Age | Commit message (Collapse) | Author | Files | Lines |
|
trusted domains may cause rpcclient to fail).
(This used to be commit 12e2b973216c0798a939f68220b0e6a60acd5c01)
|
|
(This used to be commit f0946d1ccafeb5f541935b41f2d54bcbc06797ed)
|
|
(This used to be commit 50dc709fa95e86ebe2b3132176241cb3a2cc4e36)
|
|
up.
added a complicated prompt which i don't like, but it tells you
domain\user@hostname$
(This used to be commit 338d08f69b0eeefa0f3f2c0217ef17ea3e815e1f)
|
|
same as net use but with -d and -f) command options
(This used to be commit 586db87ea31ebb1b090527f61a4989461f626b1a)
|
|
they should all be replaced with cli_establish_connection().
created cli_use_wait_keyboard() which waits on multiple cli_states
and swallows session keepalives.
(This used to be commit fcc39b3f4f2f8d04d3fab09db048b4f3dc1e97d5)
|
|
(This used to be commit fbfb350bdf17e84b512b745527886d942904b67d)
|
|
in private .mac file (oops). ntlogin test now works.
(This used to be commit c98c66690683965612e9631d77c2dff91ec8a872)
|
|
(This used to be commit cef258f1c931ecb7c2dda9d5c9977153e4c1dc73)
|
|
and then set a default random password.
(This used to be commit 7846818432a93295651c8c67445a2d6a0f3b21d8)
|
|
from previous lsaquery command. over-ridden from DOMAIN\username
2) initialisation of cli_state is a little more specific: sets use_ntlmv2
to Auto. this can always be over-ridden.
3) fixed reusage of ntlmssp_cli_flgs which was being a pain
4) added pwd_compare() function then fixed bug in cli_use where NULL
domain name was making connections multiply unfruitfully
5) type-casting of mallocs and Reallocs that cause ansi-c compilers to bitch
(This used to be commit 301a6efaf67ddc96e6dcfd21b45a82863ff8f39a)
|
|
(This used to be commit e4d92ff9dfc51735e6932748f66a7c20b2c1cb6a)
|
|
(This used to be commit 5b5719d6a08130db1062bfa24123cedcdc692bff)
|
|
parameters to connect to \PIPE\NETLOGON.
(This used to be commit d1986ade30bdcac1f49707221a3e5a5ae597ce62)
|
|
the remote machine, because i don't know what to _do_ with it!!!!
argh!!!
(This used to be commit 85cc680736f17e3f879895be5dac8f1427653919)
|
|
(This used to be commit 44dd3efa6380544e9a515e91960f9271498cefaf)
|
|
(This used to be commit 8b92be25bd7d630a18c36bcd5d983386d6cd1d53)
|
|
(This used to be commit 7a696330586b9ad5157b0c1ab249cc66e9accef7)
|
|
initialised dest_wks _after_ using it in at_soon() :-) so i fixed this :)
(This used to be commit 0aaf0c9c80b4a506955065e822a356b1c43a5ac5)
|
|
(This used to be commit 601d217f44ea1ce3735b9267b6f829b472a982b4)
|
|
(This used to be commit 4c3556fae73c60693355f95f48ac63834ba4dd10)
|
|
(This used to be commit e4e5743a407b60c3695410eaf3df4ca3de4a870e)
|
|
modified resolve_srv_name() to return dest host of *SMBSERVER if
server name is \\ip.add.ress.format
(This used to be commit 3204829225792974c8b20efb6ba6e24661a4f658)
|
|
again.
(This used to be commit 6b67d6164dbfda3ba690d86597ae560b7e5c7584)
|
|
is pretty much independent of SMB client states, which will make it
easier to add other transports.
(This used to be commit a1ff7e8fc3129ba4a04722f977bc2d3725d13624)
|
|
(This used to be commit 2dad9d912dbc6c4a14af63715821a51c279584c6)
|
|
except with only one user. done by sharing same code.
(This used to be commit 4e029d50fcb9148f2d65c6be2703b1003e68cec7)
|
|
the rpcclient "rpcclient" command allows user options to be reset
(e.g the username / password) _without_ terminating rpcclient.
try this:
rpcclient -S srv1 -U% -l log
srv1$ rpcclient -S srv2
srv2$
:-)
(This used to be commit c049865782d87ca09744ecdefb387b7852ec2ae7)
|
|
found out that getopt() _must_ have optind set to 0 before reuse.
still haven't decided what to do with the net* api yet...
(This used to be commit 29c480085e786905bfd92ea3cd93658f94e96e47)
|
|
if microsoft bothered to publish it. actually, there are good reasons
for not publishing it: people might write programs for it, and then
those programs wouldn't work on nt5, for example...
(This used to be commit 8ce93b80d3b4e1c1e28aa1dde38cdef184eff3c1)
|
|
function, which takes \\server_name.
tested a _few_ functions. found that regcreatekey receives a Fault PDU.
(This used to be commit 45e92258e7df84c21d23c0be7e1d85457ccac551)
|
|
do so twice. possible memory corruption, revolving around getopt().
(This used to be commit 7cacf8bd026f1ee274f1d352c68cf79cf4f3b499)
|
|
verified that lsaquery, lsalookupsids work, and found some bugs in the
parameters of these commands :-)
soo... we now have an lsa_* api that has the same arguments as the nt
Lsa* api! cool!
the only significant coding difference is the introduction of a
user_credentials structure, containing user, domain, pass and ntlmssp
flags.
(This used to be commit 57bff6fe82d777e599d535f076efb2328ba1188b)
|
|
msrpc client code. the intent is to hide / abstract / associate
connection info behind policy handles.
this makes the msrpc functions look more and more like their nt equivalents.
who-hou!
(This used to be commit c01b18e632aede6fce7264ef6971d7ddba945cfb)
|
|
attempted to fix regsetsec command
(This used to be commit eaac0923e0e5e3f4c3d944272a71f3235ac2a741)
|
|
(This used to be commit 447143be81acbbcc148211183a512d4cab347ac7)
|
|
command fails.
(This used to be commit 9193f0eff56399e9bc09787dbe785b603886eaa3)
|
|
(This used to be commit cbbfef6d2a5335a6daa4fe09ea2d73197417894f)
|
|
(This used to be commit d5869df3716fec21d3a4237dbf5d2417d3350e11)
|
|
(This used to be commit e88e7d529b5bdf32ac3bc71fa8e18f6f2a98c695)
|
|
from rpcclient/cmd_*.c.
(This used to be commit ca803c17fa51ace5f2b99b09f5c59893f43ba70d)
|
|
(This used to be commit 3e76ca9b172e1a6886e714d6a36453f30ff3e771)
|
|
(This used to be commit b0f8ef6168d04d55d53fc2d02df5f54176e4f893)
|
|
(This used to be commit c1ba1bfd68fa96937decad8f1d7421daad6e30fe)
|
|
(This used to be commit de360d1e908b4e2e77cd028b19f3ccd07903a4dd)
|
|
means that some commands need more work, as they still use next_token(),
the use of which i wish to avoid.
plus, i was getting fed up of the poor command-line processing in some
of these commands. i'm starting to need getopt() in them, especially
in samsetuser.
WARNING: only cmd_samr has been modded to use getopt() so far! reg
commands won't work, esp.
(This used to be commit 9a1efa03c8bb86c9b7e73f102a9d48fb6a57a523)
|
|
have we got. and what data do we have. hmm.. i wonder what the NTLMv2
user session key can be... hmmm... weell.... there's some hidden data
here, generated from the user password that doesn't go over-the-wire,
so that's _got_ to be involved. and... that bit of data took a lot of
computation to produce, so it's probably _also_ involved... and md4 no, md5?
no, how about hmac_md5 yes let's try that one (the other's didn't work)
oh goodie, it worked!
i love it when this sort of thing happens. took all of fifteen minutes to
guess it. tried concatenating client and server challenges. tried
concatenating _random_ bits of client and server challenges. tried
md5 of the above. tried hmac_md5 of the above. eventually, it boils down
to this:
kr = MD4(NT#,username,domainname)
hmacntchal=hmac_md5(kr, nt server challenge)
sess_key = hmac_md5(kr, hmacntchal);
(This used to be commit ab174759cd210fe1be888d0c589a5b2669f7ff1e)
|
|
(This used to be commit e885027eb705ab13c2800b8995661accad841643)
|
|
(This used to be commit 3ec269b402ba6898d905ea1029c427e1b645faf4)
|
|
believe the XXXX that MIGHT be involved in getting nt5rc2 to join
a samba domain...
(This used to be commit 569babb3935950c1b64396955541abf276cc1d92)
|