Win2003 'no passwords' vamprire problem solution

[Andrew Bartlett]

While working on tests for Samba4's smbtorture, I have a constructed an
apparently correct parser for the 'sensitive data' field, located in the
samsync user deltas.

This provides the user's NT and LM passwords, where these were
unavailable since since Win2k3.  The (cludge) IDL is in Samba4, and the
RPC-SAMSYNC test.  (The encryption of the 'sensitive data' is simply RC4
with the session key, so nothing too special there).

This should allow vampire to become operable for those sites again.

I'm currently working to validate Samba4' IDL for this entire area,
which may lead us to a Samba4 based vampire utility in the near future.

Andrew Bartlett
-- 
Andrew Bartlett                                 abartlet at samba.org
Authentication Developer, Samba Team            http://samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20041113/e8e4d760/attachment.bin