rpc vampire working against win2ksp3

Tim Potter tpot at samba.org
Wed May 28 23:07:42 GMT 2003

On Wed, May 28, 2003 at 09:50:53AM -0700, Richard Sharpe wrote:

> > I've just tested rpc vampire from CVS against win2ksp3 and it seems to
> > return the NT/LM password information correctly.  Would anyone else like
> > to confirm this?
> Ohhh, what did you fix?

Not a lot.  There was a hardcoded length in unmarshalling user deltas.
I'm not sure where the meme about sign&seal or a different secure
channel version for w2ksp3 came from.  It doesn't seem to be the case.

Working file: rpc_parse/parse_net.c
date: 2003/05/26 06:59:38;  author: tpot;  state: Exp;  lines: +3 -3

This fixes net rpc vampire when talking to win2k (<sp3).  win2k sends
back a different sized blob of encrypted password data then we were
expecting.  There's an extra 32 bytes of unknown stuff.

More information about the samba-technical mailing list