[Date Prev][Date Next]
Re: (ITS#3635) smbk5pwd breaks sambaLMPassword hashes
Thanks for the info, this is now fixed in HEAD.
>Full_Name: José M. Fandiño
>Submission from: (NULL) (126.96.36.199)
>While I was testing a new samba installation I realized that smbk5pwd will be
>very interesting, so I decided test it.
>It seems work but it doesn't works very well. Passwords with odd lengths
>are generated correctly whilst passwords with even lengths are not.
>You can run this perl script (Crypt::SmbHash must be installed on the system):
>ntlmgen($password, $lm, $nt);
>print "sambaLMPassword: $lm\n";
>print "sambaNTPassword: $nt\n";
>if you compare LM password hashes for odd lengths they match the hash
>generated with the SmbHash module, now for even lengths smbk5pwd seems
>break the second half of the hash.
>(example with the hash of "12345678")
>0182BD0BD4444BF8 - 36077A718CCDF409 -> perl password
>0182BD0BD4444BF8 - E1B79117B9CF8DC5 -> smbk5pwd password
>this way the LM password (and only the LM password) "1234" will be incorrectly
>calculated by smk5pwd, "12345" will be correct, "123456" will be incorrect again
>and so on.
>Windows 98 clients confirm this, they are unable to log in the PDC one time
>smbk5pwd set an incorrect password.
>If more information is need I will provide all the information requested.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
Symas: Premier OpenSource Development and Support