[jcifs] Upper-casing the username and password.
Christopher R. Hertel
crh at ubiqx.mn.org
Mon Nov 11 15:59:21 EST 2002
"Allen, Michael B (RSCH)" wrote:
:
> Right, the pre-NT LM 0.12 password hash is case sensitive but from NT
> on (and I guess win9x b/c it negotiates NT LM 0.12) passwords are case
> sensitive. So the input going into the password hashing function needs
> to be case sensitive or it just won't work on NT and up. There are two
> fields because instead of converting the existing password hash field
> when NT LM 0.12 was introfduced they just added a new one. I guess just
> to add case sensitive Unicode passwords. Or am I not understanding what
> you're asking?
I am asking too many questions at once. Let's see if I can sort it out.
With regard to plaintext passwords, I have not been able to get anything
to fill both the ANSI and Unicode fields. Page 15 of the SNIA doc says that
under NT LM 0.12 both the "CaseInsensitivePassword" field and the
"CaseSensitivePassword" field may contain the password. Just to make life
more complicated, Ethereal labels these fields as "ANSI Password" and
"UNICODE Password", respectively. Comments in the SNIA doc support
Ethereal's interpretation. Basically, in plaintext mode:
CaseInsensitivePassword
This field contains a nul-byte terminated string written using 8-bit
characters. The name suggests that it's case insensitive. It appears
from the testing that I've done that this is true, but it is difficult
to test against anything but Samba. I need a server that is running at
user level security and requesting plaintext passwords. I don't know
how to set that up. Of course, if I can't make Windows do it then the
point may be moot. If it doesn't occur in nature, then it's probably
not important.
CaseSensitivePassword
To get this to occur in testing, I need a server that supports Unicode
and can also be downgraded to requesting plaintext passwords. I think
I can get Samba to do this, but I'm going to have to fiddle a bit.
Basically, I want to see W2K and/or WNT send the plaintext password in
both of the password fields (and I want to know if it adds that padding
byte).
That's just the plaintext stuff. As far as I know, the LM hash function
converts the password to upper case as part of the algorithm. The NTLMv1
hash is probably case-sensitive, as that expands the set of possible
password characters quite a bit.
Chris -)-----
--
Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)----- crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/ -)----- crh at ubiqx.org
More information about the jcifs
mailing list