SmbHash(3) User Contributed Perl Documentation SmbHash(3)NAMECrypt::SmbHash - Perl-only implementation of lanman and nt md4 hash
functions, for use in Samba style smbpasswd entries
SYNOPSIS
use Crypt::SmbHash;
ntlmgen SCALAR, LMSCALAR, NTSCALAR;
DESCRIPTION
This module generates Lanman and NT MD4 style password hashes, using
perl-only code for portability. The module aids in the administration
of Samba style systems.
In the Samba distribution, authentication is referred to a private
smbpasswd file. Entries have similar forms to the following:
username:unixuid:LM:NT
Where LM and NT are one-way password hashes of the same password.
ntlmgen generates the hashes given in the first argument, and places
the result in the second and third arguments.
Example: To generate a smbpasswd entry:
#!/usr/local/bin/perl
use Crypt::SmbHash;
$username = $ARGV[0];
$password = $ARGV[1];
if ( !$password ) {
print "Not enough arguments\n";
print "Usage: $0 username password\n";
exit 1;
}
$uid = (getpwnam($username))[2];
my ($login,undef,$uid) = getpwnam($ARGV[0]);
ntlmgen $password, $lm, $nt;
printf "%s:%d:%s:%s:[%-11s]:LCT-%08X\n", $login, $uid, $lm, $nt, "U", time;
ntlmgen returns returns the hash values in a list context, so the
alternative method of using it is:
( $lm, $nt ) = ntlmgen $password;
The functions lmhash and nthash are used by ntlmgen to generate the
hashes, and are available when requested:
use Crypt::SmbHash qw(lmhash nthash)
$lm = lmhash($pass);
$nt = nthash($pass);
If Encoding is available (part of perl-5.8) the $pass argument to
ntlmgen, lmhash and nthash must be a perl string. In double use this:
use Crypt::SmbHash qw(ntlmgen lmhash nthash);
use Encode;
( $lm, $nt ) = ntlmgen decode('iso-8859-1', $pass);
$lm = lmhash(decode_utf8($pass), $pwenc);
$nt = nthash(decode_utf8($pass));
The $pwenc parameter to lmhash() is optional and defaults to
'iso-8859-1'. It specifies the encoding to which the password is
encoded before hashing.
MD4
The algorithm used in nthash requires the md4 algorithm. This algorithm
is included in this module for completeness, but because it is written
in all-perl code ( rather than in C ), it's not very quick.
However if you have the Digest::MD4 module installed, Crypt::SmbHash
will try to use that module instead, making it much faster.
A simple test compared calling nthash without Digest::MD4 installed,
and with, this showed that using nthash on a system with Digest::MD4
installed proved to be over 90 times faster.
AUTHOR
Ported from Samba by Benjamin Kuit <lt>bj@it.uts.edu.au<gt>.
Samba is Copyright(C) Andrew Tridgell 1997-1998
Because this module is a direct port of code within the Samba
distribution, it follows the same license, that is:
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
perl v5.14.1 2004-10-17 SmbHash(3)