Andrew Main (Zefram) > Authen-Passphrase-0.008 > Authen::Passphrase::LANManagerHalf

Download:
Authen-Passphrase-0.008.tar.gz

Dependencies

Annotate this POD

CPAN RT

New  1
Open  1
View/Report Bugs
Module Version: 0.008   Source  

NAME ^

Authen::Passphrase::LANManagerHalf - passphrases using half the LAN Manager algorithm

SYNOPSIS ^

        use Authen::Passphrase::LANManagerHalf;

        $ppr = Authen::Passphrase::LANManagerHalf->new(
                hash_hex => "855c3697d9979e78");

        $ppr = Authen::Passphrase::LANManagerHalf->new(
                passphrase => "passphr");

        $ppr = Authen::Passphrase::LANManagerHalf->from_crypt(
                '$LM$855c3697d9979e78');

        $ppr = Authen::Passphrase::LANManagerHalf->from_rfc2307(
                '{CRYPT}$LM$855c3697d9979e78');

        $hash = $ppr->hash;
        $hash_hex = $ppr->hash_hex;

        if($ppr->match($passphrase)) { ...

        $passwd = $ppr->as_crypt;
        $userPassword = $ppr->as_rfc2307;

DESCRIPTION ^

An object of this class encapsulates half of a passphrase hashed using the Microsoft LAN Manager hash function. This is a subclass of Authen::Passphrase, and this document assumes that the reader is familiar with the documentation for that class. For the complete LAN Manager hash function, see Authen::Passphrase::LANManager.

In a spectacularly bad design decision, the Microsoft LAN Manager hash function splits the passphrase into two parts and hashes them separately. It is therefore possible to separate the halves of a LAN Manager hash, and do things with them (such as crack them) separately. This class is about using such a hash half on its own.

The half hash algorithm can be used on up to seven Latin-1 characters of passphrase. First the passphrase is folded to uppercase, and zero-padded to seven bytes. Then the seven bytes are used as a 56-bit DES key, to encrypt the fixed plaintext block "KGS!@#$%". The eight byte ciphertext block is the half hash. There is no salt.

Warning: Don't even think about using this seriously. It's an exceptionally weak design, flawed in pretty much every respect.

CONSTRUCTORS ^

Authen::Passphrase::LANManagerHalf->new(ATTR => VALUE, ...)

Generates a new passphrase recogniser object using the LAN Manager half hash algorithm. The following attributes may be given:

hash

The hash, as a string of 8 bytes.

hash_hex

The hash, as a string of 16 hexadecimal digits.

passphrase

A passphrase that will be accepted.

Either the hash or the passphrase must be given.

Authen::Passphrase::LANManagerHalf->from_crypt(PASSWD)

Generates a new LAN Manager half passphrase recogniser object from a crypt string. The crypt string must consist of "$LM$" followed by the hash in lowercase hexadecimal.

Authen::Passphrase::LANManagerHalf->from_rfc2307(USERPASSWORD)

Generates a new LAN Manager half passphrase recogniser object from an RFC 2307 string. The string must consist of "{CRYPT}" (case insensitive) followed by an acceptable crypt string.

METHODS ^

$ppr->hash

Returns the hash value, as a string of 8 bytes.

$ppr->hash_hex

Returns the hash value, as a string of 16 hexadecimal digits.

$ppr->match(PASSPHRASE)
$ppr->as_crypt
$ppr->as_rfc2307

These methods are part of the standard Authen::Passphrase interface.

SEE ALSO ^

Authen::Passphrase, Authen::Passphrase::LANManager, Crypt::DES

AUTHOR ^

Andrew Main (Zefram) <zefram@fysh.org>

COPYRIGHT ^

Copyright (C) 2006, 2007, 2009, 2010, 2012 Andrew Main (Zefram) <zefram@fysh.org>

LICENSE ^

This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

syntax highlighting: