Which NTLM version (1 or 2) does SMBJ authenticator support?

576 views Asked by At

I am developing an application which needs to access a network share using SMB. I was told that if security detects an authentication attempt using NTLM v. 1, then the respective firewall rules will be revoked.

Therefore I need to make sure that SMBJ (which I may use for this) supports NTLM v. 2 and uses it by default.

Does SMBJ support NTLM v. 2? Does it use it by default?

My own attempts at finding out

In the source code of SMBJ I found following fragment:

byte[] serverChallenge = challenge.getServerChallenge();
byte[] responseKeyNT = ntlmFunctions.NTOWFv2(String.valueOf(context.getPassword()), context.getUsername(), context.getDomain());
byte[] ntlmv2ClientChallenge = ntlmFunctions.(challenge.getTargetInfo());
byte[] ntlmv2Response = ntlmFunctions.getNTLMv2Response(responseKeyNT, serverChallenge, ntlmv2ClientChallenge);

The names getNTLMv2ClientChallenge and getNTLMv2Response suggest that NTLM v. 2 may be used.

Also, JCIFS homepage claims that SMBJ is a successor project:

Fortunately there are multiple new open source SMB Java projects to try including the following:

jcifs-codelibs jcifs-ng smbj

According to its FAQ, JCIFS has been using NTLM v. 2 since version 1.3.0.

If

  1. JCIFS supports NTLM v. 2 and uses it by default,
  2. SMBJ is based on JCIFS,

then SMBJ should support NTLM v. 2 and use it by default.

1

There are 1 answers

0
Hiery Nomus On BEST ANSWER

Yes, SMBJ uses either NTLMv2 or SPNEGO for authentication. You can configure which one you want to use. It doesn't use NTLMv1.