summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/rpc_samr.h4
-rw-r--r--source3/libsmb/smbencrypt.c46
-rw-r--r--source3/rpc_server/srv_samr.c2
-rw-r--r--source3/utils/smbpasswd.c25
4 files changed, 41 insertions, 36 deletions
diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h
index bcce64b6be..2e569396b9 100644
--- a/source3/include/rpc_samr.h
+++ b/source3/include/rpc_samr.h
@@ -334,13 +334,13 @@ typedef struct sam_unkown_info_2_info
pointer is referring to
*/
- uint32 unknown_4; /* 0x0000 0099 */
+ uint32 unknown_4; /* 0x0000 0099, 0x0000 0045 */
uint32 unknown_5; /* 0x0000 0000 */
uint32 unknown_6 ; /* 0x0000 0001 */
uint32 unknown_7 ; /* 0x0000 0003 */
uint32 unknown_8 ; /* 0x0000 0001 */
- uint32 unknown_9 ; /* 0x0000 0008 */
+ uint32 unknown_9 ; /* 0x0000 0008, 0x0000 0006 */
uint32 unknown_10; /* 0x0000 0003 */
uint8 padding[16]; /* 16 bytes zeros */
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index 89c6eba810..bf9736d724 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -32,15 +32,23 @@ extern int DEBUGLEVEL;
encrypted password into p24 */
void SMBencrypt(uchar *passwd, uchar *c8, uchar *p24)
{
- uchar p14[15], p21[21];
+ uchar p14[15], p21[21];
- memset(p21,'\0',21);
- memset(p14,'\0',14);
- StrnCpy((char *)p14,(char *)passwd,14);
+ memset(p21,'\0',21);
+ memset(p14,'\0',14);
+ StrnCpy((char *)p14,(char *)passwd,14);
+
+ strupper((char *)p14);
+ E_P16(p14, p21);
+
+ SMBOWFencrypt(p21, c8, p24);
- strupper((char *)p14);
- E_P16(p14, p21);
- E_P24(p21, c8, p24);
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("SMBencrypt: lm#, challenge, response\n"));
+ dump_data(100, p21, 16);
+ dump_data(100, c8, 8);
+ dump_data(100, p24, 24);
+#endif
}
/* Routines for Windows NT MD4 Hash functions. */
@@ -102,13 +110,19 @@ void nt_lm_owf_gen(char *pwd, uchar nt_p16[16], uchar p16[16])
{
char passwd[130];
- memset(passwd,'\0',130);
- safe_strcpy( passwd, pwd, sizeof(passwd)-1);
+ memset(passwd,'\0',130);
+ safe_strcpy( passwd, pwd, sizeof(passwd)-1);
/* Calculate the MD4 hash (NT compatible) of the password */
memset(nt_p16, '\0', 16);
E_md4hash((uchar *)passwd, nt_p16);
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("nt_lm_owf_gen: pwd, nt#\n"));
+ dump_data(120, passwd, strlen(passwd));
+ dump_data(100, nt_p16, 16);
+#endif
+
/* Mangle the passwords into Lanman format */
passwd[14] = '\0';
strupper(passwd);
@@ -118,6 +132,11 @@ void nt_lm_owf_gen(char *pwd, uchar nt_p16[16], uchar p16[16])
memset(p16, '\0', 16);
E_P16((uchar *) passwd, (uchar *)p16);
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("nt_lm_owf_gen: pwd, lm#\n"));
+ dump_data(120, passwd, strlen(passwd));
+ dump_data(100, p16, 16);
+#endif
/* clear out local copy of user's password (just being paranoid). */
bzero(passwd, sizeof(passwd));
}
@@ -143,7 +162,14 @@ void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24)
memset(p21,'\0',21);
E_md4hash(passwd, p21);
- E_P24(p21, c8, p24);
+ SMBOWFencrypt(p21, c8, p24);
+
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("SMBNTencrypt: nt#, challenge, response\n"));
+ dump_data(100, p21, 16);
+ dump_data(100, c8, 8);
+ dump_data(100, p24, 24);
+#endif
}
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c
index 2516637599..22827f9f5c 100644
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@@ -1298,7 +1298,7 @@ static struct api_struct api_samr_cmds [] =
{ "SAMR_OPEN_ALIAS" , SAMR_OPEN_ALIAS , api_samr_open_alias },
{ "SAMR_OPEN_DOMAIN" , SAMR_OPEN_DOMAIN , api_samr_open_domain },
{ "SAMR_UNKNOWN_3" , SAMR_UNKNOWN_3 , api_samr_unknown_3 },
- { NULL , 0 , NULL }
+ { NULL , 0 , NULL }
};
/*******************************************************************
diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
index e5e5424a2b..5ea0854230 100644
--- a/source3/utils/smbpasswd.c
+++ b/source3/utils/smbpasswd.c
@@ -114,27 +114,6 @@ unable to join domain.\n", prog_name);
}
/*************************************************************
- Utility function to create password hashes.
-*************************************************************/
-
-static void create_new_hashes( char *new_passwd, uchar *new_p16, uchar *new_nt_p16)
-{
- memset(new_nt_p16, '\0', 16);
- E_md4hash((uchar *) new_passwd, new_nt_p16);
-
- /* Mangle the password into Lanman format */
- new_passwd[14] = '\0';
- strupper(new_passwd);
-
- /*
- * Calculate the SMB (lanman) hash functions of the new password.
- */
-
- memset(new_p16, '\0', 16);
- E_P16((uchar *) new_passwd, new_p16);
-}
-
-/*************************************************************
Utility function to prompt for new password.
*************************************************************/
@@ -555,7 +534,7 @@ int main(int argc, char **argv)
/* Calculate the MD4 hash (NT compatible) of the new password. */
- create_new_hashes( new_passwd, new_p16, new_nt_p16);
+ nt_lm_owf_gen( new_passwd, new_nt_p16, new_p16);
/*
* Open the smbpaswd file.
@@ -634,7 +613,7 @@ int main(int argc, char **argv)
else if (enable_user) {
if(smb_pwent->smb_passwd == NULL) {
prompt_for_new_password(new_passwd);
- create_new_hashes( new_passwd, new_p16, new_nt_p16);
+ nt_lm_owf_gen( new_passwd, new_nt_p16, new_p16);
smb_pwent->smb_passwd = new_p16;
smb_pwent->smb_nt_passwd = new_nt_p16;
}