2 smbencrypt - produces LM-Passowrd and NT-Password from
5 (c) 2002 3APA3A for FreeRADIUS project
10 #include "libradius.h"
19 char * hex = "0123456789ABCDEF";
21 void tohex (const unsigned char * src, size_t len, char *dst) {
23 for (i=0; i<len; i++) {
24 dst[(i*2)] = hex[(src[i]/16)];
25 dst[(i*2) + 1] = hex[(src[i]&0x0F)];
31 * parity_key takes a 7-byte string in szIn and returns an
32 * 8-byte string in szOut. It inserts a 1 into every 8th bit.
33 * DES just strips these back out.
35 static void parity_key(char * szOut, const char * szIn)
38 unsigned char cNext = 0;
39 unsigned char cWorking = 0;
41 for (i = 0; i < 7; i++) {
42 /* Shift operator works in place. Copy the char out */
44 szOut[i] = (cWorking >> i) | cNext | 1;
46 cNext = (cWorking << (7 - i));
53 * des_encrypt takes an 8-byte string and a 7-byte key and
54 * returns an 8-byte DES encrypted string in szOut
56 static void des_encrypt(const char *szClear, const char *szKey, char *szOut)
59 unsigned long ulK[16][2];
61 parity_key(szParityKey, szKey); /* Insert parity bits */
62 strncpy(szOut, szClear, 8); /* des encrypts in place */
63 deskey(ulK, (unsigned char *) szParityKey, 0); /* generate keypair */
64 des(ulK, szOut); /* encrypt */
68 static void ntpwdhash (char *szHash, const char *szPassword)
70 char szUnicodePass[513];
75 * NT passwords are unicode. Convert plain text password
76 * to unicode by inserting a zero every other byte
78 nPasswordLen = strlen(szPassword);
79 for (i = 0; i < nPasswordLen; i++) {
80 szUnicodePass[i << 1] = szPassword[i];
81 szUnicodePass[(i << 1) + 1] = 0;
84 /* Encrypt Unicode password to a 16-byte MD4 hash */
85 md4_calc(szHash, szUnicodePass, (nPasswordLen<<1) );
91 * lmpwdhash converts 14-byte null-padded uppercase OEM
92 * password to 16-byte DES hash with predefined salt string
94 static void lmpwdhash (char *szHash, const char *szPassword)
97 char stdText[] = "KGS!@#$%";
100 memset(szOEMPass, 0, 14);
101 for (i = 0; i < 14 && szPassword[i]; i++)
102 szOEMPass[i] = toupper(szPassword[i]);
104 /* Obtain DES hash of OEM password */
105 des_encrypt(stdText, szOEMPass, szHash);
106 des_encrypt(stdText, szOEMPass+7, szHash+8);
109 int main (int argc, char *argv[]) {
116 fprintf(stderr, "LM Hash \tNT Hash\n");
117 fprintf(stderr, "--------------------------------\t--------------------------------\n");
119 for(i=1; i<argc; i++ ) {
120 l = strlen(password);
121 if (l & password[l-1] == '\n') password [l-1] = 0;
122 lmpwdhash (hash, argv[i]);
123 tohex (hash, 16, lmpass);
124 ntpwdhash (hash, argv[i]);
125 tohex (hash, 16, ntpass);
126 printf("%s\t%s\n", lmpass, ntpass);