def mkpasswd(pwd, sambaver=3, default='ssha'):
''' Make a given password cryptated, possibly with different
crypt-algorihtms. This module was written for use with
LDAP - so default is seeded sha
'''
alg = {
'sha': 'Secure Hash Algorithm',
'ssha': 'Seeded SHA',
'md5': 'MD5',
'smd5': 'Seeded MD5',
}
if _crypt:
alg['crypt'] = 'standard unix crypt'
if smb:
alg['lmhash'] = 'lan man hash'
alg['nthash'] = 'nt hash'
if default not in alg.keys():
return 'algorithm <%s> not supported in this version.' % default
else:
salt = getsalt()
if default == 'ssha':
pwString = "{SSHA}" + base64.encodestring(
sha.new(str(pwd) + salt).digest() + salt)
return pwString[:-1]
elif default == 'sha':
pwString = "{SHA}" + base64.encodestring(
sha.new(str(pwd)).digest())
return pwString[:-1]
elif default == 'md5':
pwString = "{MD5}" + base64.encodestring(
md5.new(str(pwd)).digest())
return pwString[:-1]
elif default == 'smd5':
salt = getsalt(
length=4
) # Newer versions of OpenLDAP should support the default length 16
pwString = "{SMD5}" + base64.encodestring(
md5.new(str(pwd) + salt).digest() + salt)
return pwString[:-1]
elif default == 'crypt':
return "{CRYPT}" + crypt.crypt(str(pwd), getsalt(
length=2)) # crypt only uses a salt of length 2
elif default == 'lmhash':
if sambaver == 3:
return "{sambaLMPassword}" + smbpasswd.lmhash(pwd)
elif sambaver == 2:
return "{lmPassword}" + smbpasswd.lmhash(pwd)
elif default == 'nthash':
if sambaver == 3:
return "{sambaNTPassword}" + smbpasswd.nthash(pwd)
elif sambaver == 2:
return "{NTPassword}" + smbpasswd.nthash(pwd)
def mkpasswd(pwd, hash='ssha'):
"""Generate hashed passwords. Originated from mkpasswd in Luma
"""
alg = {
'ssha': 'Seeded SHA-1',
'sha': 'Secure Hash Algorithm',
'smd5': 'Seeded MD5',
'md5': 'MD5',
'crypt': 'Standard unix crypt'
}
# Don't add support for sambapasswords unless we're using it
if (update_sambapassword):
alg['lmhash'] = 'Lanman hash'
alg['nthash'] = 'NT Hash'
if hash not in alg.keys():
return "Algorithm <%s> not supported in this version." % hash
else:
salt = getsalt()
if hash == "ssha":
return "{SSHA}" + base64.encodestring(
sha.new(str(pwd) + salt).digest() + salt)
elif hash == "sha":
return "{SHA}" + base64.encodestring(sha.new(str(pwd)).digest())
elif hash == "md5":
return "{SHA}" + base64.encodestring(md5.new(str(pwd)).digest())
elif hash == "smd5":
return "{SMD%}" + base64.encodestring(
md5.new(str(pwd) + salt).digest() + salt)
elif hash == "crypt":
return "{CRYPT}" + crypt.crypt(str(pwd), getsalt(length=2))
# nt/lm-hash are used directly in their own password-attributes.. no need to prefix the hash
elif hash == "lmhash":
return smbpasswd.lmhash(pwd)
elif hash == "nthash":
return smbpasswd.nthash(pwd)
def admin(request):
admin_member = retrieve_member(request)
if not request.user.profile.is_ldap_admin:
return render(request, 'access_denied.html')
users = admin_member.list_users()
if request.method == 'POST':
form = AdminForm(request.POST, request=request, users=users)
if form.is_valid():
new_password = form.cleaned_data['password1']
admin_member.admin_change_password(form.cleaned_data['username'],
new_password)
member = MemberValues(form.cleaned_data['username'], new_password)
member.set('sambaLMPassword', smbpasswd.lmhash(new_password))
member.set('sambaNTPassword', smbpasswd.nthash(new_password))
member.save()
new_form = AdminForm(request=request, users=users)
return render(
request, 'admin.html', {
'message':
_('The password for %s was changed. Thank you!' %
form.cleaned_data['username']),
'form':
new_form
})
else:
return render(request, 'admin.html', {'form': form})
else:
form = AdminForm(request=request, users=users)
return render(request, 'admin.html', {'form': form})
def set_password(self, password):
self.password = hash_password(password)
if settings.GRANADILLA_USE_SAMBA:
import smbpasswd
self.samba_ntpassword = smbpasswd.nthash(password)
self.samba_lmpassword = smbpasswd.lmhash(password)
self.samba_pwdlastset = int(time.time())
def changeUserPasswd(self, uid, passwd, oldpasswd = None, bind = False):
"""
change SAMBA user password
@param uid: user name
@type uid: str
@param passwd: non encrypted password
@type passwd: str
"""
# Don't update the password if we are using smbk5passwd
conf = SambaConf()
if conf.isValueTrue(conf.getContent("global", "ldap passwd sync")) in (0, 1):
userdn = self.searchUserDN(uid)
r = AF().log(PLUGIN_NAME, AA.SAMBA_CHANGE_USER_PASS, [(userdn,AT.USER)])
# If the passwd has been encoded in the XML-RPC stream, decode it
if isinstance(passwd, xmlrpclib.Binary):
passwd = str(passwd)
s = self.l.search_s(userdn, ldap.SCOPE_BASE)
c, old = s[0]
new = old.copy()
new['sambaLMPassword'] = [smbpasswd.lmhash(passwd)]
new['sambaNTPassword'] = [smbpasswd.nthash(passwd)]
new['sambaPwdLastSet'] = [str(int(time()))]
# Update LDAP
modlist = ldap.modlist.modifyModlist(old, new)
self.l.modify_s(userdn, modlist)
self.runHook("samba.changeuserpasswd", uid, passwd)
r.commit()
return 0
def mkpasswd(pwd,hash='ssha'):
"""Generate hashed passwords. Originated from mkpasswd in Luma
"""
alg = {
'ssha':'Seeded SHA-1',
'sha':'Secure Hash Algorithm',
'smd5':'Seeded MD5',
'md5':'MD5',
'crypt':'Standard unix crypt'
}
# Don't add support for sambapasswords unless we're using it
if (update_sambapassword):
alg['lmhash'] = 'Lanman hash'
alg['nthash'] = 'NT Hash'
if hash not in alg.keys():
return "Algorithm <%s> not supported in this version." % hash
else:
salt = getsalt()
if hash == "ssha":
return "{SSHA}" + base64.encodestring(sha.new(str(pwd) + salt).digest() + salt)
elif hash == "sha":
return "{SHA}" + base64.encodestring(sha.new(str(pwd)).digest())
elif hash == "md5":
return "{SHA}" + base64.encodestring(md5.new(str(pwd)).digest())
elif hash == "smd5":
return "{SMD%}" + base64.encodestring(md5.new(str(pwd) + salt).digest() + salt)
elif hash == "crypt":
return "{CRYPT}" + crypt.crypt(str(pwd),getsalt(length=2))
# nt/lm-hash are used directly in their own password-attributes.. no need to prefix the hash
elif hash == "lmhash":
return smbpasswd.lmhash(pwd)
elif hash == "nthash":
return smbpasswd.nthash(pwd)
def add_lm_hashes(pwds):
for p in pwds:
if len(p) > 14:
continue
val = "'{0}','{1}'".format(smbpasswd.lmhash(p).upper(), p)
c.execute("INSERT INTO lm VALUES(" + val + ")")
lm_db.commit()
def addSmbAttr(self, uid, password):
"""
Add SAMBA password and attributes on a new user
"""
# Get domain info
domainInfo = self.getDomain()
# Get current user entry
userdn = self.searchUserDN(uid)
r = AF().log(PLUGIN_NAME, AA.SAMBA_ADD_SAMBA_CLASS, [(userdn,AT.USER)])
s = self.l.search_s(userdn, ldap.SCOPE_BASE)
c, old = s[0]
new = self._applyUserDefault(old.copy(), self.configSamba.userDefault)
if not "sambaSamAccount" in new['objectClass']:
new['objectClass'].append("sambaSamAccount")
new["sambaAcctFlags"] = ["[U ]"]
new["sambaSID"] = [domainInfo['sambaSID'][0] + '-' + str(int(domainInfo['sambaNextRid'][0]) + 1)]
# If the passwd has been encoded in the XML-RPC stream, decode it
if isinstance(password, xmlrpclib.Binary):
password = str(password)
# If the passwd is in a dict
# {'scalar': 'thepassword', 'xmlrpc_type': 'base64'}
# take scalar
if isinstance(password, dict):
password = password['scalar']
new['sambaLMPassword'] = [smbpasswd.lmhash(password)]
new['sambaNTPassword'] = [smbpasswd.nthash(password)]
new['sambaPwdLastSet'] = [str(int(time()))]
# Update LDAP
modlist = ldap.modlist.modifyModlist(old, new)
self.l.modify_s(userdn, modlist)
self.updateDomainNextRID()
self.runHook("samba.addsmbattr", uid, password)
r.commit()
def admin(request):
admin_member = retrieve_member(request)
if len(request.user.groups.filter(name__in=['ldap_admins'])) < 1:
return render(request, 'access_denied.html')
users = admin_member.list_users()
if request.method == 'POST':
form = AdminForm(request.POST, request=request, users=users)
if form.is_valid():
new_password = form.cleaned_data['password1']
admin_member.admin_change_password(form.cleaned_data['username'], new_password)
member = MemberValues(form.cleaned_data['username'], new_password)
member.set('sambaLMPassword', smbpasswd.lmhash(new_password))
member.set('sambaNTPassword', smbpasswd.nthash(new_password))
member.save()
new_form = AdminForm(request=request, users=users)
return render(request, 'admin.html',
{'message': _('The password for %s was changed. Thank you!' % form.cleaned_data['username']),
'form': new_form})
else:
return render(request, 'admin.html',
{'form': form})
else:
form = AdminForm(request=request, users=users)
return render(request, 'admin.html',
{'form': form})
def password(request):
"""
View that changes the password on the LDAP server.
"""
member = retrieve_member(request)
if request.method == 'POST':
form = PasswordForm(request.POST, request=request)
if form.is_valid():
new_password = form.cleaned_data['password1']
# change the password for the Wifi
member.set('sambaLMPassword', smbpasswd.lmhash(new_password))
member.set('sambaNTPassword', smbpasswd.nthash(new_password))
member.save()
# change the LDAP password
member.change_password(new_password)
key = store_ldap_password(request, new_password)
request.session.save()
new_form = PasswordForm()
response = render(request, 'password.html',
{'message': _('Your password was changed. Thank you!'),
'form': new_form, 'member': member.to_dict()})
response.set_cookie('sessionkey', key)
return response
else:
return render(request, 'password.html',
{'form': form, 'member': member.to_dict()})
else:
form = PasswordForm()
return render(request, 'password.html',
{'form': form, 'member': member.to_dict()})
def change_password(cls, self, password):
if isinstance(password, unicode):
password = password.encode()
self.sambaNTPassword=smbpasswd.nthash(password)
self.sambaLMPassword=smbpasswd.lmhash(password)
self.sambaPwdMustChange=None
self.sambaPwdLastSet=datetime.datetime.now()
def ntlm(self):
try:
import smbpasswd
hash = smbpasswd.lmhash(self.password)
self.out['ntlm'] = {
'header': '{ntlm}',
'salt': None,
'hash': hash }
return hash
except:
return None
def ntlm(password):
"""return tuple with NT and LanMan hash"""
nt = smbpasswd.nthash(password)
if configRegistry.is_true('password/samba/lmhash', False):
lm = smbpasswd.lmhash(password)
else:
lm = ''
return (nt, lm)
def ntlm(password):
"""return tuple with NT and LanMan hash"""
nt = smbpasswd.nthash(password)
if configRegistry.is_true('password/samba/lmhash', False):
lm = smbpasswd.lmhash(password)
else:
lm = ''
return (nt, lm)
def mkpasswd(pwd, sambaver=3, default="ssha"):
""" Make a given password cryptated, possibly with different
crypt-algorihtms. This module was written for use with
LDAP - so default is seeded sha
"""
alg = {"sha": "Secure Hash Algorithm", "ssha": "Seeded SHA", "md5": "MD5", "smd5": "Seeded MD5"}
if _crypt:
alg["crypt"] = "standard unix crypt"
if smb:
alg["lmhash"] = "lan man hash"
alg["nthash"] = "nt hash"
if default not in alg.keys():
return "algorithm <%s> not supported in this version." % default
else:
salt = getsalt()
if default == "ssha":
pwString = "{SSHA}" + base64.encodestring(sha.new(str(pwd) + salt).digest() + salt)
return pwString[:-1]
elif default == "sha":
pwString = "{SHA}" + base64.encodestring(sha.new(str(pwd)).digest())
return pwString[:-1]
elif default == "md5":
pwString = "{MD5}" + base64.encodestring(md5.new(str(pwd)).digest())
return pwString[:-1]
elif default == "smd5":
salt = getsalt(length=4) # Newer versions of OpenLDAP should support the default length 16
pwString = "{SMD5}" + base64.encodestring(md5.new(str(pwd) + salt).digest() + salt)
return pwString[:-1]
elif default == "crypt":
return "{CRYPT}" + crypt.crypt(str(pwd), getsalt(length=2)) # crypt only uses a salt of length 2
elif default == "lmhash":
if sambaver == 3:
return "{sambaLMPassword}" + smbpasswd.lmhash(pwd)
elif sambaver == 2:
return "{lmPassword}" + smbpasswd.lmhash(pwd)
elif default == "nthash":
if sambaver == 3:
return "{sambaNTPassword}" + smbpasswd.nthash(pwd)
elif sambaver == 2:
return "{NTPassword}" + smbpasswd.nthash(pwd)
def mkpasswd(pwd,sambaver=3,default='ssha'):
''' Make a given password cryptated, possibly with different
crypt-algorihtms. This module was written for use with
LDAP - so default is seeded sha
'''
alg = {
'ssha':'Seeded SHA',
'sha':'Secure Hash Algorithm',
'md5':'MD5',
'smd5':'Seeded MD5',
'crypt':'standard unix crypt'
}
if smb:
alg['lmhash'] = 'lan man hash'
alg['nthash'] = 'nt hash'
if default not in alg.keys():
return 'algorithm <%s> not supported in this version.' % default
else:
salt = getsalt()
if default == 'ssha':
return "{SSHA}" + base64.encodestring(sha.new(str(pwd) + salt).digest() + salt)
elif default =='sha':
return "{SHA}" + base64.encodestring(sha.new(str(pwd)).digest())
elif default =='md5':
return "{MD5}" + base64.encodestring(md5.new(str(pwd)).digest())
elif default == 'smd5':
return "{SMD5}" + base64.encodestring(md5.new(str(pwd) + salt).digest() + salt)
elif default =='crypt':
return "{CRYPT}" + crypt.crypt(str(pwd),getsalt(length=2)) # crypt only uses a salt of length 2
elif default == 'lmhash':
if sambaver==3:
return "{sambaLMPassword}" + smbpasswd.lmhash(pwd)
elif sambaver==2:
return "{lmPassword}" + smbpasswd.lmhash(pwd)
elif default == 'nthash':
if sambaver==3:
return "{sambaNTPassword}" + smbpasswd.lmhash(pwd)
elif sambaver==2:
return "{NTPassword}" + smbpasswd.lmhash(pwd)
def getHashPasswd(self, password, SecHashAlg):
"""Генерация хеша пароля,
Поддерживаемые алгоритмы шифрования пароля:
plain, md5, smd5, crypt, sha, ssha, lm, nt
"""
if not password:
print _("ERROR") + " getHashPasswd: " +\
_("password empty")
return False
hashPwd = ""
if SecHashAlg == "plain":
hashPwd = password
elif SecHashAlg == "md5":
h = hashlib.md5(password)
hashPwd = "{MD5}" + b64encode(h.digest())
elif SecHashAlg == "smd5":
salt = os.urandom(4)
h = hashlib.md5(password)
h.update(salt)
hashPwd = "{SMD5}" + b64encode(h.digest() + salt)
elif SecHashAlg == "crypt":
salt = self.__GenCryptSalt__()
hashPwd = "{CRYPT}" + crypt.crypt(password, salt)
elif SecHashAlg == "sha":
h = hashlib.sha1(password)
hashPwd = "{SHA}" + b64encode(h.digest())
elif SecHashAlg == "ssha":
salt = os.urandom(4)
h = hashlib.sha1(password)
h.update(salt)
hashPwd = "{SSHA}" + b64encode(h.digest() + salt)
elif SecHashAlg == "lm":
hashPwd = smbpasswd.lmhash(password)
elif SecHashAlg == "nt":
hashPwd = smbpasswd.nthash(password)
else:
print _("ERROR") + " getHashPasswd: " +\
_("Can not support '%s' crypto algorithm")%SecHashAlg
return False
return hashPwd
def ntlm(password):
# type: (str) -> Tuple[str, str]
"""
Return tuple with NT and LanMan hash.
:param password: password string.
:returns: 2-tuple (NT, LanMan)
"""
nt = smbpasswd.nthash(password)
if configRegistry.is_true('password/samba/lmhash', False):
lm = smbpasswd.lmhash(password)
else:
lm = ''
return (nt, lm)
def password(request):
"""
View that changes the password on the LDAP server.
"""
member = retrieve_member(request)
if request.method == 'POST':
form = PasswordForm(request.POST, request=request)
if form.is_valid():
new_password = form.cleaned_data['password1']
# change the password for the Wifi
member.set('sambaLMPassword', smbpasswd.lmhash(new_password))
member.set('sambaNTPassword', smbpasswd.nthash(new_password))
member.save()
# change the LDAP password
member.change_password(new_password)
key = store_ldap_password(request, new_password)
request.session.save()
new_form = PasswordForm()
response = render(
request, 'password.html', {
'message': _('Your password was changed. Thank you!'),
'form': new_form,
'member': member.to_dict()
})
response.set_cookie('sessionkey', key)
return response
else:
return render(request, 'password.html', {
'form': form,
'member': member.to_dict()
})
else:
form = PasswordForm()
return render(request, 'password.html', {
'form': form,
'member': member.to_dict()
})
passwd = 'Winter14'
if count>75 and count<=110:
passwd = name+'Acme2016'
if count>110 and count<=130:
passwd = name+'Acme!'
if count>130 and count<=150:
passwd = name+':Acme'
if count>150 and count<=205:
passwd = last
if count>205 and count<=250:
passwd = name+'Bank!'
if count>250 and count<=270:
passwd = name+'Bank2016\n'
if count>270 and count<=280:
passwd = ''
if count>280 and count<=298:
passwd = 'Password'
if count == 299:
passwd = 'letmeinAcme'
if count == 300:
passwd = 'secret:Acme'
pair = name + "::" + smbpasswd.lmhash(passwd)+":"+smbpasswd.nthash(passwd)+":::\n"
pass_my.write(pair)
last = name
elif count >= 300:
break
print 'index is %d' % index
print count
pass_john.close()
pass_my.close()
uid: %(uid)s
cn: %(cn)s
uidNumber: %(uid_num)s
gidNumber: %(uid_num)s
homeDirectory: %(home_dir)s
sambaSID: %(sid)s
sambaNTPassword: %(ntpwd)s
sambaLMPassword: %(lmpwd)s
userPassword: %(pwd)s
"""
n = int(sys.argv.pop(1))
print container_template
for x in range(n):
secret = 'secret%d' % x
nt_secret = smbpasswd.nthash(secret)
lm_secret = smbpasswd.lmhash(secret)
print user_template % dict(
uid='uid%d' % x,
cn='cn%d' % x,
uid_num=str(x),
gid_num=str(x),
home_dir='/home/uid%d' % x,
sid='12345-%d' % x,
pwd=secret,
ntpwd=nt_secret,
lmpwd=lm_secret,
),
def getHashPasswd(self, password, SecHashAlg):
"""Генерация хеша пароля,
Поддерживаемые алгоритмы шифрования пароля:
plain, md5, smd5, crypt, sha, ssha, lm, nt, shadow_ssha512,
shadow_ssha256, shadow_md5
"""
if not password:
self.printERROR(_("ERROR") + " getHashPasswd: " +
_("empty password"))
return False
hashPwd = ""
if SecHashAlg == "plain":
hashPwd = password
elif SecHashAlg == "md5":
h = hashlib.md5(password)
hashPwd = "{MD5}" + b64encode(h.digest())
elif SecHashAlg == "smd5":
salt = os.urandom(4)
h = hashlib.md5(password)
h.update(salt)
hashPwd = "{SMD5}" + b64encode(h.digest() + salt)
elif SecHashAlg == "shadow_ssha512":
salt = self.__GenCryptSalt__(8)
hashPwd = crypt.crypt(password, "$6$%s$"%salt)
elif SecHashAlg == "shadow_ssha256":
salt = self.__GenCryptSalt__(8)
hashPwd = crypt.crypt(password, "$5$%s$"%salt)
elif SecHashAlg == "shadow_md5":
salt = self.__GenCryptSalt__(8)
hashPwd = crypt.crypt(password, "$1$%s$"%salt)
elif SecHashAlg == "crypt":
salt = self.__GenCryptSalt__()
hashPwd = "{CRYPT}" + crypt.crypt(password, salt)
elif SecHashAlg == "sha":
h = hashlib.sha1(password)
hashPwd = "{SHA}" + b64encode(h.digest())
elif SecHashAlg == "ssha":
salt = os.urandom(4)
h = hashlib.sha1(password)
h.update(salt)
hashPwd = "{SSHA}" + b64encode(h.digest() + salt)
elif SecHashAlg == "lm" and lmhash:
hashPwd = lmhash(password)
elif SecHashAlg == "nt" and nthash:
hashPwd = nthash(password)
else:
if SecHashAlg in ("lm","nt"):
self.printERROR(_("ERROR") + " getHashPasswd: " +
(_("Failed to support '%s' crypto algorithm")
%SecHashAlg) + " " + _("without py-smbpasswd"))
else:
self.printERROR(_("ERROR") + " getHashPasswd: " +
_("Failed to support '%s' crypto algorithm")
%SecHashAlg)
return False
return hashPwd
def authSetSmbPassword(self, username, password):
'''Set a user's smb password
'''
self.config.setVar(
'user.%s.spasswd' % username,
'%s:%s' % (smbpasswd.lmhash(password), smbpasswd.nthash(password)))
def sambaLMPassword(passwd):
return smbpasswd.lmhash(passwd)
''' Created on Oct 12, 2012 @author: tivalat ''' import smbpasswd passwd = 'mypassword' print 'LANMAN hash is', smbpasswd.lmhash(passwd) print 'NT hash is', smbpasswd.nthash(passwd) print 'both hashes at once = %s:%s (lm:nt)' % smbpasswd.hash(passwd)
def test_lm(self):
self.assertEqual(smbpasswd.lmhash('foo'),
'5BFAFBEBFB6A0942AAD3B435B51404EE')
self.assertEqual(smbpasswd.lmhash('passphrase'),
'855C3697D9979E78AC404C4BA2C66533')
os.remove("lm_hash.txt")
os.remove("ntlm_hash.txt")
os.remove("mysql323_hash.txt")
os.remove("mysqlsha1_hash.txt")
os.remove("md4_hash.txt")
os.remove("md5_hash.txt")
os.remove("doublemd5_hash.txt")
os.remove("sha1_hash.txt")
except:
blub="foo"
line = f.readline()
while line:
#lm
addHashtoFile("lm", smbpasswd.lmhash(line.rstrip('\n\r')).lower())
#ntlm
addHashtoFile("ntlm", hashlib.new('md4', line.rstrip('\n\r').encode('utf-16le')).hexdigest())
#mysql323
addHashtoFile("mysql323", mysql323.encrypt( line.rstrip('\n\r')))
#mysqlsha1
addHashtoFile("mysqlsha1", hashlib.sha1( hashlib.sha1(line.rstrip('\n\r')).digest()).hexdigest())
#md4
addHashtoFile("md4", hashlib.new('md4', line.rstrip('\n\r')).hexdigest())
#md5
addHashtoFile("md5", hashlib.md5(line.rstrip('\n\r')).hexdigest())
#doublemd5
addHashtoFile("doublemd5", hashlib.md5(hashlib.md5(line.rstrip('\n\r')).digest()).hexdigest())
#sha1
addHashtoFile("sha1", hashlib.sha1(line.rstrip('\n\r')).hexdigest())
import json
if len(sys.argv) != 2:
print 'USAGE: add_passwords.py file'
sys.exit()
lm_db = redis.StrictRedis(host='localhost', port=6379, db=1)
nt_db = redis.StrictRedis(host='localhost', port=6379, db=2)
def add_lm_hash(hash, plain):
# print 'Adding LM hash {0}'.format(hash)
lm = {'plain': plain, 'count': 0}
lm_db.set(hash.upper(), json.dumps(lm))
def add_nt_hash(hash, plain):
# print 'Adding NT hash {0}'.format(hash)
nt = {'plain': plain, 'count': 0}
nt_db.set(hash.upper(), json.dumps(nt))
for line in open(sys.argv[1]
):
line = line.rstrip('\r\n')
print 'Adding ' + line
# LM truncates at 14 characters.
if len(line) <= 14:
add_lm_hash(smbpasswd.lmhash(line), line)
add_nt_hash(smbpasswd.nthash(line), line)
#!/usr/bin/env python import smbpasswd import sys passwd = sys.argv[1] print 'LANMAN hash is', smbpasswd.lmhash(passwd) print 'NT hash is', smbpasswd.nthash(passwd) print 'both hashes at once = %s:%s (lm:nt)' % smbpasswd.hash(passwd)
def sambaLMPassword(passwd):
return smbpasswd.lmhash(passwd)
