我正在努力了解如何正确阅读和构造 NTLM 消息上的 NegotiateFlags 参数。在官方协议规范中,我根本无法理解该表。我认为它代表 32 位,因为 NegotiateFlags 是 4 个字节,但是这些字母是什么意思?如何设置?
在谷歌上搜索我发现了另一个例子,这对我来说更有意义:
0x00000001 Negotiate Unicode
0x00000002 Negotiate OEM
0x00000004 Request Target
0x00000008 unknown
0x00000010 Negotiate Sign
0x00000020 Negotiate Seal
0x00000040 Negotiate Datagram Style
0x00000080 Negotiate Lan Manager Key
0x00000100 Negotiate Netware
0x00000200 Negotiate NTLM
0x00000400 unknown
0x00000800 Negotiate Anonymous
0x00001000 Negotiate Domain Supplied
0x00002000 Negotiate Workstation Supplied
0x00004000 Negotiate Local Call *//Sent by the server*
0x00008000 Negotiate Always Sign
0x00010000 Target Type Domain *//Sent by the server in the Type 2 message*
0x00020000 Target Type Server *//Sent by the server in the Type 2 message*
0x00040000 Target Type Share *//Sent by the server in the Type 2 message*
0x00080000 Negotiate NTLM2 Key
0x00100000 Request Init Response
0x00200000 Request Accept Response
0x00400000 Request Non-NT Session Key
0x00800000 Negotiate Target Info
0x01000000 unknown
0x02000000 unknown
0x04000000 unknown
0x08000000 unknown
0x10000000 unknown
0x20000000 Negotiate 128
0x40000000 Negotiate Key Exchange
0x80000000 Negotiate 56
但是查看FreeRDP 示例,NegotiateFlags 是:
b7 82 08 e2
在小端阅读我有:
e2 08 = 57864
82 b7 = 33463
值总和 = 91327
我无法用上面显示的示例表得到这个值的总和......我应该如何计算这个?(当然,我接受让我理解微软官方表格的解释)