jean-yves boisiaud
2019-Mar-28 20:05 UTC
[Samba] Encoding problem with the unicodePwd stored into sam.ldb
hello, I use Samba 4.9.5 on Linux Debian 9. I want to extract users' passwords. A lot of passwords are ok, some are not. Example with a password returning an error : # ldbsearch -H /var/lib/samba/private/sam.ldb '(primaryGroupID=513)' userPrincipalName unicodePwd .... # record 494 dn: CN=XXX,CN=Users,DC=YYY,DC=ZZZ,DC=fr unicodePwd:: wXQvJaSkn0gvg1POsY9Icw=uidNumber: 5110 userPrincipalName: XXX ... ok. Then, I convert the password from utf-16 to hex : $ echo 'wXQvJaSkn0gvg1POsY9Icw==' | base64 -d -w 0 | hexdump -e '/1 "%02X"' C1742F25A4* 9F482F8353CEB18F4873 why there is a * and a new line ? base64 (and hexdump) are silent about that. If I run hd instead of hexdump : 00000000 c1 74 2f 25 a4 a4 9f 48 2f 83 53 ce b1 8f 48 73 |.t/%...H/.S...Hs| the problem is with the second 0xa4 character. Is the format of the password stored in smb.ldb correct ? If not how could I correct it ? thank you for your help. -- Jean-Yves Boisiaud - Alcor Consulting 49, rue du Chemin Vert 49300 Cholet mobile : +33 6 63 71 73 46
Rowland Penny
2019-Mar-28 20:20 UTC
[Samba] Encoding problem with the unicodePwd stored into sam.ldb
On Thu, 28 Mar 2019 21:05:57 +0100 jean-yves boisiaud via samba <samba at lists.samba.org> wrote:> hello, > > I use Samba 4.9.5 on Linux Debian 9. > > I want to extract users' passwords. A lot of passwords are ok, some > are not. > > Example with a password returning an error : > # ldbsearch -H /var/lib/samba/private/sam.ldb '(primaryGroupID=513)' > userPrincipalName unicodePwd > .... > # record 494 > dn: CN=XXX,CN=Users,DC=YYY,DC=ZZZ,DC=fr > unicodePwd:: wXQvJaSkn0gvg1POsY9Icw=> uidNumber: 5110 > userPrincipalName: XXX > ... > ok. Then, I convert the password from utf-16 to hex : > $ echo 'wXQvJaSkn0gvg1POsY9Icw==' | base64 -d -w 0 | hexdump -e '/1 > "%02X"' C1742F25A4* > 9F482F8353CEB18F4873 > > why there is a * and a new line ? base64 (and hexdump) are silent > about that. > > If I run hd instead of hexdump : > 00000000 c1 74 2f 25 a4 a4 9f 48 2f 83 53 ce b1 8f 48 73 > |.t/%...H/.S...Hs| > > the problem is with the second 0xa4 character. > > Is the format of the password stored in smb.ldb correct ? If not how > could I correct it ? > > thank you for your help. >You might want to type this into a terminal on a Samba AD DC: samba-tool user getpassword --help Rowland
jean-yves boisiaud
2019-Apr-03 11:48 UTC
[Samba] Encoding problem with the unicodePwd stored into sam.ldb
hello,
I found the problem. Nothing to do with Samba...
echo 'wXQvJaSkn0gvg1POsY9Icw==' | base64 -d -w 0
is binary data containing newline (0x0d).
the simple way to resolve my problem is to use a perl or python script.
Example with python3 :
import base64
import binascii
binascii.b2a_hex(base64.b64decode("wXQvJaSkn0gvg1POsY9Icw=="))
b'c1742f25a4a49f482f8353ceb18f4873'
thanks for your help.
Le jeu. 28 mars 2019 à 21:21, Rowland Penny via samba <samba at
lists.samba.org>
a écrit :
> On Thu, 28 Mar 2019 21:05:57 +0100
> jean-yves boisiaud via samba <samba at lists.samba.org> wrote:
>
> > hello,
> >
> > I use Samba 4.9.5 on Linux Debian 9.
> >
> > I want to extract users' passwords. A lot of passwords are ok,
some
> > are not.
> >
> > Example with a password returning an error :
> > # ldbsearch -H /var/lib/samba/private/sam.ldb
'(primaryGroupID=513)'
> > userPrincipalName unicodePwd
> > ....
> > # record 494
> > dn: CN=XXX,CN=Users,DC=YYY,DC=ZZZ,DC=fr
> > unicodePwd:: wXQvJaSkn0gvg1POsY9Icw=> > uidNumber: 5110
> > userPrincipalName: XXX
> > ...
> > ok. Then, I convert the password from utf-16 to hex :
> > $ echo 'wXQvJaSkn0gvg1POsY9Icw==' | base64 -d -w 0 | hexdump
-e '/1
> > "%02X"' C1742F25A4*
> > 9F482F8353CEB18F4873
> >
> > why there is a * and a new line ? base64 (and hexdump) are silent
> > about that.
> >
> > If I run hd instead of hexdump :
> > 00000000 c1 74 2f 25 a4 a4 9f 48 2f 83 53 ce b1 8f 48 73
> > |.t/%...H/.S...Hs|
> >
> > the problem is with the second 0xa4 character.
> >
> > Is the format of the password stored in smb.ldb correct ? If not how
> > could I correct it ?
> >
> > thank you for your help.
> >
>
> You might want to type this into a terminal on a Samba AD DC:
>
> samba-tool user getpassword --help
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
--
Jean-Yves Boisiaud - Alcor Consulting
49, rue du Chemin Vert
49300 Cholet
mobile : +33 6 63 71 73 46
Apparently Analagous Threads
- Encoding problem with the unicodePwd stored into sam.ldb
- how is the sha fingerprint generated?
- Samba 4 account with a 'ldbmodify-ed' password does not login into domain from a Windows 7 VM
- Registering Windows 2012 impossible into samba4 after migration
- Registering Windows 2012 impossible into samba4 after migration