From a5ba214479253425dc18521103945c7996f05583 Mon Sep 17 00:00:00 2001 From: Jean-François Micouleau Date: Wed, 12 Dec 2001 15:25:22 +0000 Subject: added a -V[erbose] option to samsync. Decode a lot of information I'm looking at chaining the credentials J.F. (This used to be commit d49c8e4d3d64b48e243d0f517b9e7f037103af13) --- source3/rpcclient/display_sec.c | 2 +- source3/rpcclient/samsync.c | 291 +++++++++++++++++++++++++++++++++++++--- 2 files changed, 275 insertions(+), 18 deletions(-) (limited to 'source3/rpcclient') diff --git a/source3/rpcclient/display_sec.c b/source3/rpcclient/display_sec.c index 009f88e49b..412f918344 100644 --- a/source3/rpcclient/display_sec.c +++ b/source3/rpcclient/display_sec.c @@ -56,7 +56,7 @@ char *get_sec_mask_str(uint32 type) if (type & DELETE_ACCESS) fstrcat(typestr, "DELETE_ACCESS "); - printf("Specific bits: 0x%x\n", type&SPECIFIC_RIGHTS_MASK); + printf("\t\tSpecific bits: 0x%x\n", type&SPECIFIC_RIGHTS_MASK); return typestr; } diff --git a/source3/rpcclient/samsync.c b/source3/rpcclient/samsync.c index be9ea2fe5e..1379485f1d 100644 --- a/source3/rpcclient/samsync.c +++ b/source3/rpcclient/samsync.c @@ -22,15 +22,246 @@ #include "includes.h" +static void decode_domain_info(SAM_DOMAIN_INFO *a) +{ + fstring temp; + printf("Domain Information\n"); + printf("------------------\n"); + + unistr2_to_ascii(temp, &a->uni_dom_name, sizeof(temp)-1); + printf("\tDomain :%s\n", temp); + printf("\tMin password len :%d\n", a->min_pwd_len); + printf("\tpassword history len:%d\n", a->pwd_history_len); + printf("\tcreation time :%s\n", http_timestring(nt_time_to_unix(&a->creation_time))); +} + +static void decode_sam_group_info(SAM_GROUP_INFO *a) +{ + fstring temp; + printf("\nDomain Group Information\n"); + printf("------------------------\n"); + + unistr2_to_ascii(temp, &a->uni_grp_name, sizeof(temp)-1); + printf("\tGroup name :%s\n", temp); + unistr2_to_ascii(temp, &a->uni_grp_desc, sizeof(temp)-1); + printf("\tGroup description :%s\n", temp); + printf("\trid :%d\n", a->gid.g_rid); + printf("\tattribute :%d\n", a->gid.attr); +} + +static void decode_sam_account_info(SAM_ACCOUNT_INFO *a) +{ + fstring temp; + printf("\nUser Information\n"); + printf("----------------\n"); + + unistr2_to_ascii(temp, &a->uni_acct_name, sizeof(temp)-1); + printf("\tUser name :%s\n", temp); + printf("\tuser's rid :%d\n", a->user_rid); + printf("\tuser's primary gid :%d\n", a->group_rid); + unistr2_to_ascii(temp, &a->uni_full_name, sizeof(temp)-1); + printf("\tfull name :%s\n", temp); + unistr2_to_ascii(temp, &a->uni_home_dir, sizeof(temp)-1); + printf("\thome directory :%s\n", temp); + unistr2_to_ascii(temp, &a->uni_dir_drive, sizeof(temp)-1); + printf("\tdrive :%s\n", temp); + unistr2_to_ascii(temp, &a->uni_logon_script, sizeof(temp)-1); + printf("\tlogon script :%s\n", temp); + unistr2_to_ascii(temp, &a->uni_acct_desc, sizeof(temp)-1); + printf("\tdescription :%s\n", temp); + unistr2_to_ascii(temp, &a->uni_workstations, sizeof(temp)-1); + printf("\tworkstations :%s\n", temp); +} + +static void decode_sam_grp_mem_info(SAM_GROUP_MEM_INFO *a) +{ + int i; + printf("\nGroup members information\n"); + printf("-------------------------\n"); + printf("\tnum members :%d\n", a->num_members); + + for (i=0; inum_members; i++) { + printf("\trid, attr:%d, %d\n", a->rids[i], a->attribs[i]); + } +} + +static void decode_sam_alias_info(SAM_ALIAS_INFO *a) +{ + fstring temp; + printf("\nAlias Information\n"); + printf("-----------------\n"); + + unistr2_to_ascii(temp, &a->uni_als_name, sizeof(temp)-1); + printf("\tname :%s\n", temp); + unistr2_to_ascii(temp, &a->uni_als_desc, sizeof(temp)-1); + printf("\tdescription :%s\n", temp); + printf("\trid :%d\n", a->als_rid); +} + +static void decode_sam_als_mem_info(SAM_ALIAS_MEM_INFO *a) +{ + int i; + fstring temp; + printf("\nAlias members Information\n"); + printf("-------------------------\n"); + printf("\tnum members :%d\n", a->num_members); + printf("\tnum sids :%d\n", a->num_sids); + for (i=0; inum_sids; i++) { + printf("\tsid :%s\n", sid_to_string(temp, &a->sids[i].sid)); + } + + +} + +static void decode_sam_dom_info(SAM_DELTA_DOM *a) +{ + fstring temp; + printf("\nDomain information\n"); + printf("------------------\n"); + + unistr2_to_ascii(temp, &a->domain_name, sizeof(temp)-1); + printf("\tdomain name :%s\n", temp); + printf("\tsid :%s\n", sid_to_string(temp, &a->domain_sid.sid)); +} + +static void decode_sam_unk0e_info(SAM_DELTA_UNK0E *a) +{ + fstring temp; + printf("\nTrust information\n"); + printf("-----------------\n"); + + unistr2_to_ascii(temp, &a->domain, sizeof(temp)-1); + printf("\tdomain name :%s\n", temp); + printf("\tsid :%s\n", sid_to_string(temp, &a->sid.sid)); + display_sec_desc(a->sec_desc); +} + +static void decode_sam_privs_info(SAM_DELTA_PRIVS *a) +{ + int i; + fstring temp; + printf("\nSID and privileges information\n"); + printf("------------------------------\n"); + printf("\tsid :%s\n", sid_to_string(temp, &a->sid.sid)); + display_sec_desc(a->sec_desc); + printf("\tprivileges count :%d\n", a->privlist_count); + for (i=0; iprivlist_count; i++) { + unistr2_to_ascii(temp, &a->uni_privslist[i], sizeof(temp)-1); + printf("\tprivilege name :%s\n", temp); + printf("\tattribute :%d\n", a->attributes[i]); + } +} + +static void decode_sam_unk12_info(SAM_DELTA_UNK12 *a) +{ + fstring temp; + printf("\nTrusted information\n"); + printf("-------------------\n"); + + unistr2_to_ascii(temp, &a->secret, sizeof(temp)-1); + printf("\tsecret name :%s\n", temp); + display_sec_desc(a->sec_desc); + + printf("\ttime 1 :%s\n", http_timestring(nt_time_to_unix(&a->time1))); + printf("\ttime 2 :%s\n", http_timestring(nt_time_to_unix(&a->time2))); + + display_sec_desc(a->sec_desc2); +} + +static void decode_sam_stamp(SAM_DELTA_STAMP *a) +{ + printf("\nStamp information\n"); + printf("-----------------\n"); + printf("\tsequence number :%d\n", a->seqnum); +} + +static void decode_sam_deltas(uint32 num_deltas, SAM_DELTA_HDR *hdr_deltas, SAM_DELTA_CTR *deltas) +{ + int i; + for (i = 0; i < num_deltas; i++) { + switch (hdr_deltas[i].type) { + case SAM_DELTA_DOMAIN_INFO: { + SAM_DOMAIN_INFO *a; + a = &deltas[i].domain_info; + decode_domain_info(a); + break; + } + case SAM_DELTA_GROUP_INFO: { + SAM_GROUP_INFO *a; + a = &deltas[i].group_info; + decode_sam_group_info(a); + break; + } + case SAM_DELTA_ACCOUNT_INFO: { + SAM_ACCOUNT_INFO *a; + a = &deltas[i].account_info; + decode_sam_account_info(a); + break; + } + case SAM_DELTA_GROUP_MEM: { + SAM_GROUP_MEM_INFO *a; + a = &deltas[i].grp_mem_info; + decode_sam_grp_mem_info(a); + break; + } + case SAM_DELTA_ALIAS_INFO: { + SAM_ALIAS_INFO *a; + a = &deltas[i].alias_info; + decode_sam_alias_info(a); + break; + } + case SAM_DELTA_ALIAS_MEM: { + SAM_ALIAS_MEM_INFO *a; + a = &deltas[i].als_mem_info; + decode_sam_als_mem_info(a); + break; + } + case SAM_DELTA_DOM_INFO: { + SAM_DELTA_DOM *a; + a = &deltas[i].dom_info; + decode_sam_dom_info(a); + break; + } + case SAM_DELTA_UNK0E_INFO: { + SAM_DELTA_UNK0E *a; + a = &deltas[i].unk0e_info; + decode_sam_unk0e_info(a); + break; + } + case SAM_DELTA_PRIVS_INFO: { + SAM_DELTA_PRIVS *a; + a = &deltas[i].privs_info; + decode_sam_privs_info(a); + break; + } + case SAM_DELTA_UNK12_INFO: { + SAM_DELTA_UNK12 *a; + a = &deltas[i].unk12_info; + decode_sam_unk12_info(a); + break; + } + case SAM_DELTA_SAM_STAMP: { + SAM_DELTA_STAMP *a; + a = &deltas[i].stamp; + decode_sam_stamp(a); + break; + } + default: + DEBUG(0,("unknown delta type: %d\n", hdr_deltas[i].type)); + break; + } + } +} + /* Synchronise sam database */ static NTSTATUS sam_sync(struct cli_state *cli, unsigned char trust_passwd[16], - BOOL do_smbpasswd_output) + BOOL do_smbpasswd_output, BOOL verbose) { TALLOC_CTX *mem_ctx; - SAM_DELTA_HDR *hdr_deltas; - SAM_DELTA_CTR *deltas; - uint32 database_id = 0, num_deltas; + SAM_DELTA_HDR *hdr_deltas_0, *hdr_deltas_1, *hdr_deltas_2; + SAM_DELTA_CTR *deltas_0, *deltas_1, *deltas_2; + uint32 num_deltas_0, num_deltas_1, num_deltas_2; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; /* Initialise */ @@ -52,31 +283,53 @@ static NTSTATUS sam_sync(struct cli_state *cli, unsigned char trust_passwd[16], goto done; } - /* Do sam synchronisation */ + /* Do sam synchronisation on the SAM database*/ - result = cli_netlogon_sam_sync(cli, mem_ctx, database_id, - &num_deltas, &hdr_deltas, &deltas); + result = cli_netlogon_sam_sync(cli, mem_ctx, 0, &num_deltas_0, &hdr_deltas_0, &deltas_0); - if (!NT_STATUS_IS_OK(result)) { + if (!NT_STATUS_IS_OK(result)) goto done; - } + + /* verbose mode */ + if (verbose) + decode_sam_deltas(num_deltas_0, hdr_deltas_0, deltas_0); + + + /* + * we can't yet do several sam_sync in a raw, it's a credential problem + * we must chain the credentials + */ + + +#if 0 + /* Do sam synchronisation on the LSA database */ + + result = cli_netlogon_sam_sync(cli, mem_ctx, 2, &num_deltas_2, &hdr_deltas_2, &deltas_2); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + /* verbose mode */ + if (verbose) + decode_sam_deltas(num_deltas_2, hdr_deltas_2, deltas_2); +#endif /* Produce smbpasswd output - good for migrating from NT! */ if (do_smbpasswd_output) { int i; - for (i = 0; i < num_deltas; i++) { + for (i = 0; i < num_deltas_0; i++) { SAM_ACCOUNT_INFO *a; fstring acct_name, hex_nt_passwd, hex_lm_passwd; uchar lm_passwd[16], nt_passwd[16]; /* Skip non-user accounts */ - if (hdr_deltas[i].type != SAM_DELTA_ACCOUNT_INFO) + if (hdr_deltas_0[i].type != SAM_DELTA_ACCOUNT_INFO) continue; - a = &deltas[i].account_info; + a = &deltas_0[i].account_info; unistr2_to_ascii(acct_name, &a->uni_acct_name, sizeof(acct_name) - 1); @@ -99,8 +352,7 @@ static NTSTATUS sam_sync(struct cli_state *cli, unsigned char trust_passwd[16], printf("%s:%d:%s:%s:%s:LCT-0\n", acct_name, a->user_rid, hex_lm_passwd, hex_nt_passwd, - smbpasswd_encode_acb_info( - deltas[i].account_info.acb_info)); + smbpasswd_encode_acb_info(a->acb_info)); } goto done; @@ -138,6 +390,7 @@ static void usage(void) printf("\t-R replicate sam deltas\n"); printf("\t-U username username and password\n"); printf("\t-p produce smbpasswd output\n"); + printf("\t-V verbose output\n"); printf("\n"); } @@ -227,6 +480,7 @@ static struct cli_state *init_connection(struct cli_state *cli, int opt; extern pstring debugf; BOOL interactive = False, do_smbpasswd_output = False; + BOOL verbose = False; uint32 low_serial = 0; unsigned char trust_passwd[16]; fstring username, domain, password; @@ -242,7 +496,7 @@ static struct cli_state *init_connection(struct cli_state *cli, /* Parse command line options */ - while((opt = getopt(argc, argv, "s:d:SR:hiU:W:p")) != EOF) { + while((opt = getopt(argc, argv, "s:d:SR:hiU:W:pV")) != EOF) { switch (opt) { case 's': pstrcpy(dyn_CONFIGFILE, optarg); @@ -278,7 +532,10 @@ static struct cli_state *init_connection(struct cli_state *cli, case 'p': do_smbpasswd_output = True; break; - case 'h': + case 'V': + verbose = True; + break; + case 'h': default: usage(); exit(1); @@ -345,7 +602,7 @@ static struct cli_state *init_connection(struct cli_state *cli, return 1; if (do_sam_sync) - result = sam_sync(&cli, trust_passwd, do_smbpasswd_output); + result = sam_sync(&cli, trust_passwd, do_smbpasswd_output, verbose); if (do_sam_repl) result = sam_repl(&cli, trust_passwd, low_serial); -- cgit