fmazoue
|
les pass sont dejà crypté dans ldap! ces pass sont crypté avec une appli en c qui s'appelle mkntpwd ! donc pour m'authentifier il faudrait que je saisisse mon pass, que je le crypte en php et que je le compare a celui stocké sous ldap ! mais je sais pas sous quel format c crypté !!!!! donc je voudrait savoir en quoi c crypté !!!!! voila comment mon pass ( qui est à l'origine : 1701fb ) est crypté dans ldap : 9AA82175B89069F177D02E8239B870D6 voila deux source de mkntpwd : le fichier md4.c :
Version:0.9 StartHTML:0000000105 EndHTML:0000014518 StartFragment:0000000152 EndFragment:0000014484
/*
Unix SMB/Netbios implementation.
Version 1.9.
a implementation of MD4 designed for use in the SMB authentication protocol
Copyright (C) Andrew Tridgell 1997
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
/* NOTE: This code makes no attempt to be fast!
It assumes that a int is at least 32 bits long
*/
typedef unsigned int uint32;
static uint32 A, B, C, D;
static uint32 F(uint32 X, uint32 Y, uint32 Z)
{
return (X&Y) | ((~X)&Z);
}
static uint32 G(uint32 X, uint32 Y, uint32 Z)
{
return (X&Y) | (X&Z) | (Y&Z);
}
static uint32 H(uint32 X, uint32 Y, uint32 Z)
{
return X^Y^Z;
}
static uint32 lshift(uint32 x, int s)
{
x &= 0xFFFFFFFF;
return ((x<<s)&0xFFFFFFFF) | (x>>(32-s));
}
#define ROUND1(a,b,c,d,k,s) a = lshift(a + F(b,c,d) + X[k], s)
#define ROUND2(a,b,c,d,k,s) a = lshift(a + G(b,c,d) + X[k] + (uint32)0x5A827999,s)
#define ROUND3(a,b,c,d,k,s) a = lshift(a + H(b,c,d) + X[k] + (uint32)0x6ED9EBA1,s)
/* this applies md4 to 64 byte chunks */
static void mdfour64(uint32 *M)
{
int j;
uint32 AA, BB, CC, DD;
uint32 X[16];
for (j=0;j<16;j++)
X[j] = M[j];
AA = A; BB = B; CC = C; DD = D;
ROUND1(A,B,C,D, 0, 3); ROUND1(D,A,B,C, 1, 7);
ROUND1(C,D,A,B, 2, 11); ROUND1(B,C,D,A, 3, 19);
ROUND1(A,B,C,D, 4, 3); ROUND1(D,A,B,C, 5, 7);
ROUND1(C,D,A,B, 6, 11); ROUND1(B,C,D,A, 7, 19);
ROUND1(A,B,C,D, 8, 3); ROUND1(D,A,B,C, 9, 7);
ROUND1(C,D,A,B, 10, 11); ROUND1(B,C,D,A, 11, 19);
ROUND1(A,B,C,D, 12, 3); ROUND1(D,A,B,C, 13, 7);
ROUND1(C,D,A,B, 14, 11); ROUND1(B,C,D,A, 15, 19);
ROUND2(A,B,C,D, 0, 3); ROUND2(D,A,B,C, 4, 5);
ROUND2(C,D,A,B, 8, 9); ROUND2(B,C,D,A, 12, 13);
ROUND2(A,B,C,D, 1, 3); ROUND2(D,A,B,C, 5, 5);
ROUND2(C,D,A,B, 9, 9); ROUND2(B,C,D,A, 13, 13);
ROUND2(A,B,C,D, 2, 3); ROUND2(D,A,B,C, 6, 5);
ROUND2(C,D,A,B, 10, 9); ROUND2(B,C,D,A, 14, 13);
ROUND2(A,B,C,D, 3, 3); ROUND2(D,A,B,C, 7, 5);
ROUND2(C,D,A,B, 11, 9); ROUND2(B,C,D,A, 15, 13);
ROUND3(A,B,C,D, 0, 3); ROUND3(D,A,B,C, 8, 9);
ROUND3(C,D,A,B, 4, 11); ROUND3(B,C,D,A, 12, 15);
ROUND3(A,B,C,D, 2, 3); ROUND3(D,A,B,C, 10, 9);
ROUND3(C,D,A,B, 6, 11); ROUND3(B,C,D,A, 14, 15);
ROUND3(A,B,C,D, 1, 3); ROUND3(D,A,B,C, 9, 9);
ROUND3(C,D,A,B, 5, 11); ROUND3(B,C,D,A, 13, 15);
ROUND3(A,B,C,D, 3, 3); ROUND3(D,A,B,C, 11, 9);
ROUND3(C,D,A,B, 7, 11); ROUND3(B,C,D,A, 15, 15);
A += AA; B += BB; C += CC; D += DD;
A &= 0xFFFFFFFF; B &= 0xFFFFFFFF;
C &= 0xFFFFFFFF; D &= 0xFFFFFFFF;
for (j=0;j<16;j++)
X[j] = 0;
}
static void copy64(uint32 *M, unsigned char *in)
{
int i;
for (i=0;i<16;i++)
M[i] = (in[i*4+3]<<24) | (in[i*4+2]<<16) |
(in[i*4+1]<<8) | (in[i*4+0]<<0);
}
static void copy4(unsigned char *out,uint32 x)
{
out[0] = x&0xFF;
out[1] = (x>>8)&0xFF;
out[2] = (x>>16)&0xFF;
out[3] = (x>>24)&0xFF;
}
/* produce a md4 message digest from data of length n bytes */
void mdfour(unsigned char *out, unsigned char *in, int n)
{
unsigned char buf[128];
uint32 M[16];
uint32 b = n * 8;
int i;
A = 0x67452301;
B = 0xefcdab89;
C = 0x98badcfe;
D = 0x10325476;
while (n > 64) {
copy64(M, in);
mdfour64(M);
in += 64;
n -= 64;
}
for (i=0;i<128;i++)
buf[i] = 0;
memcpy(buf, in, n);
buf[n] = 0x80;
if (n <= 55) {
copy4(buf+56, b);
copy64(M, buf);
mdfour64(M);
} else {
copy4(buf+120, b);
copy64(M, buf);
mdfour64(M);
copy64(M, buf+64);
mdfour64(M);
}
for (i=0;i<128;i++)
buf[i] = 0;
copy64(M, buf);
copy4(out, A);
copy4(out+4, B);
copy4(out+8, C);
copy4(out+12, D);
A = B = C = D = 0;
}
|
et le fichier mkntpwd.c :
Version:0.9 StartHTML:0000000105 EndHTML:0000014965 StartFragment:0000000152 EndFragment:0000014931
/*
This code is based on work from
L0phtcrack 1.5 06.02.97 mudge@l0pht.com
The code also contains sources from:
. routines from the samba code source
md4.c smbdes.c
Anton Roeckseisen (anton@genua.de)
*/
/*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "mkntpwd.h"
void str_to_key(unsigned char *,unsigned char *);
void usage(char *);
int PutUniCode(char *dst,char *src);
void printlanhash(char *tmp);
void mdfour(unsigned char *out, unsigned char *in, int n);
void E_P16(unsigned char *p14,unsigned char *p16);
void main(int argc, char **argv) {
extern char *optarg;
int c;
int printlan = 0;
char lanpwd[LMPASSWDLEN+1];
int printnt = 0;
char inputfile[FILENAMEBUFFER+1] = "";
FILE* InputFilePtr;
int just_pwd = 0;
int i;
char hashout[17];
char ntpasswd[NTPASSWDLEN+1];
char *hold;
unsigned char *p16;
int uni_len;
char passwd[NTPASSWDLEN+1];
if (argc==1)
usage(argv[0]);
if (argc==2)
just_pwd=1;
else
just_pwd=0;
lanpwd[0] = '\\0';
ntpasswd[0] = '\\0';
while ( (c = getopt(argc, argv, "L:N:f:")) != EOF){
switch(c) {
case 'L':
printlan++;
strncpy(lanpwd,optarg,LMPASSWDLEN);
lanpwd[LMPASSWDLEN]='\\0';
for (i=0;i<LMPASSWDLEN;i++)
lanpwd[i]=toupper(lanpwd[i]);
break;
case 'N':
printnt++;
strncpy(passwd,optarg,NTPASSWDLEN);
passwd[NTPASSWDLEN]='\\0';
break;
case 'f':
strncpy(inputfile,optarg,FILENAMEBUFFER);
inputfile[FILENAMEBUFFER]='\\0';
break;
default:
usage(argv[0]);
}
}
/* Get password from file or STDIN */
if (inputfile[0]!='\\0') {
just_pwd=0; /* make sure no shit is happening... */
/* get NT-password (longer) */
if (strcmp(inputfile,"-")==0) {
fgets(passwd,NTPASSWDLEN,stdin);
} else {
if ((InputFilePtr=fopen(inputfile,"r")) == NULL)
fprintf(stderr,"Couldn't open passwordfile: %s",inputfile) ;
fgets(passwd,NTPASSWDLEN,InputFilePtr);
fclose(InputFilePtr);
}
while (strlen(passwd)>0 && passwd[strlen(passwd)-1]=='\\n')
passwd[strlen(passwd)-1]='\\0';
/* create LANMAN-password (shorter) */
strncpy(lanpwd,passwd,LMPASSWDLEN);
lanpwd[LMPASSWDLEN]='\\0';
for (i=0;i<LMPASSWDLEN;i++)
lanpwd[i]=toupper(lanpwd[i]);
printlan++;
printnt++;
}
/* Assume the one and only Arg is the new password! */
if (argc>1 && just_pwd==1) {
strncpy(lanpwd,argv[1],LMPASSWDLEN);
lanpwd[LMPASSWDLEN]='\\0';
for (i=0;i<LMPASSWDLEN;i++)
lanpwd[i]=toupper(lanpwd[i]);
printlan++;
strncpy(passwd,argv[1],NTPASSWDLEN);
passwd[NTPASSWDLEN]='\\0';
printnt++;
}
if (printlan >0) {
memset(hashout,'\\0',17);
E_P16((uchar *)lanpwd,hashout);
printlanhash(hashout);
}
if (printnt >0) {
if (printlan>0) printf(":");
memset(ntpasswd, '\\0', sizeof(ntpasswd));
if (passwd[strlen(passwd)-1] == '\\n') /* strip the \\n - this
is done in LowerString for the case sensitive
check */
passwd[strlen(passwd)-1] = '\\0';
hold = (char *)malloc(NTPASSWDLEN * 2); /* grab space for
unicode */
if (hold == NULL){
fprintf(stderr, "out of memory...crackntdialog hold\\n");
exit(1);
}
uni_len = PutUniCode(hold, passwd); /* convert to
unicode and return correct
unicode length for md4 */
p16 = (unsigned char*)malloc(17); /* grab space for md4 hash */
if (p16 == NULL){
fprintf(stderr, "out of memory...crackntdialect p16\\n");
exit(1);
}
memset(p16,'\\0',17);
mdfour(p16,hold, uni_len);
printlanhash(p16);
free(p16);
free(hold);
}
printf("\\n");
exit(0);
}
/*****************************************************************************/
/*****************************************************************************/
/*****************************************************************************/
void usage(char *progname){
char *p;
p = strrchr(progname, '\\\\');
if (p == NULL)
p = progname;
else
p++;
fprintf(stderr, "Usage: %s [-L lanmgrpwd] [-N ntpasswd]\\n",p);
fprintf(stderr, " %s password\\n",p);
fprintf(stderr, " %s -f [-] [filename]\\n\\n",p);
fprintf(stderr, " -L lanmgrpasswd LanManager cleartextpwd <= 14 chars\\n");
fprintf(stderr, " -N ntpasswd NT cleartextpwd <=128 chars (usually <=14)\\n\\n");
fprintf(stderr, " with both options present the encrypted LanManager-Pwd is \\n");
fprintf(stderr, " printed first, followed by a ':' and the encrypted NT-Pwd.\\n\\n");
fprintf(stderr, " The second usage behaves like %s -L pwd -N pwd\\n\\n",p);
fprintf(stderr, " The third usage reads the password from STDIN or a File. Printout\\n");
fprintf(stderr, " is the same as second.\\n\\n");
fprintf(stderr, "anton@genua.de\\n\\n");
exit(1);
}
/*******************************************************************
write a string in unicoode format
********************************************************************/
int PutUniCode(char *dst,char *src)
{
int ret = 0;
while (*src) {
dst[ret++] = src[0];
dst[ret++] = 0;
src++;
}
dst[ret++]=0;
dst[ret++]=0;
return(ret-2); /* the way they do the md4 hash they don't represent
the last null. ie 'A' becomes just 0x41 0x00 - not
0x41 0x00 0x00 0x00 */
}
/*
print binary buffer as hex-string
*/
void printlanhash(char *tmp) {
int i;
unsigned char c;
char outbuffer[33];
/* build string from binary hash */
for(i=0;i<16;i++) {
c=tmp[i];
sprintf(outbuffer+2*i,"%x",(c>>4) & 0x0f);
sprintf(outbuffer+2*i+1,"%x",c & 0x0f);
}
/* convert to uppercase */
for(i=0;i<32;i++)
outbuffer[i] = toupper(outbuffer[i]);
outbuffer[32]='\\0';
/* print out hex-string */
printf("%s",outbuffer);
}
|
moi j'y connais rien en c mais a première vu il y a un codage avec du md4 ! j'ai essayé de codé mon pass en md4 avec un javascript mais sa donne pas la meme clé !!!! please help me !!!!!!!!!!!!! NIARF
|