[Samba] Samba 4 LDAP NTLM password nightly injection
Luc Lalonde
luc.lalonde at polymtl.ca
Thu Mar 28 11:33:36 MDT 2013
Hello Andrew,
Would this work:
###############################################################
def HexToByte( hexStr ):
##
## Taken from ActiveState Code recipes:
## http://code.activestate.com/recipes/510399-byte-to-hex-and-hex-to-byte-string-conversion
bytes = []
hexStr = ''.join( hexStr.split(" ") )
for i in range(0, len(hexStr), 2):
bytes.append( chr( int (hexStr[i:i+2], 16 ) ) )
return ''.join( bytes )
# Connect to samba4 backend
s4_passdb = passdb.PDB("samba4")
# Change foo-user password
admin_userdata = s4_passdb.getsampwnam("foo-user")
admin_userdata.nt_passwd = HextoByte("878D8014606CDA29677A44EFA1353FC7")
admin_userdata.lanman_passwd = HextoByte("552902031BEDE9EFAAD3B435B51404EE")
s4_passdb.update_sam_account(admin_userdata)
###############################################################
I'm trying to figure out how to connect to the local Samba4 database... What I have above 's4_passdb = passdb.PDB("samba4")' doesn't work. I tried 'ldb', 'samba_dsdb', and 'samba4' without success.
Any hints please?
Thanks!
----- Original Message -----
From: "Andrew Bartlett" <abartlet at samba.org>
To: "Luc Lalonde" <luc.lalonde at polymtl.ca>
Cc: samba at lists.samba.org
Sent: Wednesday, March 27, 2013 6:18:15 PM GMT -05:00 US/Canada Eastern
Subject: Re: [Samba] Samba 4 LDAP NTLM password nightly injection
On Tue, 2013-03-26 at 11:10 -0400, Luc Lalonde wrote:
> Hello Andrew,
>
> I'm finally diving into this project...
>
> First off, my sysadmin stuff is mostly in Perl. So my Python is rudimentary at best.
>
> Here we go anyway... I've looked at the 'upgrade.py' but I can't seem to figure out how to connect to the Samba4 passwd database.
>
> In the script I see these lines:
>
> #######################################################
> # Connect to samba4 backend
> s4_passdb = passdb.PDB(new_lp_ctx.get("passdb backend"))
> ########################################################
>
> I would appreciate a hint on how to connect to the database please. Where is the 'passdb' object referenced from?
>
> Once that's done, from what I understand, I should be able to change the passwords directly:
>
> #######################################################
> # Change foo-user password
> admin_userdata = s4_passdb.getsampwnam("foo-user")
> admin_userdata.nt_passwd = "878D8014606CDA29677A44EFA1353FC7"
> admin_userdata.lanman_passwd = "552902031BEDE9EFAAD3B435B51404EE"
> s4_passdb.update_sam_account(admin_userdata)
> #######################################################
Sort of. Those values are not base16 strings, but raw bytes, but
otherwise that looks pretty much right at a first glance.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
--
Luc Lalonde, analyste
---------------------------------------------------------------------
Département de génie informatique:
École polytechnique de Montréal
(514) 340-4711 x5049
Luc.Lalonde at polymtl.ca
---------------------------------------------------------------------
More information about the samba
mailing list