{"id":21540025,"url":"https://github.com/robinpowered/php-ntlm","last_synced_at":"2025-11-10T00:03:11.366Z","repository":{"id":35924108,"uuid":"40212014","full_name":"robinpowered/php-ntlm","owner":"robinpowered","description":"Message encoder/decoder and password hasher for the NTLM authentication protocol","archived":false,"fork":false,"pushed_at":"2025-03-21T08:42:49.000Z","size":154,"stargazers_count":17,"open_issues_count":3,"forks_count":7,"subscribers_count":11,"default_branch":"master","last_synced_at":"2025-04-02T15:09:33.980Z","etag":null,"topics":["authentication","challenge","hash","lm","negotiate","ntlm","ntlm-authentication-protocol","ntv1","ntv1-hashing","ntv2","ntv2-hashing","php"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/robinpowered.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-08-04T22:22:50.000Z","updated_at":"2024-12-17T09:03:38.000Z","dependencies_parsed_at":"2022-09-05T08:01:08.461Z","dependency_job_id":null,"html_url":"https://github.com/robinpowered/php-ntlm","commit_stats":null,"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robinpowered%2Fphp-ntlm","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robinpowered%2Fphp-ntlm/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robinpowered%2Fphp-ntlm/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robinpowered%2Fphp-ntlm/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/robinpowered","download_url":"https://codeload.github.com/robinpowered/php-ntlm/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248075930,"owners_count":21043669,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","challenge","hash","lm","negotiate","ntlm","ntlm-authentication-protocol","ntv1","ntv1-hashing","ntv2","ntv2-hashing","php"],"created_at":"2024-11-24T04:17:01.879Z","updated_at":"2025-11-10T00:03:11.289Z","avatar_url":"https://github.com/robinpowered.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# PHP NTLM\n\n[![Build Status](https://img.shields.io/travis/robinpowered/php-ntlm.svg?style=flat)](https://travis-ci.org/robinpowered/php-ntlm)\n[![Quality Score](https://img.shields.io/scrutinizer/g/robinpowered/php-ntlm.svg?style=flat)](https://scrutinizer-ci.com/g/robinpowered/php-ntlm/)\n[![Latest Stable Version](https://img.shields.io/github/release/robinpowered/php-ntlm.svg?style=flat)](https://github.com/robinpowered/php-ntlm/releases)\n\nPHP-NTLM is a library that handles the encoding and decoding of messages used in the challenge-and-response flow of the\nNTLM authentication protocol, while also providing separate injectable credential hashing mechanisms to allow for a more\nsecure version of a credential for storage (rather than storing passwords in \"plain-text\").\n\n\n## Features\n\n- NTLM client message encoding and decoding\n- Multiple text-encoding native-extensions supported\n- LM, NTv1, and NTv2 hashing algorithms supported\n\n\n## Requirements\n\n- 64-bit PHP runtime (NTLM negotiation bit flags extend beyond the 32-bit integer size)\n- PHP `\u003e=7.1.0`\n\n\n## Installation\n\n1. [Get Composer][composer-website]\n2. Add `robinpowered/php-ntlm` to your Composer required dependencies: `composer require robinpowered/php-ntlm`\n3. Include the [Composer autoloader][composer-documentation-autoloading]\n\n\n## Example Usage\n\n```php\n// Using Guzzle\n$client = new Client();\n$request = new Request('get', 'https://my-exchange-url.com');\n$user_name = 'user_name';\n$password = 'password';\n$target_name = 'target_name';\n$host_name = 'host_name';\n\n$encoding_converter = new MbstringEncodingConverter();\n$random_byte_generator = new NativeRandomByteGenerator();\n$hasher_factory = HasherFactory::createWithDetectedSupportedAlgorithms();\n\n$negotiate_message_encoder = new NegotiateMessageEncoder($encoding_converter);\n$challenge_message_decoder = new ChallengeMessageDecoder();\n\n$keyed_hasher_factory = KeyedHasherFactory::createWithDetectedSupportedAlgorithms();\n\n$nt1_hasher = new NtV1Hasher($hasher_factory, $encoding_converter);\n$nt2_hasher = new NtV2Hasher($nt1_hasher, $keyed_hasher_factory, $encoding_converter);\n\n$authenticate_message_encoder = new NtlmV2AuthenticateMessageEncoder(\n    $encoding_converter,\n    $nt2_hasher,\n    $random_byte_generator,\n    $keyed_hasher_factory\n);\n\n$negotiate_message = $negotiate_message_encoder-\u003eencode(\n    $target_name,\n    $host_name\n);\n\n// Send negotiate message\n$request-\u003esetHeader('Authorization', sprintf('NTLM %s', base64_encode($negotiate_message)));\n$response = $client-\u003esend($request);\n\n// Decode returned challenge message\n$authenticate_headers = $response-\u003egetHeaderAsArray('WWW-Authenticate');\nforeach ($authenticate_headers as $header_string) {\n    $ntlm_matches = preg_match('/NTLM( (.*))?/', $header_string, $ntlm_header);\n\n    if (0 \u003c $ntlm_matches \u0026\u0026 isset($ntlm_header[2])) {\n        $raw_server_challenge = base64_decode($ntlm_header[2]);\n        break;\n    }\n}\n$server_challenge = $challenge_message_decoder-\u003edecode($raw_server_challenge);\n\n$authenticate_message = $authenticate_message_encoder-\u003eencode(\n    $user_name,\n    $target_name,\n    $host_name,\n    new Password($password),\n    $server_challenge\n);\n\n// Send authenticate message\n$request-\u003esetHeader('Authorization', sprintf('NTLM %s', base64_encode($authenticate_message)));\n$client-\u003esend($request);\n```\n\n\n## TODO\n\n- [x] LM hashing\n- [x] NTv1 hashing\n- [x] NTv2 hashing\n- [x] NTLM negotiate message encoding\n- [x] NTLM challenge message decoding\n    - [x] Message structure and data validation\n    - [x] Negotiate flag decoding\n    - [x] Server challenge \"nonce\" handling\n    - [x] TargetName parsing/handling\n    - [x] \\(Optional) TargetInfo parsing/handling\n        - [ ] \\(Optional) AV_PAIR decoding\n    - [ ] \\(Optional) Version parsing/handling (for debugging purposes only)\n- [x] NTLM authenticate message encoding\n    - [x] NTLM v1 response support\n    - [x] NTLM v2 response support\n    - [x] Extended session security (NTLM2 session key) support\n    - [ ] \\(Add-on) Encrypted session key exchange support\n- [ ] Datagram (\"connectionless\") support\n- [ ] Tests\n\n\n## License\n\n**PHP-NTLM** is licensed under the [Apache License, Version 2.0][license-file].\n\n--------------------------------------------------------------------------------\n\nCopyright 2019 Robin Powered, Inc.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n\n\n\n\n[composer-website]: https://getcomposer.org/\n[composer-documentation-autoloading]: https://getcomposer.org/doc/01-basic-usage.md#autoloading\n[license-file]: LICENSE\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frobinpowered%2Fphp-ntlm","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frobinpowered%2Fphp-ntlm","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frobinpowered%2Fphp-ntlm/lists"}