A robust, fast and efficient first-class Python library for NTLMv1 and NTLMv2 authentication with signing and encryption
A robust, fast and efficient ‘first-class’ Python Library for NTLM authentication, signing and encryption
Authentication should be so easy its taken for granted; but that doesnt make it easy. It’s probably why most libraries implemented only the most basic features, emulating decade old versions like that of Windows 2000 or XP and ignoring session security altogether
ntlmlib gives Python developers the support they deserve. It negotiates the strongest session security and uses this to digitally sign timestamped authentication tokens which help mitigate replay and man-in-the-middle attacks - this has been standard on Windows for many years, but not available in pure Python. Now python NTLM clients can pass the toughest cyber security audits.
Naturally, ntlmlib is also highly configurable, allowing you to easily set balance between compatibility with legacy systems and security depending on you application.
I would not have been able to use Python in production systems without the NTLM session security provided by ntlmlib.
# Setup the NTLM context with your credentials, optionally set LAN Manager Compatibility and required integrity auth = PasswordAuthentication('SERVER2012', 'Administrator', 'Pa55w0rd') ntlm_context = NtlmContext(auth, session_security='none') # Generate the initial negotiate token context = ntlm_context.initialize_security_context() negotiate = context.send(None) # < Now send the negotiate token to the sever and receive the challenge > # Generate the authenticate token from the challenge authenticate = context.send(challenge) #< Now send the authenticate token to the server to complete authentication > ...
Support for LM, NTLM and NTLMv2 authentication
Support for NTLM1 and NTLM2 Extended Session Security with 40bit, 56bit and 128bit key derivation and key exchange
Support for Session Security Signing (Sign and Verify) and Encryption (Sealing and Unsealing)
Support for enhanced security using MICs (Message Integrity Code)
Support for enhanced security using Channel Binding Tokens
Tested against Windows NT4 RTM through to Windows 10
Well organised and commented with supporting unit tests and documentation
Super safe and easy to use API
To install ntlmlib, simply:
$ pip install ntlmlib
Logging is not fully implemented
Test cases are no fully implemented
Check for open issues or open a fresh issue to start a discussion around a feature idea or a bug.
If you feel uncomfortable or uncertain about an issue or your changes, feel free to email me
Fork the repository on GitHub to start making your changes to the master branch (or branch off of it).
Write a test which shows that the bug was fixed or that the feature works as expected.
Send a pull request and bug the maintainer until it gets merged and published.
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.