NAME¶
htntlm - read/write NTLM message
SYNOPSIS¶
htntlm [
OPTIONS]
DESCRIPTION¶
htntlm is used to read, generate and inspect NTLM messages.
OPTIONS¶
- -v --version
- Print version number and exit
- -h --help
- Display usage information (this message)
- -r --read
- read a NTLM base64 encoded message
- -w --write
- write a NTLM base64 encoded message
- -i --info
- print in a readable manner
- -d --debug
- print debug information
- -t --type
- NTLM message type 1, 2 or 3
- -D --domain
- Domain name
- -W --workstation
- Workstation name
- -E --server
- Workstation name
- -O --os-version
- OS Version major.minor.build
- -T --target
- Target name
- -N --dns-domain
- DNS domain name
- -S --dns-server
- DNS server name
- -a --target-info
- Target info as provided in NTLM type 2 message base64
encoded, need for NTLMv2
- -U --user
- User name
- -P --password
- password
- -C --challenge
- Challenge in hex notation
-c
--client-challengeClient challenge in hex notation, default is a
random
- -X --context
- Context in hex notation
- -K --session-key
- Session Key
- -R --response
- response type space separated: lm ntlm lm2 ntlm2
ntlm2-session
- -u --unicode
- transmit user, workstation, ... as unicode strings
- -f --flags
- Space separated NTLM flags neg-unicode:
- Indicates that Unicode strings are supported for use in
security buffer data.
- neg-oem:
- Indicates that OEM strings are supported for use in
security buffer data.
- req-target:
- Requests that the server's authentication realm be included
in the Type 2 message.
- neg-sign:
- Specifies that authenticated communication between the
client and server should carry a digital signature (message
integrity).
- neg-seal:
- Specifies that authenticated communication between the
client and server should be encrypted (message confidentiality).
- neg-datagram-style:
- Indicates that datagram authentication is being used.
- neg-lm-key:
- Indicates that the Lan Manager Session Key should be used
for signing and sealing authenticated communications.
- neg-netware:
- This flag's usage has not been identified.
- neg-ntlm-key:
- Indicates that NTLM authentication is being used.
- neg-anonymous:
- Sent by the client in the Type 3 message to indicate that
an anonymous context has been established. This also affects the response
fields.
- neg-domain-supp:
- Sent by the client in the Type 1 message to indicate that
the name of the domain in which the client workstation has membership is
included in the message. This is used by the server to determine whether
the client is eligible for local authentication.
- neg-workstation-supp:
- Sent by the client in the Type 1 message to indicate that
the client workstation's name is included in the message. This is used by
the server to determine whether the client is eligible for local
authentication.
- neg-local-call:
- Sent by the server to indicate that the server and client
are on the same machine. Implies that the client may use the established
local credentials for authentication instead of calculating a response to
the challenge.
- neg-always_sign:
- Indicates that authenticated communication between the
client and server should be signed with a "dummy"
signature.
- target-type-domain:
- Sent by the server in the Type 2 message to indicate that
the target authentication realm is a domain.
- target-type-server:
- Sent by the server in the Type 2 message to indicate that
the target authentication realm is a server.
- target-type-share:
- Sent by the server in the Type 2 message to indicate that
the target authentication realm is a share. Presumably, this is for
share-level authentication. Usage is unclear.
- neg-ntlm2-key:
- Indicates that the NTLM2 signing and sealing scheme should
be used for protecting authenticated communications. Note that this refers
to a particular session security scheme, and is not related to the use of
NTLMv2 authentication. This flag can, however, have an effect on the
response calculations
- req-init-res:
- This flag's usage has not been identified
- req-accept-res:
- This flag's usage has not been identified
- req-nonnt-session-key:
- This flag's usage has not been identified
- neg-target-info:
- Sent by the server in the Type 2 message to indicate that
it is including a Target Information block in the message. The Target
Information block is used in the calculation of the NTLMv2 response.
- neg-128:
- Indicates that 128-bit encryption is supported.
- neg-key-exchange:
- Indicates that the client will provide an encrypted master
key in the "Session Key" field of the Type 3 message.
- neg-56:
- Indicates that 56-bit encryption is supported.
AUTHOR¶
Written by Christian Liesch
COPYRIGHT¶
Copyright © 2006 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.
