Benjamin Kuit > Crypt-SmbHash > Crypt::SmbHash

Download:
Crypt-SmbHash-0.12.tar.gz

Dependencies

Annotate this POD

CPAN RT

New  1
Open  0
View/Report Bugs
Module Version: 0.12   Source  

NAME ^

Crypt::SmbHash - Perl-only implementation of lanman and nt md4 hash functions, for use in Samba style smbpasswd entries

SYNOPSIS ^

  use Crypt::SmbHash;

  ntlmgen SCALAR, LMSCALAR, NTSCALAR;

DESCRIPTION ^

This module generates Lanman and NT MD4 style password hashes, using perl-only code for portability. The module aids in the administration of Samba style systems.

In the Samba distribution, authentication is referred to a private smbpasswd file. Entries have similar forms to the following:

username:unixuid:LM:NT

Where LM and NT are one-way password hashes of the same password.

ntlmgen generates the hashes given in the first argument, and places the result in the second and third arguments.

Example: To generate a smbpasswd entry:

   #!/usr/local/bin/perl 
   use Crypt::SmbHash;
   $username = $ARGV[0];
   $password = $ARGV[1];
   if ( !$password ) {
           print "Not enough arguments\n";
           print "Usage: $0 username password\n";
           exit 1;
   }
   $uid = (getpwnam($username))[2];
   my ($login,undef,$uid) = getpwnam($ARGV[0]);
   ntlmgen $password, $lm, $nt;
   printf "%s:%d:%s:%s:[%-11s]:LCT-%08X\n", $login, $uid, $lm, $nt, "U", time;

ntlmgen returns returns the hash values in a list context, so the alternative method of using it is:

   ( $lm, $nt ) = ntlmgen $password;

The functions lmhash and nthash are used by ntlmgen to generate the hashes, and are available when requested:

   use Crypt::SmbHash qw(lmhash nthash)
   $lm = lmhash($pass);
   $nt = nthash($pass);

If Encoding is available (part of perl-5.8) the $pass argument to ntlmgen, lmhash and nthash must be a perl string. In double use this:

   use Crypt::SmbHash qw(ntlmgen lmhash nthash);
   use Encode;
   ( $lm, $nt ) = ntlmgen decode('iso-8859-1', $pass);
   $lm = lmhash(decode_utf8($pass), $pwenc);
   $nt = nthash(decode_utf8($pass));

The $pwenc parameter to lmhash() is optional and defaults to 'iso-8859-1'. It specifies the encoding to which the password is encoded before hashing.

MD4 ^

The algorithm used in nthash requires the md4 algorithm. This algorithm is included in this module for completeness, but because it is written in all-perl code ( rather than in C ), it's not very quick.

However if you have the Digest::MD4 module installed, Crypt::SmbHash will try to use that module instead, making it much faster.

A simple test compared calling nthash without Digest::MD4 installed, and with, this showed that using nthash on a system with Digest::MD4 installed proved to be over 90 times faster.

AUTHOR ^

Ported from Samba by Benjamin Kuit <lt>bj@it.uts.edu.au<gt>.

Samba is Copyright(C) Andrew Tridgell 1997-1998

Because this module is a direct port of code within the Samba distribution, it follows the same license, that is:

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
syntax highlighting: