Authen::Passphrase::LANManager − passphrases using the LAN Manager hash algorithm
use Authen::Passphrase::LANManager; $ppr = Authen::Passphrase::LANManager−>new( hash_hex => "855c3697d9979e78ac404c4ba2c66533"); $ppr = Authen::Passphrase::LANManager−>new( passphrase => "passphrase"); $ppr = Authen::Passphrase::LANManager−>from_rfc2307( "{LANMAN}855c3697d9979e78ac404c4ba2c66533"); $hash = $ppr−>hash; $hash_hex = $ppr−>hash_hex; $ppr0 = $ppr−>first_half; $ppr1 = $ppr−>second_half; if($ppr−>match($passphrase)) { ... $userPassword = $ppr−>as_rfc2307;
An object of this class encapsulates a passphrase hashed using the Microsoft LAN Manager hash function. This is a subclass of Authen::Passphrase, and this document assumes that the reader is familiar with the documentation for that class.
The hash algorithm can be used on up to fourteen Latin−1 characters of passphrase. First the passphrase is folded to uppercase, and zero-padded to fourteen bytes. Then it is split into two halves. Each seven-byte half is used as a 56−bit DES key, to encrypt the fixed plaintext block " KGS !@#$%". The eight-byte ciphertexts are concatenated to form the sixteen-byte hash. There is no salt.
Because the two halves of the passphrase are hashed separately, it is possible to manipulate (e.g., crack) a half hash in isolation. See Authen::Passphrase::LANManagerHalf.
Warning: Don’t even think about using this seriously. It’s an exceptionally weak design, flawed in pretty much every respect.
Authen::Passphrase::LANManager−>new( ATTR => VALUE, ... )
Generates a new passphrase recogniser object using the LAN Manager hash algorithm. The following attributes may be given:
hash
The hash, as a string of 16 bytes.
hash_hex
The hash, as a string of 32 hexadecimal digits.
passphrase
A passphrase that will be accepted.
Either the hash or the passphrase must be given.
Authen::Passphrase::LANManager−>from_rfc2307( USERPASSWORD )
Generates a LAN Manager passphrase recogniser from the supplied RFC2307 encoding. The string must consist of "{ LANMAN }" (or its synonym "{ LANM }") followed by the hash in hexadecimal; case is ignored.
$ppr−>hash
Returns the hash value, as a string of 16 bytes.
$ppr−>hash_hex
Returns the hash value, as a string of 32 hexadecimal digits.
$ppr−>first_half
Returns the hash of the first half of the passphrase, as an Authen::Passphrase::LANManagerHalf passphrase recogniser.
$ppr−>second_half
Returns the hash of the second half of the passphrase, as an Authen::Passphrase::LANManagerHalf passphrase recogniser.
$ppr−>match( PASSPHRASE )
$ppr−>as_rfc2307
These methods are part of the standard Authen::Passphrase interface.
Authen::Passphrase, Authen::Passphrase::LANManagerHalf, Crypt::DES
Andrew Main (Zefram) <zefram AT fysh DOT org>
Copyright (C) 2006, 2007, 2009, 2010, 2012 Andrew Main (Zefram) <zefram AT fysh DOT org>
This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.