Win2003 'no passwords' vamprire problem solution
Andrew Bartlett
abartlet at samba.org
Sat Nov 13 06:35:54 GMT 2004
While working on tests for Samba4's smbtorture, I have a constructed an
apparently correct parser for the 'sensitive data' field, located in the
samsync user deltas.
This provides the user's NT and LM passwords, where these were
unavailable since since Win2k3. The (cludge) IDL is in Samba4, and the
RPC-SAMSYNC test. (The encryption of the 'sensitive data' is simply RC4
with the session key, so nothing too special there).
This should allow vampire to become operable for those sites again.
I'm currently working to validate Samba4' IDL for this entire area,
which may lead us to a Samba4 based vampire utility in the near future.
Andrew Bartlett
--
Andrew Bartlett abartlet at samba.org
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20041113/e8e4d760/attachment.bin
More information about the samba-technical
mailing list