FWD: Some compilation warnings
Gerald Carter
gcarter at valinux.com
Wed Jun 20 15:28:03 GMT 2001
On Wed, 20 Jun 2001, Luke Kenneth Casson Leighton wrote:
> hiya jerry, good to hear from you.
:-) You doing ok?
> unrecognised opcodes are already fault-pdu'd, that's how
> ms managed to upgrade to LsaOpenPolicy3 and still
> maintain backwards-compatibility.
But it was not an unrecognized opcode. It was a known command
with an unknown info level :)
> this is likely to be related not to the info level but to
> a newly-negotiated security 'blob' on the samr_get_user_info().
Could be. But an NT 4 PDC doesn't support the
EXTENDED_CAP_SECURITY_BITS.
> anyway, if the sam_user_get_info() or sam_user_set_info()
> contains 'incorrect' info for the encryption / decryption
> of the user passwords, then you are expected to return
> a 'fault' pdu.
>
> seems perfectly reasonable to me.
I just don't see the logic for an invalid info level though.
Anyways...
> i presume that MS use this to detect 'ah ha! this server
> doesn't support my new spiffy-diffy more secure user-password
> encryption, i'll revert to the old insecure method that
> we know and love and allows an attacker to decode all
> my passwords as if they were clear-text in the first place'.
>
> so, basically, try decoding the user-password. if it comes
> out as garbage, or the length is not 516 bytes in 0x17 and
> 0x18 info levels, and not exactly... urrr... 16 bytes
> [each, for LM and NT] in 0x12 info level, then return a
> Fault PDU.
Again...these are valid points. Need to look at it again
once I get a chance.
cheers, jerry
----------------------------------------------------------------------
/\ Gerald (Jerry) Carter Professional Services
\/ http://www.valinux.com/ VA Linux Systems gcarter at valinux.com
http://www.samba.org/ SAMBA Team jerry at samba.org
http://www.plainjoe.org/ jerry at plainjoe.org
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )
More information about the samba-technical
mailing list