Password encryption in 2.2.0
Michael B. Allen
mballen at erols.com
Sat Apr 28 07:18:18 GMT 2001
On Sat, Apr 28, 2001 at 02:56:55PM +0900, Richard Sharpe wrote:
> >auth for jcifs. The CIFS docs read:
> >
> >2.10.1 Pre NT LM 0.12
> >
> >o P14 is a 14 byte string containing the user's password in clear text,
> >upper cased, padded with spaces.
> >
> >... wtih spaces?!
>
> Oh yes ... Have a look at ntcrack ... Because of the space padding, the
> case folding, and the fact that the up-to-14-char password is split into
> two 7-char keys, LM hashes can be relatively easily broken ...
>
> Although, I was under the impression that they were padded with NULL, just
> like the P21 ...
It *is* padded with NULL. I'm pretty sure it's a mistake in the spec. Same
for the SNIA version too. I guess I should send them a little note.
Mike
--
signature pending
More information about the samba-technical
mailing list