NAME¶
Authen::Passphrase::LANManagerHalf - passphrases using half the LAN Manager
algorithm
SYNOPSIS¶
use Authen::Passphrase::LANManagerHalf;
$ppr = Authen::Passphrase::LANManagerHalf->new(
hash_hex => "855c3697d9979e78");
$ppr = Authen::Passphrase::LANManagerHalf->new(
passphrase => "passphr");
$ppr = Authen::Passphrase::LANManagerHalf->from_crypt(
'$LM$855c3697d9979e78');
$ppr = Authen::Passphrase::LANManagerHalf->from_rfc2307(
'{CRYPT}$LM$855c3697d9979e78');
$hash = $ppr->hash;
$hash_hex = $ppr->hash_hex;
if($ppr->match($passphrase)) { ...
$passwd = $ppr->as_crypt;
$userPassword = $ppr->as_rfc2307;
DESCRIPTION¶
An object of this class encapsulates half of a passphrase hashed using the
Microsoft LAN Manager hash function. This is a subclass of Authen::Passphrase,
and this document assumes that the reader is familiar with the documentation
for that class. For the complete LAN Manager hash function, see
Authen::Passphrase::LANManager.
In a spectacularly bad design decision, the Microsoft LAN Manager hash function
splits the passphrase into two parts and hashes them separately. It is
therefore possible to separate the halves of a LAN Manager hash, and do things
with them (such as crack them) separately. This class is about using such a
hash half on its own.
The half hash algorithm can be used on up to seven Latin-1 characters of
passphrase. First the passphrase is folded to uppercase, and zero-padded to
seven bytes. Then the seven bytes are used as a 56-bit DES key, to encrypt the
fixed plaintext block "KGS!@#$%". The eight byte ciphertext block is
the half hash. There is no salt.
Warning: Don't even think about using this seriously. It's an
exceptionally weak design, flawed in pretty much every respect.
CONSTRUCTORS¶
- Authen::Passphrase::LANManagerHalf->new(ATTR => VALUE, ...)
- Generates a new passphrase recogniser object using the LAN Manager half
hash algorithm. The following attributes may be given:
- hash
- The hash, as a string of 8 bytes.
- hash_hex
- The hash, as a string of 16 hexadecimal digits.
- passphrase
- A passphrase that will be accepted.
Either the hash or the passphrase must be given.
- Authen::Passphrase::LANManagerHalf->from_crypt(PASSWD)
- Generates a new LAN Manager half passphrase recogniser object from a crypt
string. The crypt string must consist of "
$LM$" followed by the hash in lowercase
hexadecimal.
- Authen::Passphrase::LANManagerHalf->from_rfc2307(USERPASSWORD)
- Generates a new LAN Manager half passphrase recogniser object from an RFC
2307 string. The string must consist of " {CRYPT}" (case
insensitive) followed by an acceptable crypt string.
METHODS¶
- $ppr->hash
- Returns the hash value, as a string of 8 bytes.
- $ppr->hash_hex
- Returns the hash value, as a string of 16 hexadecimal digits.
- $ppr->match(PASSPHRASE)
- $ppr->as_crypt
- $ppr->as_rfc2307
- These methods are part of the standard Authen::Passphrase interface.
SEE ALSO¶
Authen::Passphrase, Authen::Passphrase::LANManager, Crypt::DES
AUTHOR¶
Andrew Main (Zefram) <zefram@fysh.org>
COPYRIGHT¶
Copyright (C) 2006, 2007, 2009, 2010, 2012 Andrew Main (Zefram)
<zefram@fysh.org>
LICENSE¶
This module is free software; you can redistribute it and/or modify it under the
same terms as Perl itself.