Man Linux: Main Page and Category List

NAME

       htntlm - read/write NTLM message

SYNOPSIS

       htntlm [OPTIONS]

DESCRIPTION

       htntlm is used to read, generate and inspect NTLM messages.

OPTIONS

       -v --version
              Print version number and exit

       -h --help
              Display usage information (this message)

       -r --read
              read a NTLM base64 encoded message

       -w --write
              write a NTLM base64 encoded message

       -i --info
              print in a readable manner

       -d --debug
              print debug information

       -t --type
              NTLM message type 1, 2 or 3

       -D --domain
              Domain name

       -W --workstation
              Workstation name

       -E --server
              Workstation name

       -O --os-version
              OS Version major.minor.build

       -T --target
              Target name

       -N --dns-domain
              DNS domain name

       -S --dns-server
              DNS server name

       -a --target-info
              Target  info  as provided in NTLM type 2 message base64 encoded,
              need for NTLMv2

       -U --user
              User name

       -P --password
              password

       -C --challenge
              Challenge in hex notation

       -c --client-challengeClient challenge in hex  notation,  default  is  a
              random

       -X --context
              Context in hex notation

       -K --session-key
              Session Key

       -R --response
              response type space separated: lm ntlm lm2 ntlm2 ntlm2-session

       -u --unicode
              transmit user, workstation, ... as unicode strings

       -f --flags
              Space separated NTLM flags neg-unicode:

              Indicates that Unicode strings are supported for use in security
              buffer data.

              neg-oem:

              Indicates that OEM strings are supported  for  use  in  security
              buffer data.

              req-target:

              Requests  that  the server’s authentication realm be included in
              the Type 2 message.

              neg-sign:

              Specifies that authenticated communication  between  the  client
              and server should carry a digital signature (message integrity).

              neg-seal:

              Specifies that authenticated communication  between  the  client
              and server should be encrypted (message confidentiality).

              neg-datagram-style:

              Indicates that datagram authentication is being used.

              neg-lm-key:

              Indicates  that  the  Lan Manager Session Key should be used for
              signing and sealing authenticated communications.

              neg-netware:

              This flag’s usage has not been identified.

              neg-ntlm-key:

              Indicates that NTLM authentication is being used.

              neg-anonymous:

              Sent by the client in the Type 3 message  to  indicate  that  an
              anonymous  context  has  been established. This also affects the
              response fields.

              neg-domain-supp:

              Sent by the client in the Type 1 message to  indicate  that  the
              name   of  the  domain  in  which  the  client  workstation  has
              membership is included in the message.   This  is  used  by  the
              server  to  determine  whether  the client is eligible for local
              authentication.

              neg-workstation-supp:

              Sent by the client in the Type 1 message to  indicate  that  the
              client  workstation’s  name  is included in the message. This is
              used by the server to determine whether the client  is  eligible
              for local authentication.

              neg-local-call:

              Sent by the server to indicate that the server and client are on
              the  same  machine.   Implies  that  the  client  may  use   the
              established  local  credentials  for  authentication  instead of
              calculating a response to the challenge.

              neg-always_sign:

              Indicates that authenticated communication  between  the  client
              and server should be signed with a "dummy" signature.

              target-type-domain:

              Sent  by  the  server in the Type 2 message to indicate that the
              target authentication realm is a domain.

              target-type-server:

              Sent by the server in the Type 2 message to  indicate  that  the
              target authentication realm is a server.

              target-type-share:

              Sent  by  the  server in the Type 2 message to indicate that the
              target authentication realm is a share.  Presumably, this is for
              share-level authentication. Usage is unclear.

              neg-ntlm2-key:

              Indicates  that  the  NTLM2 signing and sealing scheme should be
              used for protecting  authenticated  communications.   Note  that
              this  refers to a particular session security scheme, and is not
              related to the use of  NTLMv2  authentication.  This  flag  can,
              however, have an effect on the response calculations

              req-init-res:

              This flag’s usage has not been identified

              req-accept-res:

              This flag’s usage has not been identified

              req-nonnt-session-key:

              This flag’s usage has not been identified

              neg-target-info:

              Sent  by the server in the Type 2 message to indicate that it is
              including a Target Information block in the message. The  Target
              Information  block  is  used  in  the  calculation of the NTLMv2
              response.

              neg-128:

              Indicates that 128-bit encryption is supported.

              neg-key-exchange:

              Indicates that the client will provide an encrypted  master  key
              in the "Session Key" field of the Type 3 message.

              neg-56:

              Indicates that 56-bit encryption is supported.

AUTHOR

       Written by Christian Liesch

COPYRIGHT

       Copyright © 2006 Free Software Foundation, Inc.
       This is free software; see the source for copying conditions.  There is
       NO warranty; not even for MERCHANTABILITY or FITNESS FOR  A  PARTICULAR
       PURPOSE.