Yee Man Chan wrote:
> Looks like you are the NTLM expert here. :) So if I
> have a password called "iamaboyuareagirl" and I got a
> 8-byte challenge, then the LM response will use
>
> ("IAMABOY" + 1 NULL byte) as key to DES encrypt
> challenge to calculate 1st 8-byte signature
> ("UAREAGI" + 1 NULL byte) as key to DES encrypt
> challenge to calculate 2nd 8-byte signature
> ("RL" + 6 NULL bytes) as key to DES encrypt challenge
> to calculate 3rd 8-byte signature
>
> And to calculate the NT response:
>
> MD4(UNICODIFY("iamaboyuareagirl"))
>
> But this only gives us 16-bytes of data. I checked
> tcpdump and see 24-bytes are there. Did I miss
> something?
The above is only calculating password hashes, not the response.
See http://www.innovation.ch/java/ntlm.html (one of the documents linked from
http://devel.squid-cache.org/ntlm/), it has psuedo-code for both LANMAN and
NTLM responses.
Regards
Henrik
Received on Wed May 15 2002 - 12:19:18 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:15:27 MST