[jcifs] Wrong LM AND NTLM response ?
contra1984 contra1984
contra1984 at googlemail.com
Sun Aug 19 02:19:52 GMT 2007
Hi,
i've done the following:
I've used wireshark to sniff the ntlm auth process.
The challenge is: 2C16C0A8C3BD8E81
Then the client sends the following response and successfully(!!)
authenticates:
LM Response: 7C8C54322317144A00000000000000000000000000000000
NTLM Response: 8B1E93000E0530AEDCAC6FE545381E097A7E70774DD6FA17
I've used some tools to recalculate that result and I always get a different
result.
Btw the password is apollo13.
Using the callenge above and the password I get the following results:
LM Response: 815070A194807CD1F3991C5438B29709EFA1A920D87FFE73
NTLM Response: DD530B169C688244BE8C1EA5BAFE356B00FCFB7574907009
You may also know this site:
http://davenport.sourceforge.net/ntlm.html#theNtlmResponse
If I use the values from this site (challenge: 0123456789abcdef and
password: SecREt01) I get exactly the same results as this guy from this
site so my calculation should be right.
Btw, I'm using the java code from this site :
http://davenport.sourceforge.net/ntlm.html#appendixD to do the calculation
so it's not some code I've written in a few hours.
Please tell me why my calculation ALWAYS differs from the one I sniffed in
wireshark?
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the jcifs
mailing list