I would like to implement a version the hash algorithm in a C# application, and need to know how Windows hashes and checks the passwords. I also need to know where they are stored. As far as I know, in the SAM file under C:\\Windows\\System32\\config. Is that correct?
Nothing tricky here. the NTLM hash is just the MD4 of the unicode password. MD4 is irresponsibly weak, so you will need a comprehensive crypto lib, like Bouncy Castle . MS has no native methods for it.
also, the best reference on the topic .
using Org.BouncyCastle.Crypto.Generators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Crypto.Digests;
I think those cover it. I hope...
here is one that returns it as a byte[], which you can convert as needed.
/// <summary>
/// Convert Password to NT Hash. Convert to unicode and MD4
/// </summary>
/// <param name="passwordIn">password In</param>
/// <returns>NT Hash as byte[]</returns>
public static byte[] NTHashAsBytes(string passwordIn)
{
MD4Digest md = new MD4Digest();
byte[] unicodePassword = Encoding.Convert(Encoding.ASCII, Encoding.Unicode, Encoding.ASCII.GetBytes(passwordIn));
md.BlockUpdate(unicodePassword, 0, unicodePassword.Length);
byte[] hash = new byte[16];
md.DoFinal(hash, 0);
return hash;
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.