creating password history entries
Jared Rich
jrich at dev.creative-tech.com
Tue Nov 16 14:01:22 GMT 2004
I am trying to write a PHP script to create a sambaPasswordHistroy in LDAP.
This is what I, along with some help from previous posts here, have come up
with:
$password = "testthis";
$md4_pwd = shell_exec("/usr/local/sbin/mkntpwd -N $password");
$salt = "7F8CF691B938C5B7A5389F8DCC288B82";
$combo = $salt.$md4_pwd;
$combo = get_bytes($combo);
$md5_pwd = md5($combo);
echo strtoupper($md5_pwd);
function get_bytes($string) {
$bytes = array("C*");
for ($i = 0; $i < strlen($string); $i += 2) {
$bytes[] = intval(substr($string, $i, 2), 16);
}
return call_user_func_array('pack', $bytes);
}
In LDAP, the sambaPasswordHistroy attribute looks like this:
7F8CF691B938C5B7A5389F8DCC288B82 72B140CEDEE05AE7A1AA51660109EC45
As can be seen, I have used the first 16 bytes as the salt, and MD4 hashed the
password. The password is converted to unicode by the mkntpwd program. I
then concatenated the two values, and got the byte representation of it to
pass to the MD5 function.
Using all this, I should come up with the 2nd 16 bytes in the password
history, but I get this:
BB5CA6C59539D8721DB882F7FE50283F
Am I just not using the pack function properly? Or possibly the MD5 function??
or what?
Thanks,
Jared
More information about the samba-technical
mailing list