Samba LM/NT Hash Library
Go to file
Joshua M. Clulow 24963c6a6f deprecate and archive this repository 2020-12-17 22:51:51 -08:00
lib lmhash: must truncate passwords longer than 14 chars 2012-06-02 00:07:23 +10:00
tests lmhash: must truncate passwords longer than 14 chars 2012-06-02 00:07:23 +10:00
.gitignore initial version 2011-11-12 16:16:31 +11:00
README.md deprecate and archive this repository 2020-12-17 22:51:51 -08:00
package.json replace BigDecimal and Bit String code with Buffer 2012-06-01 18:09:45 +10:00
run_tests.js fix license text 2012-05-31 23:01:16 +10:00

README.md

node-smbhash: Samba LM/NT Hash Library

DEPRECATION NOTICE: This module is no longer maintained. It likely contains correctness and even security issues that will not be resolved.

Introduction

This library converts passwords into the LAN Manager (LM) and NT Hashes used by SMB/CIFS servers. It was written to populate the sambaLMPassword and sambaNTPassword values in an LDAP directory for use with Samba.

In addition, the library also provides helper methods for encoding and decoding the headers used during NTLM HTTP authentication. This functionality should presently be considered experimental.

Installation

 npm install smbhash

Hash Usage

var lmhash = require('smbhash').lmhash;
var nthash = require('smbhash').nthash;

var pass = 'pass123';
console.log('LM Hash: ' + lmhash(pass));
console.log('NT Hash: ' + nthash(pass));

This produces output:

LM Hash: 4FB7D301186E0EB3AAD3B435B51404EE
NT Hash: 5FBC3D5FEC8206A30F4B6C473D68AE76

NTLM Usage

NTLM HTTP Authentication headers are Base64-encoded packed structures of three basic varieties. Type 1 & 3 are sent from the client to the server, and Type 2 is from server to client. For example:

var ntlm = require('smbhash').ntlm;

// Generate Type 1 to send to server in HTTP Request:
var buf = ntlm.encodeType1('hostname', 'ntdomain');
http.setHeader('Authorization', 'NTLM ' + buf.toString('base64'));

// Extract Type 2 from HTTP Response header, and use it here:
var hdr = http.getHeader('WWW-Authenticate');
var m = hdr.match('/^NTLM (.*)$/');
var inbuf = new Buffer(m[1], 'base64');
var serverNonce = ntlm.decodeType2(inbuf);

// Generate Type 3 to send as authentication to server:
var buf = ntlm.encodeType3('username', 'hostname', 'ntdomain',
  serverNonce, 'password');
http.setHeader('Authorization', 'NTLM ' + buf.toString('base64'));

References

 The NTLM Authentication Protocol and Security Support Provider
 Copyright (C) 2003, 2006 Eric Glass
 http://davenport.sourceforge.net/ntlm.html
 
 NTLM Authentication Scheme for HTTP
 Ronald Tschalaer / 17. June 2003
 http://www.innovation.ch/personal/ronald/ntlm.html