Re: 'krbPrincipalKey' and 'sambaMungedDial'
Hi, here is the wiki article and the script: http://wiki.debian.org/DebianEdu/HowTo/RecoverPasswords Best regards, Martin Am 25.03.2013 21:56, schrieb Petter Reinholdtsen: [Martin Schulte] thank you for your answer. I found a way to get the passwords in cleartext from lenny ldap, thanks to windows, the secures OS ever :-) and his LM-Hash. You can crack this LM-hash using ophcrack (http://en.wikipedia.org/wiki/Ophcrack ), which uses rainbow tables. Interesting and scary. Even in Debian Edu Squeeze, the user passwords are stored in three places in the user LDAP object. Once for Kerberos, once for Samba and once for GOsa. We should really try to get rid of the last two. If someone interested i can put the script into the wiki. Sound like a nice thing to publish, yes. -- To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/515217c4.2010...@web.de
Re: 'krbPrincipalKey' and 'sambaMungedDial'
Hi all, On Mon, Mar 25, 2013 at 09:56:27PM +0100, Petter Reinholdtsen wrote: > > [Martin Schulte] > > thank you for your answer. > > I found a way to get the passwords in cleartext from lenny ldap, thanks > > to windows, the secures OS ever :-) and his LM-Hash. You can crack this > > LM-hash using ophcrack (http://en.wikipedia.org/wiki/Ophcrack ), which > > uses rainbow tables. > > Interesting and scary. Even in Debian Edu Squeeze, the user passwords > are stored in three places in the user LDAP object. Once for Kerberos, > once for Samba and once for GOsa. We should really try to get rid of > the last two. > For the record, an attempt to "unify" GOsa and Kerberos: http://bugs.debian.org/698544> Best regards, Andi -- To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130325224254.GB14338@fuzi
Re: 'krbPrincipalKey' and 'sambaMungedDial'
[Martin Schulte] > thank you for your answer. > I found a way to get the passwords in cleartext from lenny ldap, thanks > to windows, the secures OS ever :-) and his LM-Hash. You can crack this > LM-hash using ophcrack (http://en.wikipedia.org/wiki/Ophcrack ), which > uses rainbow tables. Interesting and scary. Even in Debian Edu Squeeze, the user passwords are stored in three places in the user LDAP object. Once for Kerberos, once for Samba and once for GOsa. We should really try to get rid of the last two. > If someone interested i can put the script into the wiki. Sound like a nice thing to publish, yes. -- Happy hacking Petter Reinholdtsen -- To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2fly5dbb3lw@diskless.uio.no
Re: 'krbPrincipalKey' and 'sambaMungedDial'
Am 22.03.2013 19:01, schrieb Andreas B. Mundt: Hi Martin, On Fri, Mar 22, 2013 at 06:33:11PM +0100, Martin Schulte wrote: while trying to upgrade to squeeze and restore old passwords, i had a look to the ldap in squeeze. I found the two attributes 'krbPrincipalKey' and 'sambaMungedDial'. Can someone tell me, what is the use of these two attributes and how they are generated? Is there a relation between the userpassword and these two attributes? Actually i try to replace the value of the attributes 'userPassword', 'sambaLMPassword', 'sambaNTPassword' from the squeeze ldap with the values from the lenny ldap. The authentication method has changed completely in squeeze. Instead of storing a hashed password in LDAP as it has been the case in Lenny, Squeeze uses Kerberos keys. These are also some kind of a user's password, but can also be used to encrypt any connection over the network. There is no way to convert the password hash from Lenny to a Kerberos principal key, so you have to create these from clear text passwords. I am not familliar with the samba stuff however. Hi , thank you for your answer. I found a way to get the passwords in cleartext from lenny ldap, thanks to windows, the secures OS ever :-) and his LM-Hash. You can crack this LM-hash using ophcrack (http://en.wikipedia.org/wiki/Ophcrack ), which uses rainbow tables. To automate this, i wrote a perl-script which fetches the SambaLMpassword from each user. Than it's generates an file in pwdumper-Syntax ::lm-hash Than i load this file into ophcrack, which finds passwords using rainbow tables. This takes 45min. Then i save the results in a file. Another perl-script reads this file and fetchs the groups of every user. Because of LM-hash is caseinsensitive, it checks all combinations of upper- and lowercase combinations against the SambaNTPassword, which is casesensitiv. After this it generates a csv-file which can be used by gosa's import function. If someone interested i can put the script into the wiki. Martin -- To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/514f0b48.6010...@web.de
Re: 'krbPrincipalKey' and 'sambaMungedDial'
Hi Martin, On Fri, Mar 22, 2013 at 06:33:11PM +0100, Martin Schulte wrote: > > while trying to upgrade to squeeze and restore old passwords, i had > a look to the ldap in squeeze. I found the two attributes > 'krbPrincipalKey' and 'sambaMungedDial'. Can someone tell me, what > is the use of these two attributes and how they are generated? Is > there a relation between the userpassword and these two attributes? > > Actually i try to replace the value of the attributes > 'userPassword', 'sambaLMPassword', 'sambaNTPassword' from the > squeeze ldap with the values from the lenny ldap. The authentication method has changed completely in squeeze. Instead of storing a hashed password in LDAP as it has been the case in Lenny, Squeeze uses Kerberos keys. These are also some kind of a user's password, but can also be used to encrypt any connection over the network. There is no way to convert the password hash from Lenny to a Kerberos principal key, so you have to create these from clear text passwords. I am not familliar with the samba stuff however. Best regards, Andi -- To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130322180127.GA10478@fuzi
'krbPrincipalKey' and 'sambaMungedDial'
Hi, while trying to upgrade to squeeze and restore old passwords, i had a look to the ldap in squeeze. I found the two attributes 'krbPrincipalKey' and 'sambaMungedDial'. Can someone tell me, what is the use of these two attributes and how they are generated? Is there a relation between the userpassword and these two attributes? Actually i try to replace the value of the attributes 'userPassword', 'sambaLMPassword', 'sambaNTPassword' from the squeeze ldap with the values from the lenny ldap. Thanks, Martin -- To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/514c95d7.2080...@web.de
