sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-14 01:57:53 +03:00
Code

querysecret now shows the real, fairdinkum, decrypted secret :-)

Browse Source
This commit is contained in:
Matthew Chapman -
parent f09388fa6f
commit 5951e16a11
2 changed files with 14 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
source/rpc_client/cli_lsarpc.c
View File

@ -158,8 +158,8 @@ BOOL lsa_open_secret(struct cli_state *cli, uint16 fnum,
do a LSA Query Secret
****************************************************************************/
BOOL lsa_query_secret(struct cli_state *cli, uint16 fnum,
POLICY_HND *pol, unsigned char secret[24],
NTTIME *lastupdate)
POLICY_HND *pol, STRING2 *enc_secret,
NTTIME *last_update)
{
prs_struct rbuf;
prs_struct buf;
@ -200,8 +200,8 @@ BOOL lsa_query_secret(struct cli_state *cli, uint16 fnum,
(r_q.info.value.ptr_secret != 0) &&
(r_q.info.ptr_update != 0))
{
memcpy(secret, r_q.info.value.secret.buffer, 24);
memcpy(lastupdate, &(r_q.info.last_update), sizeof(NTTIME));
memcpy(enc_secret, &(r_q.info.value.enc_secret), sizeof(STRING2));
memcpy(last_update, &(r_q.info.last_update), sizeof(NTTIME));
valid_info = True;
}
}

18
source/rpcclient/cmd_lsarpc.c
View File

@ -318,11 +318,13 @@ void cmd_lsa_query_secret(struct client_info *info)
fstring srv_name;
BOOL res = True;
BOOL res1;
BOOL res2;
int i;
POLICY_HND hnd_secret;
fstring secret_name;
unsigned char enc_secret[24];
STRING2 enc_secret;
STRING2 secret;
NTTIME last_update;
if (!next_token(NULL, secret_name, NULL, sizeof(secret_name)))
@ -350,8 +352,8 @@ void cmd_lsa_query_secret(struct client_info *info)
&info->dom.lsa_info_pol,
secret_name, 0x20003, &hnd_secret) : False;
res1 = res1 ? lsa_query_secret(smb_cli, nt_pipe_fnum,
&hnd_secret, enc_secret, &last_update) : False;
res2 = res1 ? lsa_query_secret(smb_cli, nt_pipe_fnum,
&hnd_secret, &enc_secret, &last_update) : False;
res1 = res1 ? lsa_close(smb_cli, nt_pipe_fnum, &hnd_secret) : False;
@ -360,15 +362,15 @@ void cmd_lsa_query_secret(struct client_info *info)
/* close the session */
cli_nt_session_close(smb_cli, nt_pipe_fnum);
if (res1)
if (res2 && nt_decrypt_string2(&secret, &enc_secret, smb_cli->pwd.smb_nt_pwd))
{
fprintf(out_hnd, "\tValue (encrypted): ");
for (i = 0; i < 24; i++)
fprintf(out_hnd, "\tValue : ");
for (i = 0; i < secret.str_str_len; i++)
{
fprintf(out_hnd, "%02X", enc_secret[i]);
fprintf(out_hnd, "%02X", secret.buffer[i]);
}
fprintf(out_hnd, "\n\tLast Updated : %s\n\n",
fprintf(out_hnd, "\n\tLast Updated: %s\n\n",
http_timestring(nt_time_to_unix(&last_update)));
}
else