[Samba] Encoding problem with the unicodePwd stored into sam.ldb
jean-yves boisiaud
jean-yves.boisiaud at alcor-consulting.fr
Thu Mar 28 20:05:57 UTC 2019
hello,
I use Samba 4.9.5 on Linux Debian 9.
I want to extract users' passwords. A lot of passwords are ok, some are not.
Example with a password returning an error :
# ldbsearch -H /var/lib/samba/private/sam.ldb '(primaryGroupID=513)'
userPrincipalName unicodePwd
....
# record 494
dn: CN=XXX,CN=Users,DC=YYY,DC=ZZZ,DC=fr
unicodePwd:: wXQvJaSkn0gvg1POsY9Icw==
uidNumber: 5110
userPrincipalName: XXX
...
ok. Then, I convert the password from utf-16 to hex :
$ echo 'wXQvJaSkn0gvg1POsY9Icw==' | base64 -d -w 0 | hexdump -e '/1 "%02X"'
C1742F25A4*
9F482F8353CEB18F4873
why there is a * and a new line ? base64 (and hexdump) are silent about
that.
If I run hd instead of hexdump :
00000000 c1 74 2f 25 a4 a4 9f 48 2f 83 53 ce b1 8f 48 73
|.t/%...H/.S...Hs|
the problem is with the second 0xa4 character.
Is the format of the password stored in smb.ldb correct ? If not how could
I correct it ?
thank you for your help.
--
Jean-Yves Boisiaud - Alcor Consulting
49, rue du Chemin Vert
49300 Cholet
mobile : +33 6 63 71 73 46
More information about the samba
mailing list