On sön, 2007-12-30 at 20:58 +0330, Hamid Choupani wrote: > At the end my source code is: > > //buf is captured from ethereal software in last ntlm step: > char* buf = > "TlRMTVNTUAADAAA" > "AGAAYAGIAAAAYABg" > "AegAAAAcABwBIAAA" > "ADQANAE8AAAAGAAY" > "AXAAAAAAAAACSAAA" > "ABoIAAgUCzg4AAAA" > "PS0hBUkFaTUFETUl" > "OSVNUUkFUT1JBTEl" > "CQVTwjbctkz1j68s" > "GIXlFazeqfvKdcz1" > "U+u7wjbctkz1j68s" > "GIXlFazeqfvKdcz1" > "U+u4=";
This NTLM packet is a unique response to the challenge sent by the server in the previous step. NTLM works as follows: 1. Negotiate packet sent by client, to negotiate the capabilities. 2. Challenge packet sent by the server, also indicates the negotiated capabilities. 3. Client responds with a NTLM authentication packet, unique to the challenge sent in 2. Note: There is some reasonable example programs in MSDN on how to use the SSP to provide authentication, both client and server. Regards Henrik