.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.8.
.TH HTNTLM "1" "December 2018" "htntlm 2.4.23" "User Commands"
.SH NAME
htntlm \- read/write NTLM message
.SH SYNOPSIS
.B htntlm
[\fI\,OPTIONS\/\fR]
.SH DESCRIPTION
htntlm is used to read, generate and inspect NTLM messages.
.SH OPTIONS
.TP
\fB\-v\fR \fB\-\-version\fR
Print version number and exit
.TP
\fB\-h\fR \fB\-\-help\fR
Display usage information (this message)
.TP
\fB\-r\fR \fB\-\-read\fR
read a NTLM base64 encoded message
.TP
\fB\-w\fR \fB\-\-write\fR
write a NTLM base64 encoded message
.TP
\fB\-i\fR \fB\-\-info\fR
print in a readable manner
.TP
\fB\-d\fR \fB\-\-debug\fR
print debug information
.TP
\fB\-t\fR \fB\-\-type\fR
NTLM message type 1, 2 or 3
.TP
\fB\-D\fR \fB\-\-domain\fR
Domain name
.TP
\fB\-W\fR \fB\-\-workstation\fR
Workstation name
.TP
\fB\-E\fR \fB\-\-server\fR
Workstation name
.TP
\fB\-O\fR \fB\-\-os\-version\fR
OS Version major.minor.build
.TP
\fB\-T\fR \fB\-\-target\fR
Target name
.TP
\fB\-N\fR \fB\-\-dns\-domain\fR
DNS domain name
.TP
\fB\-S\fR \fB\-\-dns\-server\fR
DNS server name
.TP
\fB\-a\fR \fB\-\-target\-info\fR
Target info as provided in NTLM type 2 message base64 encoded, need for NTLMv2
.TP
\fB\-U\fR \fB\-\-user\fR
User name
.TP
\fB\-P\fR \fB\-\-password\fR
password
.TP
\fB\-C\fR \fB\-\-challenge\fR
Challenge in hex notation
.HP
\fB\-c\fR \fB\-\-client\-challengeClient\fR challenge in hex notation, default is a random
.TP
\fB\-X\fR \fB\-\-context\fR
Context in hex notation
.TP
\fB\-K\fR \fB\-\-session\-key\fR
Session Key
.TP
\fB\-R\fR \fB\-\-response\fR
response type space separated: lm ntlm lm2 ntlm2 ntlm2\-session
.TP
\fB\-u\fR \fB\-\-unicode\fR
transmit user, workstation, ... as unicode strings
.TP
\fB\-f\fR \fB\-\-flags\fR
Space separated NTLM flags
neg\-unicode:
.TP
Indicates that Unicode strings are
supported for use in security buffer
data.
.TP
neg\-oem:
Indicates that OEM strings are supported
for use in security buffer data.
.TP
req\-target:
Requests that the server's authentication
realm be included in the Type 2 message.
.TP
neg\-sign:
Specifies that authenticated communication
between the client and server should carry
a digital signature (message integrity).
.TP
neg\-seal:
Specifies that authenticated communication
between the client and server should be
encrypted (message confidentiality).
.TP
neg\-datagram\-style:
Indicates that datagram authentication is
being used.
.TP
neg\-lm\-key:
Indicates that the Lan Manager Session Key
should be used for signing and sealing
authenticated communications.
.TP
neg\-netware:
This flag's usage has not been identified.
.TP
neg\-ntlm\-key:
Indicates that NTLM authentication is
being used.
.TP
neg\-anonymous:
Sent by the client in the Type 3 message
to indicate that an anonymous context has
been established. This also affects the
response fields.
.TP
neg\-domain\-supp:
Sent by the client in the Type 1 message
to indicate that the name of the domain in
which the client workstation has
membership is included in the message.
This is used by the server to determine
whether the client is eligible for local
authentication.
.TP
neg\-workstation\-supp:
Sent by the client in the Type 1 message
to indicate that the client workstation's
name is included in the message. This is
used by the server to determine whether
the client is eligible for local
authentication.
.TP
neg\-local\-call:
Sent by the server to indicate that the
server and client are on the same machine.
Implies that the client may use the
established local credentials for
authentication instead of calculating a
response to the challenge.
.TP
neg\-always_sign:
Indicates that authenticated
communication between the client and
server should be signed with a "dummy"
signature.
.TP
target\-type\-domain:
Sent by the server in the Type 2 message
to indicate that the target authentication
realm is a domain.
.TP
target\-type\-server:
Sent by the server in the Type 2 message
to indicate that the target authentication
realm is a server.
.TP
target\-type\-share:
Sent by the server in the Type 2 message
to indicate that the target
authentication realm is a share.
Presumably, this is for share\-level
authentication. Usage is unclear.
.TP
neg\-ntlm2\-key:
Indicates that the NTLM2 signing and
sealing scheme should be used for
protecting authenticated communications.
Note that this refers to a particular
session security scheme, and is not
related to the use of NTLMv2
authentication. This flag can, however,
have an effect on the response
calculations
.TP
req\-init\-res:
This flag's usage has not been identified
.TP
req\-accept\-res:
This flag's usage has not been identified
.TP
req\-nonnt\-session\-key:
This flag's usage has not been identified
.TP
neg\-target\-info:
Sent by the server in the Type 2 message
to indicate that it is including a Target
Information block in the message. The
Target Information block is used in the
calculation of the NTLMv2 response.
.TP
neg\-128:
Indicates that 128\-bit encryption is
supported.
.TP
neg\-key\-exchange:
Indicates that the client will provide an
encrypted master key in the
"Session Key" field of the Type 3
message.
.TP
neg\-56:
Indicates that 56\-bit encryption is
supported.
.SH AUTHOR
Written by Christian Liesch
.SH COPYRIGHT
Copyright \(co 2006 Free Software Foundation, Inc.
.br
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.