[Samba] user password hash

L.P.H. van Belle belle at bazuin.nl
Thu Oct 10 12:51:32 UTC 2019


Rowland, 

Can you test this: 

echo -n $(ldbsearch -H /var/lib/samba/private/sam.ldb -b 'dc=CHANGE_BASE' -s sub '(&(objectclass=user)(samaccountname=CHANGE_USERNAME))' unicodePwd |grep unicode |awk '{ print $NF }') | base64 -d -w 0 | iconv -t UTF-8 -f UTF-16LE

The results are chinees characters.
But if i put it in the example you showed, it shows the correct things. 

Greetz, 

Louis




> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> L.P.H. van Belle via samba
> Verzonden: donderdag 10 oktober 2019 14:45
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] user password hash
> 
> 
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> > Rowland penny via samba
> > Verzonden: donderdag 10 oktober 2019 14:42
> > Aan: samba at lists.samba.org
> > Onderwerp: Re: [Samba] user password hash
> > 
> > On 10/10/2019 12:55, mj via samba wrote:
> > > Hi Rowland, all,
> > >
> > > On 10/9/19 9:11 AM, Rowland penny via samba wrote:
> > >> You could run something like this on a Samba AD DC:
> > >>
> > >> ldbsearch -H /var/lib/samba/private/sam.ldb -b 
> > >> 'dc=samdom,dc=example,dc=com' -s sub 
> > >> '(&(objectclass=user)(samaccountname=rowland))' unicodePwd
> > >>
> > >> This will get you a users password, you just need to run 
> > it through 
> > >> the reverse of what I posted earlier to see the actual 
> > users password.
> > >
> > > Out of curiosity I tried that, and wrote the following 
> little bash 
> > > script:
> > >
> > >> PASSWORD="zKY\.Jp4jdiJ\_"
> > >> UNICODEPW_GENERATED="$(echo -n "$PASSWORD" | iconv -f UTF-8 -t 
> > >> UTF-16LE | base64 -w 0)"
> > 
> > I posted:
> > 
> > UNICODEPW=$(echo -n "\"$PASSWORD\"" | iconv -f UTF-8 -t UTF-16LE | 
> > base64 -w 0)
> > 
> > Believe it or not, the two escaped double quotes are a must, 
> > they become 
> > part of the password, AD expects them.
> 
> ... That i did not know also.. 
> 
> 
> > 
> > Rowland
> > 
> > 
> > 
> > -- 
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> > 
> > 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
> 




More information about the samba mailing list