Crypt::SmbHash 0.12

Crypt::SmbHash is a Perl-only implementation of lanman and nt md4 hash functions, for use in Samba style smbpasswd entries.

SYNOPSIS

  use Crypt::SmbHash;

  ntlmgen SCALAR, LMSCALAR, NTSCALAR;

This module generates Lanman and NT MD4 style password hashes, using perl-only code for portability. The module aids in the administration of Samba style systems.

In the Samba distribution, authentication is referred to a private smbpasswd file. Entries have similar forms to the following:

username:unixuid:LM:NT

Where LM and NT are one-way password hashes of the same password.

ntlmgen generates the hashes given in the first argument, and places the result in the second and third arguments.

Example: To generate a smbpasswd entry:

   #!/usr/local/bin/perl
   use Crypt::SmbHash;
   $username = $ARGV[0];
   $password = $ARGV[1];
   if ( !$password ) {
           print "Not enough arguments
";
           print "Usage: $0 username password
";
           exit 1;
   }
   $uid = (getpwnam($username))[2];
   my ($login,undef,$uid) = getpwnam($ARGV[0]);
   ntlmgen $password, $lm, $nt;
   printf "%s:%d:%s:%s:[%-11s]:LCT-X
", $login, $uid, $lm, $nt, "U", time;

ntlmgen returns returns the hash values in a list context, so the alternative method of using it is:

   ( $lm, $nt ) = ntlmgen $password;

The functions lmhash and nthash are used by ntlmgen to generate the hashes, and are available when requested:

   use Crypt::SmbHash qw(lmhash nthash)
   $lm = lmhash($pass);
   $nt = nthash($pass);

If Encoding is available (part of perl-5.8) the $pass argument to ntlmgen, lmhash and nthash must be a perl string. In double use this:

   use Crypt::SmbHash qw(ntlmgen lmhash nthash);
   use Encode;
   ( $lm, $nt ) = ntlmgen decode('iso-8859-1', $pass);
   $lm = lmhash(decode_utf8($pass), $pwenc);
   $nt = nthash(decode_utf8($pass));

The $pwenc parameter to lmhash() is optional and defaults to 'iso-8859-1'. It specifies the encoding to which the password is encoded before hashing.

Requirements:

· Perl