Thanks for your reply, Henrik. :) I searched the web
more and find a web page at OpenGroup that describes
how NTLM works. The page can be found here:
http://www.opengroup.org/comsource/techref2/NCH1222X.HTM
It is not really a complete spec but it does give me a
better understanding of how it works.
Now I got a question for you NT wizards: how do I
obtain the 16 bytes LanMan password to calculate the
response to a NTLM challenge? Is it the same as my
login password in the format of NULL-terminated ASCII
string? If not, how can I get it?
Thanks in advance.
Yee Man
--- Henrik Nordstrom <hno@squid-cache.org> wrote:
>
> True. Microsoft then published parts of the SMB
> specification (the
> CIFS specifications) and the Samba team realized it
> actually was DCE
> RPC frames over SMB they were decoding. Microsoft
> haven't published
> much of the RPC interfaces however..
>
> Same thing for NTLMSSP, it has partially been
> reverse engineered, but
> there still is many blank spots.
>
> SMB normally do not use NTLMSSP. To my knowledge
> only NT5 uses
> NTLMSSP in SMB, and only under specific conditions.
> The NTLM
> handshakes in SMB is using a different frame format.
>
> It is rumored that Microsoft had some semi-useful
> NTLM documentation
> in some older MSDN libraries.
>
> I would recommend starting by reading the
> documentation there is on
> devel.squid-cache.org/ntlm/, including the linked
> documents in
> "Available documentation" (note that there is two
> different
> NTLM-over-HTTP links, the second has much more
> information than the
> first). If there is any additional questions ask and
> we try to find
> where the answer is.
>
> Regards
> Henrik
__________________________________________________
Do You Yahoo!?
LAUNCH - Your Yahoo! Music Experience
http://launch.yahoo.com
Received on Tue May 14 2002 - 11:08:39 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:15:27 MST