Samba4: Bug in ntlm_auth's ntlmssp-client-1 mode
Kai Blin
k.blin at gmx.net
Tue Aug 23 18:16:59 GMT 2005
* Kai Blin <k.blin at gmx.net> [23/08/05, 19:16:39]:
> Hi folks,
>
> I just stumbled over an error in samba 4's ntlm_auth.
>
> It roughly looks like this:
>
> When running it with ntlm_auth --helper-protocol=ntlmssp-client-1
> --password=testpass --domain=NOWHERE --username=$USER
>
> If lenght of $USER % 3 is 0, ntlm_auth v4 returns the same lenght of
> base64 blob as v3. This seems to be correct.
>
> If lenght of $USER % 3 is 1, the response is one character short,
> resulting in an invalid base64 blob.
>
> If lenght of $USER % 3 is 2, the response is one character too long,
> also resulting in an invalid base64 blob.
>
> This behaviour seems to change in offset if the lenght of the domain
> name changes.
Yes, it looks like if $DOMAIN + $USER % 3 == 1 the length of the base64
blob is ok.
Hope this helps locating the bug.
Cheers,
Kai
--
Kai Blin, private email
The last vestiges of the old Republic have been swept away.
-- Governor Tarkin
More information about the samba-technical
mailing list