0, offset 0) 
06 01 b0 1d 00 00 00 0f Version

CHALLENGE_MESSAGE


4e 54 4c 4d 53 53 50 00 02 00 00 00 16 00 16 00 
38 00 00 00 35 82 89 e2 c6 7c e8 8a 3c cd 15 d6 
00 00 00 00 00 00 00 00 c8 00 c8 00 4e 00 00 00 
06 01 b0 1d 00 00 00 0f 41 00 57 00 41 00 4b 00 
45 00 43 00 4f 00 44 00 49 00 4e 00 47 00 02 00 
16 00 41 00 57 00 41 00 4b 00 45 00 43 00 4f 00 
44 00 49 00 4e 00 47 00 01 00 10 00 57 00 49 00 
4e 00 32 00 4b 00 38 00 52 00 32 00 04 00 24 00 
61 00 77 00 61 00 6b 00 65 00 63 00 6f 00 64 00 
69 00 6e 00 67 00 2e 00 61 00 74 00 68 00 2e 00 
63 00 78 00 03 00 36 00 57 00 49 00 4e 00 32 00 
4b 00 38 00 52 00 32 00 2e 00 61 00 77 00 61 00 
6b 00 65 00 63 00 6f 00 64 00 69 00 6e 00 67 00 
2e 00 61 00 74 00 68 00 2e 00 63 00 78 00 05 00 
24 00 61 00 77 00 61 00 6b 00 65 00 63 00 6f 00 
64 00 69 00 6e 00 67 00 2e 00 61 00 74 00 68 00 
2e 00 63 00 78 00 07 00 08 00 20 fd ae 48 07 cb 
cb 01 00 00 00 00 

30 82 01 2f a0 03 02 01 02 a1 82 01 26 30 82 01 22 30 82 01 1e a0 82 01 1a 04 82 01 16 

4e 54 4c 4d 53 53 50 00 Signature "NTLMSSP" 
02 00 00 00 MessageType (CHALLENGE) 
16 00 16 00 38 00 00 00 TargetName (length 22, offset 56) 
35 82 89 e2 NegotiateFlags 
16 a4 60 ad 94 dc ec 27 ServerChallenge 
00 00 00 00 00 00 00 00 Reserved 
c8 00 c8 00 4e 00 00 00 TargetInfo (length 200, offset 78) 
06 01 b0 1d 00 00 00 0f Version 

TargetName (length 22, offset 56, "AWAKECODING") 
41 00 57 00 41 00 4b 00 45 00 43 00 4f 00 44 00 49 00 4e 00 47 00 

TargetInfo (length 200, offset 78) 
02 00 16 00 41 00 57 00 41 00 4b 00 45 00 43 00 
4f 00 44 00 49 00 4e 00 47 00 01 00 10 00 57 00 
49 00 4e 00 32 00 4b 00 38 00 52 00 32 00 04 00 
24 00 61 00 77 00 61 00 6b 00 65 00 63 00 6f 00 
64 00 69 00 6e 00 67 00 2e 00 61 00 74 00 68 00 
2e 00 63 00 78 00 03 00 36 00 57 00 49 00 4e 00 
32 00 4b 00 38 00 52 00 32 00 2e 00 61 00 77 00 
61 00 6b 00 65 00 63 00 6f 00 64 00 69 00 6e 00 
67 00 2e 00 61 00 74 00 68 00 2e 00 63 00 78 00 
05 00 24 00 61 00 77 00 61 00 6b 00 65 00 63 00 
6f 00 64 00 69 00 6e 00 67 00 2e 00 61 00 74 00 
68 00 2e 00 63 00 78 00 07 00 08 00 8c 66 05 0c 
09 cb cb 01 00 00 00 00 

02 00 
16 00 AvLen (22) 
Value "AWAKECODING" 
41 00 57 00 41 00 4b 00 45 00 43 00 4f 00 44 00 49 00 4e 00 47 00 

01 00 
10 00 AvLen (16) 
Value "WIN2K8R2" 
57 00 49 00 4e 00 32 00 4b 00 38 00 52 00 32 00 

04 00 
24 00 AvLen (36) 

Value "awakecoding.ath.cx" 
61 00 77 00 61 00 6b 00 65 00 63 00 6f 00 64 00 69 00 6e 00 67 00 2e 00 61 00 74 00 68 00 2e 00 63 00 78 00 

03 00 
36 00 AvLen (54) 

Value "WIN2K8R2.awakecoding.ath.cx" 
57 00 49 00 4e 00 32 00 4b 00 38 00 52 00 32 00 
2e 00 61 00 77 00 61 00 6b 00 65 00 63 00 6f 00 
64 00 69 00 6e 00 67 00 2e 00 61 00 74 00 68 00 
2e 00 63 00 78 00 

05 00 
24 00 AvLen (36) 

Value "awakecoding.ath.cx" 
61 00 77 00 61 00 6b 00 65 00 63 00 6f 00 64 00 69 00 6e 00 67 00 2e 00 61 00 74 00 68 00 2e 00 63 00 78 00 

07 00 
08 00 AvLen (8) 
8c 66 05 0c 09 cb cb 01 

00 00 
00 00 AvLen (0)

AUTHENTICATE_MESSAGE


4e 54 4c 4d 53 53 50 00 03 00 00 00 18 00 18 00 
98 00 00 00 7a 01 7a 01 b0 00 00 00 16 00 16 00 
58 00 00 00 1a 00 1a 00 6e 00 00 00 10 00 10 00 
88 00 00 00 10 00 10 00 2a 02 00 00 35 82 88 e2 
06 01 b0 1d 00 00 00 0f 12 28 00 a0 b2 29 47 12 
1e 8e 54 f8 29 db 52 1e 41 00 57 00 41 00 4b 00 
45 00 43 00 4f 00 44 00 49 00 4e 00 47 00 41 00 
64 00 6d 00 69 00 6e 00 69 00 73 00 74 00 72 00 
61 00 74 00 6f 00 72 00 57 00 49 00 4e 00 44 00 
4f 00 57 00 53 00 37 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
f5 61 4e 2f 00 d0 15 b0 70 b0 3e 82 91 5f c7 08 
01 01 00 00 00 00 00 00 20 fd ae 48 07 cb cb 01 
a5 00 28 29 cd 07 e3 bc 00 00 00 00 02 00 16 00 
41 00 57 00 41 00 4b 00 45 00 43 00 4f 00 44 00 
49 00 4e 00 47 00 01 00 10 00 57 00 49 00 4e 00 
32 00 4b 00 38 00 52 00 32 00 04 00 24 00 61 00 
77 00 61 00 6b 00 65 00 63 00 6f 00 64 00 69 00 
6e 00 67 00 2e 00 61 00 74 00 68 00 2e 00 63 00 
78 00 03 00 36 00 57 00 49 00 4e 00 32 00 4b 00 
38 00 52 00 32 00 2e 00 61 00 77 00 61 00 6b 00 
65 00 63 00 6f 00 64 00 69 00 6e 00 67 00 2e 00 
61 00 74 00 68 00 2e 00 63 00 78 00 05 00 24 00 
61 00 77 00 61 00 6b 00 65 00 63 00 6f 00 64 00 
69 00 6e 00 67 00 2e 00 61 00 74 00 68 00 2e 00 
63 00 78 00 07 00 08 00 20 fd ae 48 07 cb cb 01 
06 00 04 00 02 00 00 00 08 00 30 00 30 00 00 00 
00 00 00 00 01 00 00 00 00 20 00 00 7b d0 9e 33 
06 75 e3 3e 52 7b 4a c4 75 5f 9b 98 26 5d cb 05 
6a 6a cc 0f b8 4f ab 09 22 30 7a 5d 0a 00 10 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
09 00 2a 00 54 00 45 00 52 00 4d 00 53 00 52 00 
56 00 2f 00 31 00 39 00 32 00 2e 00 31 00 36 00 
38 00 2e 00 31 00 2e 00 31 00 35 00 30 00 00 00 
00 00 00 00 00 00 00 00 00 00 0c 57 c6 b5 0c 14 
c1 f0 64 e7 cc 8b f0 6d 7a 13 

30 82 03 79 a0 03 02 01 02 a1 82 02 4a 30 82 02 46 30 82 02 42 a0 82 02 3e 04 82 02 3a 

4e 54 4c 4d 53 53 50 00 Signature "NTLMSSP" 
03 00 00 00 MessageType (AUTHENTICATE) 
18 00 18 00 98 00 00 00 LmChallengeResponse (length 24, offset 152) 
7a 01 7a 01 b0 00 00 00 NtChallengeResponse (length 378, offset 176) 
16 00 16 00 58 00 00 00 DomainName (length 22, offset 88) 
1a 00 1a 00 6e 00 00 00 UserName (length 26, offset 110) 
10 00 10 00 88 00 00 00 Workstation (length 16, offset 136) 
10 00 10 00 2a 02 00 00 EncryptedRandomSessionKey (length 16, offset 554) 
35 82 88 e2 NegotiateFlags 
06 01 b0 1d 00 00 00 0f Version (6.1, Build 7600) 

MessageIntegrityCheck 
12 28 00 a0 b2 29 47 12 1e 8e 54 f8 29 db 52 1e 

DomainName (length 22, offset 88, "AWAKECODING") 
41 00 57 00 41 00 4b 00 45 00 43 00 4f 00 44 00 49 00 4e 00 47 00 

UserName (length 26, offset 110, "Administrator") 
41 00 64 00 6d 00 69 00 6e 00 69 00 73 00 74 00 72 00 61 00 74 00 6f 00 72 00 

Workstation (length 16, offset 136, "WINDOWS7") 
57 00 49 00 4e 00 44 00 4f 00 57 00 53 00 37 00 

LmChallengeResponse (length 24, offset 152) 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 

NtChallengeResponse (length 378, offset 176) 
f5 61 4e 2f 00 d0 15 b0 70 b0 3e 82 91 5f c7 08 
01 01 00 00 00 00 00 00 
20 fd ae 48 07 cb cb 01 Timestamp 
a5 00 28 29 cd 07 e3 bc ClientChallenge 
00 00 00 00 Reserved 

TargetInfo 
02 00 16 00 41 00 57 00 41 00 4b 00 45 00 43 00 
4f 00 44 00 49 00 4e 00 47 00 01 00 10 00 57 00 
49 00 4e 00 32 00 4b 00 38 00 52 00 32 00 04 00 
24 00 61 00 77 00 61 00 6b 00 65 00 63 00 6f 00 
64 00 69 00 6e 00 67 00 2e 00 61 00 74 00 68 00 
2e 00 63 00 78 00 03 00 36 00 57 00 49 00 4e 00 
32 00 4b 00 38 00 52 00 32 00 2e 00 61 00 77 00 
61 00 6b 00 65 00 63 00 6f 00 64 00 69 00 6e 00 
67 00 2e 00 61 00 74 00 68 00 2e 00 63 00 78 00 
05 00 24 00 61 00 77 00 61 00 6b 00 65 00 63 00 
6f 00 64 00 69 00 6e 00 67 00 2e 00 61 00 74 00 
68 00 2e 00 63 00 78 00 07 00 08 00 20 fd ae 48 
07 cb cb 01 06 00 04 00 02 00 00 00 08 00 30 00 
30 00 00 00 00 00 00 00 01 00 00 00 00 20 00 00 
7b d0 9e 33 06 75 e3 3e 52 7b 4a c4 75 5f 9b 98 
26 5d cb 05 6a 6a cc 0f b8 4f ab 09 22 30 7a 5d 
0a 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 09 00 2a 00 54 00 45 00 52 00 4d 00 
53 00 52 00 56 00 2f 00 31 00 39 00 32 00 2e 00 
31 00 36 00 38 00 2e 00 31 00 2e 00 31 00 35 00 
30 00 00 00 00 00 00 00 00 00 00 00 00 00 

02 00 AvId (MsvAvNbDomainName) 
16 00 AvLen (22) 

Value "AWAKECODING" 
41 00 57 00 41 00 4b 00 45 00 43 00 4f 00 44 00 49 00 4e 00 47 00 

01 00 AvId (MsvAvNbComputerName) 
10 00 AvLen (16) 

Value "WINK2K8R2 
57 00 49 00 4e 00 32 00 4b 00 38 00 52 00 32 00 

04 00 AvId (MsvAvDnsDomainName) 
24 00 AvLen (36) 

Value "awakecoding.ath.cx" 
61 00 77 00 61 00 6b 00 65 00 63 00 6f 00 64 00 69 00 6e 00 67 00 2e 00 61 00 74 00 68 00 2e 00 63 00 78 00 

03 00 AvId (MsvAvDnsComputerName) 
36 00 AvLen (54) 

Value "WINK28R2.awakecoding.ath.cx" 
57 00 49 00 4e 00 32 00 4b 00 38 00 52 00 32 00 
2e 00 61 00 77 00 61 00 6b 00 65 00 63 00 6f 00 
64 00 69 00 6e 00 67 00 2e 00 61 00 74 00 68 00 
2e 00 63 00 78 00 

05 00 AvId (MsvAvDnsTreeName) 
24 00 AvLen (36) 

Value "awakecoding.ath.cx" 
61 00 77 00 61 00 6b 00 65 00 63 00 6f 00 64 00 69 00 6e 00 67 00 2e 00 61 00 74 00 68 00 2e 00 63 00 78 00 

07 00 AvId (MsvAvTimestamp) 
08 00 AvLen (8) 
20 fd ae 48 07 cb cb 01 

06 00 AvId (MsvAvFlags) 
04 00 AvLen (4) 
02 00 00 00 

08 00 AvId (MsAvRestrictions) 
30 00 AvLen (48) 

Value (Restriction_Encoding) 
30 00 00 00 Size (48) 
00 00 00 00 Reserved  
01 00 00 00 IntegrityLevel 
00 20 00 00 SubjectIntegrityLevel 
MachineID 
7b d0 9e 33 06 75 e3 3e 52 7b 4a c4 75 5f 9b 98 
26 5d cb 05 6a 6a cc 0f b8 4f ab 09 22 30 7a 5d 

0a 00 AvId (MsvChannelBindings) 
10 00 AvLen (16) 

Value 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 

09 00 AvId (MsvAvTargetName) 
2a 00 AvLen (42) 

Value "TERMSRV/192.168.1.150" 
54 00 45 00 52 00 4d 00 53 00 52 00 56 00 2f 00 
31 00 39 00 32 00 2e 00 31 00 36 00 38 00 2e 00 
31 00 2e 00 31 00 35 00 30 00 

00 00 AvId (MsvAvEOL)
00 00 AvLen (0)

00 00 00 00 Reserved 
00 00 00 00 Reserved 

EncryptedRandomSessionKey 
0c 57 c6 b5 0c 14 c1 f0 64 e7 cc 8b f0 6d 7a 13

Protocol Variables

Username
“Administrator”

Password
“Password123!”

Domain
AWAKECODING


NTLMv2 Hash 
f7 46 48 aa 78 78 2e 92 0f 92 9a ed 7f 1d d5 23 

NTLMv2 Response 
f5 61 4e 2f 00 d0 15 b0 70 b0 3e 82 91 5f c7 08 

ServerChallenge 
16 a4 60 ad 94 dc ec 27 

ClientChallenge 
a5 00 28 29 cd 07 e3 bc  

Timestamp (Challenge) 
8c 66 05 0c 09 cb cb 01 

Timestamp (Authenticate) 
20 fd ae 48 07 cb cb 01 

SessionBaseKey 
66 2b 75 c3 31 07 45 5e 0e f0 d0 a0 b9 c0 b2 7c 

KeyExchangeKey 
66 2b 75 c3 31 07 45 5e 0e f0 d0 a0 b9 c0 b2 7c 

EncryptedRandomSessionKey 
0c 57 c6 b5 0c 14 c1 f0 64 e7 cc 8b f0 6d 7a 13 

ExportedSessionKey 
1b 41 ef 18 3e ed 53 6f f6 42 49 de d6 3d f4 57 

MessageIntegrityCheck 
12 28 00 a0 b2 29 47 12 1e 8e 54 f8 29 db 52 1e

Definitions for Unit Tests


NTLMv2 Hash
"\xf7\x46\x48\xaa\x78\x78\x2e\x92\x0f\x92\x9a\xed\x7f\x1d\xd5\x23"

NTLMv2 Response
"\xf5\x61\x4e\x2f\x00\xd0\x15\xb0\x70\xb0\x3e\x82\x91\x5f\xc7\x08"

ServerChallenge
"\x16\xa4\x60\xad\x94\xdc\xec\x27"

ClientChallenge
"\xa5\x00\x28\x29\xcd\x07\xe3\xbc"

Timestamp (CHALLENGE)
"\x8c\x66\x05\x0c\x09\xcb\xcb\x01"

Timestamp (AUTHENTICATE)
"\x20\xfd\xae\x48\x07\xcb\xcb\x01"

SessionBaseKey
"\x66\x2b\x75\xc3\x31\x07\x45\x5e\x0e\xf0\xd0\xa0\xb9\xc0\xb2\x7c"

KeyExchangeKey
"\x66\x2b\x75\xc3\x31\x07\x45\x5e\x0e\xf0\xd0\xa0\xb9\xc0\xb2\x7c"

EncryptedRandomSessionKey
"\x0c\x57\xc6\xb5\x0c\x14\xc1\xf0\x64\xe7\xcc\x8b\xf0\x6d\x7a\x13"

ExportedSessionKey 
"\x1b\x41\xef\x18\x3e\xed\x53\x6f\xf6\x42\x49\xde\xd6\x3d\xf4\x57"

MessageIntegrityCheck
"\x12\x28\x00\xa0\xb2\x29\x47\x12\x1e\x8e\x54\xf8\x29\xdb\x52\x1e"

NEGOTIATE_MESSAGE


"\x4e\x54\x4c\x4d\x53\x53\x50\x00\x01\x00\x00\x00\xb7\x82\x08\xe2"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x06\x01\xb0\x1d\x00\x00\x00\x0f"

CHALLENGE_MESSAGE


"\x4e\x54\x4c\x4d\x53\x53\x50\x00\x02\x00\x00\x00\x16\x00\x16\x00"
"\x38\x00\x00\x00\x35\x82\x89\xe2\xc6\x7c\xe8\x8a\x3c\xcd\x15\xd6"
"\x00\x00\x00\x00\x00\x00\x00\x00\xc8\x00\xc8\x00\x4e\x00\x00\x00"
"\x06\x01\xb0\x1d\x00\x00\x00\x0f\x41\x00\x57\x00\x41\x00\x4b\x00"
"\x45\x00\x43\x00\x4f\x00\x44\x00\x49\x00\x4e\x00\x47\x00\x02\x00"
"\x16\x00\x41\x00\x57\x00\x41\x00\x4b\x00\x45\x00\x43\x00\x4f\x00"
"\x44\x00\x49\x00\x4e\x00\x47\x00\x01\x00\x10\x00\x57\x00\x49\x00"
"\x4e\x00\x32\x00\x4b\x00\x38\x00\x52\x00\x32\x00\x04\x00\x24\x00"
"\x61\x00\x77\x00\x61\x00\x6b\x00\x65\x00\x63\x00\x6f\x00\x64\x00"
"\x69\x00\x6e\x00\x67\x00\x2e\x00\x61\x00\x74\x00\x68\x00\x2e\x00"
"\x63\x00\x78\x00\x03\x00\x36\x00\x57\x00\x49\x00\x4e\x00\x32\x00"
"\x4b\x00\x38\x00\x52\x00\x32\x00\x2e\x00\x61\x00\x77\x00\x61\x00"
"\x6b\x00\x65\x00\x63\x00\x6f\x00\x64\x00\x69\x00\x6e\x00\x67\x00"
"\x2e\x00\x61\x00\x74\x00\x68\x00\x2e\x00\x63\x00\x78\x00\x05\x00"
"\x24\x00\x61\x00\x77\x00\x61\x00\x6b\x00\x65\x00\x63\x00\x6f\x00"
"\x64\x00\x69\x00\x6e\x00\x67\x00\x2e\x00\x61\x00\x74\x00\x68\x00"
"\x2e\x00\x63\x00\x78\x00\x07\x00\x08\x00\x20\xfd\xae\x48\x07\xcb"
"\xcb\x01\x00\x00\x00\x00"

AUTHENTICATE_MESSAGE


"\x4e\x54\x4c\x4d\x53\x53\x50\x00\x03\x00\x00\x00\x18\x00\x18\x00" 
"\x98\x00\x00\x00\x7a\x01\x7a\x01\xb0\x00\x00\x00\x16\x00\x16\x00" 
"\x58\x00\x00\x00\x1a\x00\x1a\x00\x6e\x00\x00\x00\x10\x00\x10\x00" 
"\x88\x00\x00\x00\x10\x00\x10\x00\x2a\x02\x00\x00\x35\x82\x88\xe2" 
"\x06\x01\xb0\x1d\x00\x00\x00\x0f\x12\x28\x00\xa0\xb2\x29\x47\x12" 
"\x1e\x8e\x54\xf8\x29\xdb\x52\x1e\x41\x00\x57\x00\x41\x00\x4b\x00" 
"\x45\x00\x43\x00\x4f\x00\x44\x00\x49\x00\x4e\x00\x47\x00\x41\x00" 
"\x64\x00\x6d\x00\x69\x00\x6e\x00\x69\x00\x73\x00\x74\x00\x72\x00" 
"\x61\x00\x74\x00\x6f\x00\x72\x00\x57\x00\x49\x00\x4e\x00\x44\x00" 
"\x4f\x00\x57\x00\x53\x00\x37\x00\x00\x00\x00\x00\x00\x00\x00\x00" 
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" 
"\xf5\x61\x4e\x2f\x00\xd0\x15\xb0\x70\xb0\x3e\x82\x91\x5f\xc7\x08" 
"\x01\x01\x00\x00\x00\x00\x00\x00\x20\xfd\xae\x48\x07\xcb\xcb\x01" 
"\xa5\x00\x28\x29\xcd\x07\xe3\xbc\x00\x00\x00\x00\x02\x00\x16\x00" 
"\x41\x00\x57\x00\x41\x00\x4b\x00\x45\x00\x43\x00\x4f\x00\x44\x00" 
"\x49\x00\x4e\x00\x47\x00\x01\x00\x10\x00\x57\x00\x49\x00\x4e\x00" 
"\x32\x00\x4b\x00\x38\x00\x52\x00\x32\x00\x04\x00\x24\x00\x61\x00" 
"\x77\x00\x61\x00\x6b\x00\x65\x00\x63\x00\x6f\x00\x64\x00\x69\x00" 
"\x6e\x00\x67\x00\x2e\x00\x61\x00\x74\x00\x68\x00\x2e\x00\x63\x00" 
"\x78\x00\x03\x00\x36\x00\x57\x00\x49\x00\x4e\x00\x32\x00\x4b\x00" 
"\x38\x00\x52\x00\x32\x00\x2e\x00\x61\x00\x77\x00\x61\x00\x6b\x00" 
"\x65\x00\x63\x00\x6f\x00\x64\x00\x69\x00\x6e\x00\x67\x00\x2e\x00" 
"\x61\x00\x74\x00\x68\x00\x2e\x00\x63\x00\x78\x00\x05\x00\x24\x00" 
"\x61\x00\x77\x00\x61\x00\x6b\x00\x65\x00\x63\x00\x6f\x00\x64\x00" 
"\x69\x00\x6e\x00\x67\x00\x2e\x00\x61\x00\x74\x00\x68\x00\x2e\x00" 
"\x63\x00\x78\x00\x07\x00\x08\x00\x20\xfd\xae\x48\x07\xcb\xcb\x01" 
"\x06\x00\x04\x00\x02\x00\x00\x00\x08\x00\x30\x00\x30\x00\x00\x00" 
"\x00\x00\x00\x00\x01\x00\x00\x00\x00\x20\x00\x00\x7b\xd0\x9e\x33" 
"\x06\x75\xe3\x3e\x52\x7b\x4a\xc4\x75\x5f\x9b\x98\x26\x5d\xcb\x05" 
"\x6a\x6a\xcc\x0f\xb8\x4f\xab\x09\x22\x30\x7a\x5d\x0a\x00\x10\x00" 
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" 
"\x09\x00\x2a\x00\x54\x00\x45\x00\x52\x00\x4d\x00\x53\x00\x52\x00" 
"\x56\x00\x2f\x00\x31\x00\x39\x00\x32\x00\x2e\x00\x31\x00\x36\x00" 
"\x38\x00\x2e\x00\x31\x00\x2e\x00\x31\x00\x35\x00\x30\x00\x00\x00" 
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0c\x57\xc6\xb5\x0c\x14" 
"\xc1\xf0\x64\xe7\xcc\x8b\xf0\x6d\x7a\x13"

AUTHENTICATE_MESSAGE (MIC set to zero)


"\x4e\x54\x4c\x4d\x53\x53\x50\x00\x03\x00\x00\x00\x18\x00\x18\x00" 
"\x98\x00\x00\x00\x7a\x01\x7a\x01\xb0\x00\x00\x00\x16\x00\x16\x00" 
"\x58\x00\x00\x00\x1a\x00\x1a\x00\x6e\x00\x00\x00\x10\x00\x10\x00" 
"\x88\x00\x00\x00\x10\x00\x10\x00\x2a\x02\x00\x00\x35\x82\x88\xe2" 
"\x06\x01\xb0\x1d\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\x00" 
"\x00\x00\x00\x00\x00\x00\x00\x00\x41\x00\x57\x00\x41\x00\x4b\x00" 
"\x45\x00\x43\x00\x4f\x00\x44\x00\x49\x00\x4e\x00\x47\x00\x41\x00" 
"\x64\x00\x6d\x00\x69\x00\x6e\x00\x69\x00\x73\x00\x74\x00\x72\x00" 
"\x61\x00\x74\x00\x6f\x00\x72\x00\x57\x00\x49\x00\x4e\x00\x44\x00" 
"\x4f\x00\x57\x00\x53\x00\x37\x00\x00\x00\x00\x00\x00\x00\x00\x00" 
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" 
"\xf5\x61\x4e\x2f\x00\xd0\x15\xb0\x70\xb0\x3e\x82\x91\x5f\xc7\x08" 
"\x01\x01\x00\x00\x00\x00\x00\x00\x20\xfd\xae\x48\x07\xcb\xcb\x01" 
"\xa5\x00\x28\x29\xcd\x07\xe3\xbc\x00\x00\x00\x00\x02\x00\x16\x00" 
"\x41\x00\x57\x00\x41\x00\x4b\x00\x45\x00\x43\x00\x4f\x00\x44\x00" 
"\x49\x00\x4e\x00\x47\x00\x01\x00\x10\x00\x57\x00\x49\x00\x4e\x00" 
"\x32\x00\x4b\x00\x38\x00\x52\x00\x32\x00\x04\x00\x24\x00\x61\x00" 
"\x77\x00\x61\x00\x6b\x00\x65\x00\x63\x00\x6f\x00\x64\x00\x69\x00" 
"\x6e\x00\x67\x00\x2e\x00\x61\x00\x74\x00\x68\x00\x2e\x00\x63\x00" 
"\x78\x00\x03\x00\x36\x00\x57\x00\x49\x00\x4e\x00\x32\x00\x4b\x00" 
"\x38\x00\x52\x00\x32\x00\x2e\x00\x61\x00\x77\x00\x61\x00\x6b\x00" 
"\x65\x00\x63\x00\x6f\x00\x64\x00\x69\x00\x6e\x00\x67\x00\x2e\x00" 
"\x61\x00\x74\x00\x68\x00\x2e\x00\x63\x00\x78\x00\x05\x00\x24\x00" 
"\x61\x00\x77\x00\x61\x00\x6b\x00\x65\x00\x63\x00\x6f\x00\x64\x00" 
"\x69\x00\x6e\x00\x67\x00\x2e\x00\x61\x00\x74\x00\x68\x00\x2e\x00" 
"\x63\x00\x78\x00\x07\x00\x08\x00\x20\xfd\xae\x48\x07\xcb\xcb\x01" 
"\x06\x00\x04\x00\x02\x00\x00\x00\x08\x00\x30\x00\x30\x00\x00\x00" 
"\x00\x00\x00\x00\x01\x00\x00\x00\x00\x20\x00\x00\x7b\xd0\x9e\x33" 
"\x06\x75\xe3\x3e\x52\x7b\x4a\xc4\x75\x5f\x9b\x98\x26\x5d\xcb\x05" 
"\x6a\x6a\xcc\x0f\xb8\x4f\xab\x09\x22\x30\x7a\x5d\x0a\x00\x10\x00" 
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" 
"\x09\x00\x2a\x00\x54\x00\x45\x00\x52\x00\x4d\x00\x53\x00\x52\x00" 
"\x56\x00\x2f\x00\x31\x00\x39\x00\x32\x00\x2e\x00\x31\x00\x36\x00" 
"\x38\x00\x2e\x00\x31\x00\x2e\x00\x31\x00\x35\x00\x30\x00\x00\x00" 
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0c\x57\xc6\xb5\x0c\x14" 
"\xc1\xf0\x64\xe7\xcc\x8b\xf0\x6d\x7a\x13"

TargetInfo (CHALLENGE)


"\x02\x00\x16\x00\x41\x00\x57\x00\x41\x00\x4b\x00\x45\x00\x43\x00" 
"\x4f\x00\x44\x00\x49\x00\x4e\x00\x47\x00\x01\x00\x10\x00\x57\x00" 
"\x49\x00\x4e\x00\x32\x00\x4b\x00\x38\x00\x52\x00\x32\x00\x04\x00" 
"\x24\x00\x61\x00\x77\x00\x61\x00\x6b\x00\x65\x00\x63\x00\x6f\x00" 
"\x64\x00\x69\x00\x6e\x00\x67\x00\x2e\x00\x61\x00\x74\x00\x68\x00" 
"\x2e\x00\x63\x00\x78\x00\x03\x00\x36\x00\x57\x00\x49\x00\x4e\x00" 
"\x32\x00\x4b\x00\x38\x00\x52\x00\x32\x00\x2e\x00\x61\x00\x77\x00" 
"\x61\x00\x6b\x00\x65\x00\x63\x00\x6f\x00\x64\x00\x69\x00\x6e\x00" 
"\x67\x00\x2e\x00\x61\x00\x74\x00\x68\x00\x2e\x00\x63\x00\x78\x00" 
"\x05\x00\x24\x00\x61\x00\x77\x00\x61\x00\x6b\x00\x65\x00\x63\x00" 
"\x6f\x00\x64\x00\x69\x00\x6e\x00\x67\x00\x2e\x00\x61\x00\x74\x00" 
"\x68\x00\x2e\x00\x63\x00\x78\x00\x07\x00\x08\x00\x8c\x66\x05\x0c" 
"\x09\xcb\xcb\x01\x00\x00\x00\x00"

TargetInfo (AUTHENTICATE)


"\x02\x00\x16\x00\x41\x00\x57\x00\x41\x00\x4b\x00\x45\x00\x43\x00" 
"\x4f\x00\x44\x00\x49\x00\x4e\x00\x47\x00\x01\x00\x10\x00\x57\x00" 
"\x49\x00\x4e\x00\x32\x00\x4b\x00\x38\x00\x52\x00\x32\x00\x04\x00" 
"\x24\x00\x61\x00\x77\x00\x61\x00\x6b\x00\x65\x00\x63\x00\x6f\x00" 
"\x64\x00\x69\x00\x6e\x00\x67\x00\x2e\x00\x61\x00\x74\x00\x68\x00" 
"\x2e\x00\x63\x00\x78\x00\x03\x00\x36\x00\x57\x00\x49\x00\x4e\x00" 
"\x32\x00\x4b\x00\x38\x00\x52\x00\x32\x00\x2e\x00\x61\x00\x77\x00"
"\x61\x00\x6b\x00\x65\x00\x63\x00\x6f\x00\x64\x00\x69\x00\x6e\x00" 
"\x67\x00\x2e\x00\x61\x00\x74\x00\x68\x00\x2e\x00\x63\x00\x78\x00" 
"\x05\x00\x24\x00\x61\x00\x77\x00\x61\x00\x6b\x00\x65\x00\x63\x00" 
"\x6f\x00\x64\x00\x69\x00\x6e\x00\x67\x00\x2e\x00\x61\x00\x74\x00" 
"\x68\x00\x2e\x00\x63\x00\x78\x00\x07\x00\x08\x00\x20\xfd\xae\x48" 
"\x07\xcb\xcb\x01\x06\x00\x04\x00\x02\x00\x00\x00\x08\x00\x30\x00" 
"\x30\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x20\x00\x00" 
"\x7b\xd0\x9e\x33\x06\x75\xe3\x3e\x52\x7b\x4a\xc4\x75\x5f\x9b\x98" 
"\x26\x5d\xcb\x05\x6a\x6a\xcc\x0f\xb8\x4f\xab\x09\x22\x30\x7a\x5d" 
"\x0a\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" 
"\x00\x00\x00\x00\x09\x00\x2a\x00\x54\x00\x45\x00\x52\x00\x4d\x00" 
"\x53\x00\x52\x00\x56\x00\x2f\x00\x31\x00\x39\x00\x32\x00\x2e\x00" 
"\x31\x00\x36\x00\x38\x00\x2e\x00\x31\x00\x2e\x00\x31\x00\x35\x00" 
"\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00"
Add a custom footer
Add a custom sidebar
Clone this wiki locally