[jcifs] Re: Need help regarding NTLM hash generating
Michael B Allen
mba2000 at ioplex.com
Tue Jul 26 17:39:51 GMT 2005
On Tue, 26 Jul 2005 09:08:48 -0700 (PDT)
Hemanth Kumar <ekhemanth at yahoo.com> wrote:
> My name is Hemanth Kumar and i am from India. Right now i am with a project (Securing Windows), in which I am creating a program which could generate NTLM hash of any given word.
> I saw your NTLM hash generating altorithm [The NTLM Authentication Protocol], in which you used the word "SecREt01". First you get the unicode mixed-case password which is "0x53006500630052004500740030003100" in hexadecimal. Then you apply MD4 and get the hash as "0xcd06ca7c7e10c99b1d33b7485a2ed808", but the MD4 hash of "0x53006500630052004500740030003100" is "0x534FA82D2E2FEB9904F143B40050B7D3" and not "0xcd06ca7c7e10c99b1d33b7485a2ed808".
Actually I didn't write that particular document but knowing the guy
who did I seriously doubt it's wrong.
Look at the jcifs source (NtlmPasswordAuthentication.java) and maybe
run it with a jcifs.util.Hexdump.hexdump() call in there to print the
hashes at various steps.
More information about the jcifs