ITPub博客

首页 > Linux操作系统 > Linux操作系统 > WindowsNT/2k密码到散列的实现算法(转)

WindowsNT/2k密码到散列的实现算法(转)

原创 Linux操作系统 作者:RegisterForBlog 时间:2007-09-19 20:26:34 0 删除 编辑
WindowsNT/2k密码到散列的实现算法(转)[@more@]

  NT/2000的密码散列也叫OWF,其实这个散列的作用很大,任何密码都会先生成散列进行保存,在网络认证的时候,也会使用散列。

  但是关于NT/2000的密码散列虽然有很多的介绍,但是却缺乏具体的算法,影响了对于其算法安全性的研究,这里就是通过反汇编获得的密码到散列的实现。

  NT/2000的密码散列其实由2部分组成,一部分是通过变形DES算法,使用密码的大写OEM格式作为密钥(分成2个KEY,每个KEY7字节,用0补足14个字节),通过DESECB方式获得一个128位的密钥,加密特殊字符串“KGS!@#$%”获得的一个16字节长度的值。另一部分则是使用MD4对密码的UNICODE形式进行加密获得的一个散列,下面就是具体的算法代码,提供给大家做进一步深入的研究:

  //注:DES的算法与标准DES的算法有如下不同

  //与标准DES的SPBOX不同

  //与标准DES的ECB生成算法不同,DESKEY不同,标准的是生成64位字节,而他是生成128位字节

  //标准的DES一次是8字节块加密8字节再循环,而他是16字节一次

  //关于MD4的实现,我这里没有标准MD4的算法实现和说明,但是有MD5的,按照MD4与MD5的区别中,好象算法还是有很多改变。

  //因为按照标准的MD5的说法,每轮当中的每次计算,除了参数不同,函数算法是一致的,但其实他的实现是不同的。

  void passtoowf(wchar_t * password);

  void initLMP(char * pass,unsigned char * LM);

  void deskey(char * LmPass,unsigned char * desecb);

  void des(unsigned char * LM,char * magic,unsigned char * ecb,long no);

  void md4init(unsigned char * LM);

  void md4(unsigned char * LM);

  void initMDP(PLSA_UNICODE_STRING pass,unsigned char * LM);

  typedef DWORD (CALLBACK* RTLUPCASEUNICODESTRINGTOOEMSTRING)(PLSA_UNICODE_STRING, PLSA_UNICODE_STRING, DWORD);

  RTLUPCASEUNICODESTRINGTOOEMSTRING RtlUpcaseUnicodeStringToOemString;

  unsigned char DESParity[]={0,1,1,2,1,2,2,3,1,2,2,3,2,3,3,4};

  unsigned char DESDShift[]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0,

  0x64,0xCC,0xF9,0x29,0xDF,0xDE,0x86,0x4A,0x81,0x84,9,0x3C,0,0,0,0,

  0xFB,0x99,0xE9,8,0xEC,0x87,0x67,0x2F,0x59,0x0FD,0x22,0xF1};

  DWORD DESKEY1[]={

  0x00000000,0x00000010,0x20000000,0x20000010,0x00010000,0x00010010,0x20010000,0x20010010,

  0x00000800,0x00000810,0x20000800,0x20000810,0x00010800,0x00010810,0x20010800,0x20010810,

  0x00000020,0x00000030,0x20000020,0x20000030,0x00010020,0x00010030,0x20010020,0x20010030,

  0x00000820,0x00000830,0x20000820,0x20000830,0x00010820,0x00010830,0x20010820,0x20010830,

  0x00080000,0x00080010,0x20080000,0x20080010,0x00090000,0x00090010,0x20090000,0x20090010,

  0x00080800,0x00080810,0x20080800,0x20080810,0x00090800,0x00090810,0x20090800,0x20090810,

  0x00080020,0x00080030,0x20080020,0x20080030,0x00090020,0x00090030,0x20090020,0x20090030,

  0x00080820,0x00080830,0x20080820,0x20080830,0x00090820,0x00090830,0x20090820,0x20090830};

  DWORD DESKEY2[]={

  0x00000000,0x02000000,0x00002000,0x02002000,0x00200000,0x02200000,0x00202000,0x02202000,

  0x00000004,0x02000004,0x00002004,0x02002004,0x00200004,0x02200004,0x00202004,0x02202004,

  0x00000400,0x02000400,0x00002400,0x02002400,0x00200400,0x02200400,0x00202400,0x02202400,

  0x00000404,0x02000404,0x00002404,0x02002404,0x00200404,0x02200404,0x00202404,0x02202404,

  0x10000000,0x12000000,0x10002000,0x12002000,0x10200000,0x12200000,0x10202000,0x12202000,

  0x10000004,0x12000004,0x10002004,0x12002004,0x10200004,0x12200004,0x10202004,0x12202004,

  0x10000400,0x12000400,0x10002400,0x12002400,0x10200400,0x12200400,0x10202400,0x12202400,

  0x10000404,0x12000404,0x10002404,0x12002404,0x10200404,0x12200404,0x10202404,0x12202404};

  DWORD DESKEY3[]={

  0x00000000,0x00000001,0x00040000,0x00040001,0x01000000,0x01000001,0x01040000,0x01040001,

  0x00000002,0x00000003,0x00040002,0x00040003,0x01000002,0x01000003,0x01040002,0x01040003,

  0x00000200,0x00000201,0x00040200,0x00040201,0x01000200,0x01000201,0x01040200,0x01040201,

  0x00000202,0x00000203,0x00040202,0x00040203,0x01000202,0x01000203,0x01040202,0x01040203,

  0x08000000,0x08000001,0x08040000,0x08040001,0x09000000,0x09000001,0x09040000,0x09040001,

  0x08000002,0x08000003,0x08040002,0x08040003,0x09000002,0x09000003,0x09040002,0x09040003,

  0x08000200,0x08000201,0x08040200,0x08040201,0x09000200,0x09000201,0x09040200,0x09040201,

  0x08000202,0x08000203,0x08040202,0x08040203,0x09000202,0x09000203,0x09040202,0x09040203};

  DWORD DESKEY4[]={

  0x00000000,0x00100000,0x00000100,0x00100100,0x00000008,0x00100008,0x00000108,0x00100108,

  0x00001000,0x00101000,0x00001100,0x00101100,0x00001008,0x00101008,0x00001108,0x00101108,

  0x04000000,0x04100000,0x04000100,0x04100100,0x04000008,0x04100008,0x04000108,0x04100108,

  0x04001000,0x04101000,0x04001100,0x04101100,0x04001008,0x04101008,0x04001108,0x04101108,

  0x00020000,0x00120000,0x00020100,0x00120100,0x00020008,0x00120008,0x00020108,0x00120108,

  0x00021000,0x00121000,0x00021100,0x00121100,0x00021008,0x00121008,0x00021108,0x00121108,

  0x04020000,0x04120000,0x04020100,0x04120100,0x04020008,0x04120008,0x04020108,0x04120108,

  0x04021000,0x04121000,0x04021100,0x04121100,0x04021008,0x04121008,0x04021108,0x04121108};

  DWORD DESKEY5[]={

  0x00000000,0x10000000,0x00010000,0x10010000,0x00000004,0x10000004,0x00010004,0x10010004,

  0x20000000,0x30000000,0x20010000,0x30010000,0x20000004,0x30000004,0x20010004,0x30010004,

  0x00100000,0x10100000,0x00110000,0x10110000,0x00100004,0x10100004,0x00110004,0x10110004,

  0x20100000,0x30100000,0x20110000,0x30110000,0x20100004,0x30100004,0x20110004,0x30110004,

  0x00001000,0x10001000,0x00011000,0x10011000,0x00001004,0x10001004,0x00011004,0x10011004,

  0x20001000,0x30001000,0x20011000,0x30011000,0x20001004,0x30001004,0x20011004,0x30011004,

  0x00101000,0x10101000,0x00111000,0x10111000,0x00101004,0x10101004,0x00111004,0x10111004,

  0x20101000,0x30101000,0x20111000,0x30111000,0x20101004,0x30101004,0x20111004,0x30111004};

  DWORD DESKEY6[]={

  0x00000000,0x08000000,0x00000008,0x08000008,0x00000400,0x08000400,0x00000408,0x08000408,

  0x00020000,0x08020000,0x00020008,0x08020008,0x00020400,0x08020400,0x00020408,0x08020408,

  0x00000001,0x08000001,0x00000009,0x08000009,0x00000401,0x08000401,0x00000409,0x08000409,

  0x00020001,0x08020001,0x00020009,0x08020009,0x00020401,0x08020401,0x00020409,0x08020409,

  0x02000000,0x0A000000,0x02000008,0x0A000008,0x02000400,0x0A000400,0x02000408,0x0A000408,

  0x02020000,0x0A020000,0x02020008,0x0A020008,0x02020400,0x0A020400,0x02020408,0x0A020408,

  0x02000001,0x0A000001,0x02000009,0x0A000009,0x02000401,0x0A000401,0x02000409,0x0A000409,

  0x02020001,0x0A020001,0x02020009,0x0A020009,0x02020401,0x0A020401,0x02020409,0x0A020409};

  DWORD DESKEY7[]={

  0x00000000,0x00000100,0x00080000,0x00080100,0x01000000,0x01000100,0x01080000,0x01080100,

  0x00000010,0x00000110,0x00080010,0x00080110,0x01000010,0x01000110,0x01080010,0x01080110,

  0x00200000,0x00200100,0x00280000,0x00280100,0x01200000,0x01200100,0x01280000,0x01280100,

  0x00200010,0x00200110,0x00280010,0x00280110,0x01200010,0x01200110,0x01280010,0x01280110,

  0x00000200,0x00000300,0x00080200,0x00080300,0x01000200,0x01000300,0x01080200,0x01080300,

  0x00000210,0x00000310,0x00080210,0x00080310,0x01000210,0x01000310,0x01080210,0x01080310,

  0x00200200,0x00200300,0x00280200,0x00280300,0x01200200,0x01200300,0x01280200,0x01280300,

  0x00200210,0x00200310,0x00280210,0x00280310,0x01200210,0x01200310,0x01280210,0x01280310};

  DWORD DESKEY8[]={

  0x00000000,0x04000000,0x00040000,0x04040000,0x00000002,0x04000002,0x00040002,0x04040002,

  0x00002000,0x04002000,0x00042000,0x04042000,0x00002002,0x04002002,0x00042002,0x04042002,

  0x00000020,0x04000020,0x00040020,0x04040020,0x00000022,0x04000022,0x00040022,0x04040022,

  0x00002020,0x04002020,0x00042020,0x04042020,0x00002022,0x04002022,0x00042022,0x04042022,

  0x00000800,0x

  

本文来自:http://www.linuxpk.com/30680.html

-->linux电子图书免费下载和技术讨论基地

·上一篇:Windows内置的事件查看器可解决系统故障

·下一篇:PowerPC体系结构及其溢出技术学习笔记
 
     最新更新
·注册表备份和恢复

·低级格式化的主要作用

·如何防范恶意网站

·常见文件扩展名和它们的说明

·专家:警惕骇客骗局,严守企业信息

·PGPforWindows介紹基本设定(2)

·解剖安全帐号管理器(SAM)结构

·“恶作剧之王”揭秘

·绿色警戒

·黑客反击战

·网络四大攻击方法及安全现状描述

·可攻击3种浏览器代码流于互联网

·黑客最新的兴趣点,下个目标会是谁?

·“僵尸”——垃圾邮件的主要传播源

·Lebreat蠕虫惊现3变种

·POSTFIX反病毒反垃圾Ų…

·在FreeBSD上用PHP实现在线添加FTP用户

·简单让你在FreeBSDADSL上…

·安全版本:OpenBSD入门技巧解析

·Internet连接共享上网完全攻略

·关于ADSL上网网速常识

·静态缓存和动态缓存的比较

·最友好的SQL注入防御方法

·令网站提速的7大秘方

·网络基础知识大全

·路由基本知识

·端口映射的几种实现方法

·VLAN经典诠释

·问题分析与解决——ADSL错误代码

·问题分析——关于2条E1的线路绑定


关于我们 | 联系方式 | 广告合作 | 诚聘英才 | 网站地图 | 网址大全 | 友情链接 | 免费注册

Copyright © 2004 - 2007 All Rights Reserved

来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/10763080/viewspace-970231/,如需转载,请注明出处,否则将追究法律责任。

请登录后发表评论 登录
全部评论