NegoEX!
Stefan Metzmacher
metze at samba.org
Fri Dec 18 04:32:49 UTC 2015
Hi Andrew,
> I just wanted to say a big thank-you for taking on the negoex
> challenge. This is something I probably should have worked on years
> ago, so I'm really glad to see a start being made.
> Thanks!
I won't implement a backend for it (at least not in near future),
but I wanted to understand the blob modern Windows servers return
in the SMB negotiate response.
$ bin/ndrdump negoex decode_negoex_MESSAGE in
smb2-negotiate-response-negoex-blob-01.dat
pull returned NT_STATUS_OK
decode_negoex_MESSAGE: struct decode_negoex_MESSAGE
in: struct decode_negoex_MESSAGE
array: struct negoex_MESSAGE_ARRAY
count : 0x00000002 (2)
messages: ARRAY(2)
messages: struct negoex_MESSAGE
signature : 'NEGOEXTS'
type :
NEGOEX_MESSAGE_TYPE_ACCEPTOR_NEGO (1)
sequence_number : 0x00000000 (0)
header_length : 0x00000060 (96)
message_length : 0x00000070 (112)
conversation_id :
7130cb06-2062-6a1b-409e-3514c26b1773
p : union
negoex_PAYLOAD(case 1)
nego: struct negoex_NEGO_PAYLOAD
random :
ba25dd8091fbae2c684b9928f03c3ef3e2cf60a329eea0f9b1104b56c383c732
protocol_version :
0x0000000000000000 (0)
auth_schemes: struct negoex_AUTH_SCHEME_VECTOR
array : *
array: ARRAY(1)
array: struct negoex_AUTH_SCHEME
guid :
0d53335c-f9ea-4d0d-b2ec-4ae3786ec308
count : 0x00000001 (1)
extensions: struct negoex_EXTENSION_VECTOR
array : NULL
count : 0x00000000 (0)
messages: struct negoex_MESSAGE
signature : 'NEGOEXTS'
type :
NEGOEX_MESSAGE_TYPE_ACCEPTOR_META_DATA (3)
sequence_number : 0x00000001 (1)
header_length : 0x00000040 (64)
message_length : 0x00000098 (152)
conversation_id :
7130cb06-2062-6a1b-409e-3514c26b1773
p : union
negoex_PAYLOAD(case 3)
exchange: struct negoex_EXCHANGE_PAYLOAD
auth_scheme: struct negoex_AUTH_SCHEME
guid :
0d53335c-f9ea-4d0d-b2ec-4ae3786ec308
exchange: struct negoex_BYTE_VECTOR
blob : DATA_BLOB
length=88
[0000] 30 56 A0 54 30 52 30 27 80 25 30 23 31 21 30 1F 0V.T0R0' .%0#1!0.
[0010] 06 03 55 04 03 13 18 54 6F 6B 65 6E 20 53 69 67 ..U....T oken Sig
[0020] 6E 69 6E 67 20 50 75 62 6C 69 63 20 4B 65 79 30 ning Pub lic Key0
[0030] 27 80 25 30 23 31 21 30 1F 06 03 55 04 03 13 18 '.%0#1!0 ...U....
[0040] 54 6F 6B 65 6E 20 53 69 67 6E 69 6E 67 20 50 75 Token Si gning Pu
[0050] 62 6C 69 63 20 4B 65 79 blic Key
dump OK
But I haven't seen any capture with a real NegoEx authentication yet.
It doesn't seem that auth_scheme 0d53335c-f9ea-4d0d-b2ec-4ae3786ec308
is documented anywhere. The blob looks like asn1...
Maybe http://ietfreport.isoc.org/idref/draft-zhu-pku2u/ is related but I'm
not sure.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20151218/324a13aa/signature.sig>
More information about the samba-technical
mailing list