jon michaels <joniamasad@gmail.com> writes:
Hi list,
I am trying to figure out how to create an NT-Password hash for the authentication database using python.
I found the package python_ntlm which seems to be able to do the job. http://code.google.com/p/python-ntlm/source/browse/trunk/python26/ntlm/ntlm....
I think it needs a modification however, because currently the hash returned looks like this:
from ntlm.ntlm import create_NT_hashed_password_v1 create_NT_hashed_password_v1('test') '\xdb4mi\x1dz\xccM\xc2b]\xb1\x9f\x9e?R'
I then proceed to add the user in mysql: insert into radcheck (username,attribute,value,op) values ('testuser','NT-Password','\xdb4mi\x1dz\xccM\xc2b]\xb1\x9f\x9e?R',':=');
You'll have to insert the actual octets as produced by create_NT_hashed_password_v1 and not the weird display format used by python for printing the unprintable. If you insert mysql> insert into radcheck (username,attribute,value,op) values -> ('testuser','NT-Password','\xdb4mi\x1dz\xccM\xc2b]\xb1\x9f\x9e?R',':='); Query OK, 1 row affected (0.00 sec) then you get: mysql> select * from radcheck; +----+----------+-------------+----+--------------------------------+ | id | username | attribute | op | value | +----+----------+-------------+----+--------------------------------+ | 1 | testuser | NT-Password | := | xdb4mix1dzxccMxc2b]xb1x9fx9e?R | +----+----------+-------------+----+--------------------------------+ 1 row in set (0.00 sec) which is invalid. I suggest you use python to insert the value into mysql, *as it is returned* from create_NT_hashed_password_v1. For testing, you can probably get away with something like mysql> insert into radcheck (username,attribute,value,op) values ('testuser','NT-Password', concat(0xdb, "4mi", 0x1d, "z", 0xcc, "M", 0xc2, "b]", 0xb1, 0x9f, 0x9e, "?R"),':='); Bjørn