In MS-ADTS 7.1.6.8.1.2, it states:
This flag indicates that the information stored in the attribute is a Unicode
plaintext password. If
this auth type is present, Kerberos can then use this password to derive
additional key types
needed to encrypt and decrypt cross realm TGTs:
DES-CBC [RFC4120] section 8.1
DES-CRC [RFC4120]
RC4HMAC [RFC4757]
Other derivations of the plaintext password are possible using string to key
functionality defined
in [RFC3961]. However, it is not stated here or in MS-KILE how to translate between the 'Unicode' strings used in windows trusts (for example, see the trustAuthIncoming, decrypted and decoded, between two of my domains) and the expected input encoding for AES and other non-MD4 keys. Converting these from UTF16 to UTF8 (I'm assuming this is the intended translation) fails as the randomly created string cannot be translated into UTF8. Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc.
trustAuthIncoming10
Description: Binary data
Unknown parameter encountered: "guest ok"
Ignoring unknown parameter "guest ok"
[0000] 00 FD F7 FB 0D F2 C8 01 02 00 00 00 F0 00 00 00 ........ ........
[0010] D8 8C 53 F1 90 D5 AA CD A7 F0 52 FF 48 D3 1F 7A ..S..... ..R.H..z
[0020] 99 59 AA 07 18 B7 4D 58 E9 F6 2E 19 E1 FE 19 9F .Y....MX ........
[0030] 6B D6 20 33 39 DB 74 0D 9C 65 F5 71 B9 A8 BA 06 k. 39.t. .e.q....
[0040] A9 1A 1A 52 C4 F1 A2 1F BB EA 2E 5D A1 17 8F 57 ...R.... ...]...W
[0050] DB 98 93 E4 52 46 63 E9 0C 49 99 D5 28 47 41 D9 ....RFc. .I..(GA.
[0060] 09 9B 29 D8 51 E2 68 BF 28 09 51 FC 1D 8E D3 DA ..).Q.h. (.Q.....
[0070] C0 EF BE A8 96 25 4A 5D A4 F1 31 C3 B7 68 BC 96 .....%J] ..1..h..
[0080] 9F 1D D4 4A 5C 37 91 7C CF FD FC 7E CC 1D 6F 6F ...J\7.| ...~..oo
[0090] B5 E4 F6 DB 8B 6C 4F E3 0B 40 AF 6A 16 5F 7F C6 .....lO. [EMAIL
PROTECTED]
[00A0] 6A F2 4D B4 1F 25 7B F7 0C 4E 40 C6 00 4F 91 D4 j.M..%{. [EMAIL
PROTECTED]
[00B0] 12 89 2C 12 21 F6 A3 EB 5C 78 DA 91 3D 09 32 A0 ..,.!... \x..=.2.
[00C0] 21 BB 15 B5 A8 30 28 A6 03 93 C9 1B 69 D5 6A CE !....0(. ....i.j.
[00D0] 16 74 30 A7 A6 68 FE C7 88 7A 07 C3 EB 80 23 B7 .t0..h.. .z....#.
[00E0] 80 BC F8 D0 B7 E2 C1 DB 0B EB DC 6C B5 75 71 0E ........ ...l.uq.
[00F0] 4C CD 58 41 18 72 41 90 51 90 44 59 99 F0 09 1C L.XA.rA. Q.DY....
[0100] 00 FD F7 FB 0D F2 C8 01 03 00 00 00 04 00 00 00 ........ ........
[0110] 01 00 00 00 10 A8 23 55 0C F2 C8 01 02 00 00 00 ......#U ........
[0120] 1C 00 00 00 23 31 D0 4B 82 59 4C 14 B3 1B C9 11 ....#1.K .YL.....
[0130] 76 55 8D EB C3 0D 84 99 41 F5 B9 36 C1 8F 49 BC vU...... A..6..I.
[0140] 00 FD F7 FB 0D F2 C8 01 00 00 00 00 00 00 00 00 ........ ........
decode_trustAuthInOut: struct decode_trustAuthInOut
in: struct decode_trustAuthInOut
blob: struct trustAuthInOutBlob
count : 0x00000002 (2)
authinfo : *
authinfo: struct AuthenticationInformationCtr
info: ARRAY(2)
info: struct AuthenticationInformation
LastUpdateTime : Wed Jul 30 16:32:06
2008 EST
AuthType :
TRUST_AUTH_TYPE_CLEAR (2)
AuthInfo : union AuthInfo(case
2)
clear: struct AuthInfoClear
size : 0x000000f0 (240)
password: ARRAY(240)
[0] : 0xd8 (216)
[1] : 0x8c (140)
[2] : 0x53 (83)
[3] : 0xf1 (241)
[4] : 0x90 (144)
[5] : 0xd5 (213)
[6] : 0xaa (170)
[7] : 0xcd (205)
[8] : 0xa7 (167)
[9] : 0xf0 (240)
[10] : 0x52 (82)
[11] : 0xff (255)
[12] : 0x48 (72)
[13] : 0xd3 (211)
[14] : 0x1f (31)
[15] : 0x7a (122)
[16] : 0x99 (153)
[17] : 0x59 (89)
[18] : 0xaa (170)
[19] : 0x07 (7)
[20] : 0x18 (24)
[21] : 0xb7 (183)
[22] : 0x4d (77)
[23] : 0x58 (88)
[24] : 0xe9 (233)
[25] : 0xf6 (246)
[26] : 0x2e (46)
[27] : 0x19 (25)
[28] : 0xe1 (225)
[29] : 0xfe (254)
[30] : 0x19 (25)
[31] : 0x9f (159)
[32] : 0x6b (107)
[33] : 0xd6 (214)
[34] : 0x20 (32)
[35] : 0x33 (51)
[36] : 0x39 (57)
[37] : 0xdb (219)
[38] : 0x74 (116)
[39] : 0x0d (13)
[40] : 0x9c (156)
[41] : 0x65 (101)
[42] : 0xf5 (245)
[43] : 0x71 (113)
[44] : 0xb9 (185)
[45] : 0xa8 (168)
[46] : 0xba (186)
[47] : 0x06 (6)
[48] : 0xa9 (169)
[49] : 0x1a (26)
[50] : 0x1a (26)
[51] : 0x52 (82)
[52] : 0xc4 (196)
[53] : 0xf1 (241)
[54] : 0xa2 (162)
[55] : 0x1f (31)
[56] : 0xbb (187)
[57] : 0xea (234)
[58] : 0x2e (46)
[59] : 0x5d (93)
[60] : 0xa1 (161)
[61] : 0x17 (23)
[62] : 0x8f (143)
[63] : 0x57 (87)
[64] : 0xdb (219)
[65] : 0x98 (152)
[66] : 0x93 (147)
[67] : 0xe4 (228)
[68] : 0x52 (82)
[69] : 0x46 (70)
[70] : 0x63 (99)
[71] : 0xe9 (233)
[72] : 0x0c (12)
[73] : 0x49 (73)
[74] : 0x99 (153)
[75] : 0xd5 (213)
[76] : 0x28 (40)
[77] : 0x47 (71)
[78] : 0x41 (65)
[79] : 0xd9 (217)
[80] : 0x09 (9)
[81] : 0x9b (155)
[82] : 0x29 (41)
[83] : 0xd8 (216)
[84] : 0x51 (81)
[85] : 0xe2 (226)
[86] : 0x68 (104)
[87] : 0xbf (191)
[88] : 0x28 (40)
[89] : 0x09 (9)
[90] : 0x51 (81)
[91] : 0xfc (252)
[92] : 0x1d (29)
[93] : 0x8e (142)
[94] : 0xd3 (211)
[95] : 0xda (218)
[96] : 0xc0 (192)
[97] : 0xef (239)
[98] : 0xbe (190)
[99] : 0xa8 (168)
[100] : 0x96 (150)
[101] : 0x25 (37)
[102] : 0x4a (74)
[103] : 0x5d (93)
[104] : 0xa4 (164)
[105] : 0xf1 (241)
[106] : 0x31 (49)
[107] : 0xc3 (195)
[108] : 0xb7 (183)
[109] : 0x68 (104)
[110] : 0xbc (188)
[111] : 0x96 (150)
[112] : 0x9f (159)
[113] : 0x1d (29)
[114] : 0xd4 (212)
[115] : 0x4a (74)
[116] : 0x5c (92)
[117] : 0x37 (55)
[118] : 0x91 (145)
[119] : 0x7c (124)
[120] : 0xcf (207)
[121] : 0xfd (253)
[122] : 0xfc (252)
[123] : 0x7e (126)
[124] : 0xcc (204)
[125] : 0x1d (29)
[126] : 0x6f (111)
[127] : 0x6f (111)
[128] : 0xb5 (181)
[129] : 0xe4 (228)
[130] : 0xf6 (246)
[131] : 0xdb (219)
[132] : 0x8b (139)
[133] : 0x6c (108)
[134] : 0x4f (79)
[135] : 0xe3 (227)
[136] : 0x0b (11)
[137] : 0x40 (64)
[138] : 0xaf (175)
[139] : 0x6a (106)
[140] : 0x16 (22)
[141] : 0x5f (95)
[142] : 0x7f (127)
[143] : 0xc6 (198)
[144] : 0x6a (106)
[145] : 0xf2 (242)
[146] : 0x4d (77)
[147] : 0xb4 (180)
[148] : 0x1f (31)
[149] : 0x25 (37)
[150] : 0x7b (123)
[151] : 0xf7 (247)
[152] : 0x0c (12)
[153] : 0x4e (78)
[154] : 0x40 (64)
[155] : 0xc6 (198)
[156] : 0x00 (0)
[157] : 0x4f (79)
[158] : 0x91 (145)
[159] : 0xd4 (212)
[160] : 0x12 (18)
[161] : 0x89 (137)
[162] : 0x2c (44)
[163] : 0x12 (18)
[164] : 0x21 (33)
[165] : 0xf6 (246)
[166] : 0xa3 (163)
[167] : 0xeb (235)
[168] : 0x5c (92)
[169] : 0x78 (120)
[170] : 0xda (218)
[171] : 0x91 (145)
[172] : 0x3d (61)
[173] : 0x09 (9)
[174] : 0x32 (50)
[175] : 0xa0 (160)
[176] : 0x21 (33)
[177] : 0xbb (187)
[178] : 0x15 (21)
[179] : 0xb5 (181)
[180] : 0xa8 (168)
[181] : 0x30 (48)
[182] : 0x28 (40)
[183] : 0xa6 (166)
[184] : 0x03 (3)
[185] : 0x93 (147)
[186] : 0xc9 (201)
[187] : 0x1b (27)
[188] : 0x69 (105)
[189] : 0xd5 (213)
[190] : 0x6a (106)
[191] : 0xce (206)
[192] : 0x16 (22)
[193] : 0x74 (116)
[194] : 0x30 (48)
[195] : 0xa7 (167)
[196] : 0xa6 (166)
[197] : 0x68 (104)
[198] : 0xfe (254)
[199] : 0xc7 (199)
[200] : 0x88 (136)
[201] : 0x7a (122)
[202] : 0x07 (7)
[203] : 0xc3 (195)
[204] : 0xeb (235)
[205] : 0x80 (128)
[206] : 0x23 (35)
[207] : 0xb7 (183)
[208] : 0x80 (128)
[209] : 0xbc (188)
[210] : 0xf8 (248)
[211] : 0xd0 (208)
[212] : 0xb7 (183)
[213] : 0xe2 (226)
[214] : 0xc1 (193)
[215] : 0xdb (219)
[216] : 0x0b (11)
[217] : 0xeb (235)
[218] : 0xdc (220)
[219] : 0x6c (108)
[220] : 0xb5 (181)
[221] : 0x75 (117)
[222] : 0x71 (113)
[223] : 0x0e (14)
[224] : 0x4c (76)
[225] : 0xcd (205)
[226] : 0x58 (88)
[227] : 0x41 (65)
[228] : 0x18 (24)
[229] : 0x72 (114)
[230] : 0x41 (65)
[231] : 0x90 (144)
[232] : 0x51 (81)
[233] : 0x90 (144)
[234] : 0x44 (68)
[235] : 0x59 (89)
[236] : 0x99 (153)
[237] : 0xf0 (240)
[238] : 0x09 (9)
[239] : 0x1c (28)
_pad : DATA_BLOB length=0
info: struct AuthenticationInformation
LastUpdateTime : Wed Jul 30 16:32:06
2008 EST
AuthType :
TRUST_AUTH_TYPE_VERSION (3)
AuthInfo : union AuthInfo(case
3)
version: struct AuthInfoVersion
size : 0x00000004 (4)
version : 0x00000001 (1)
_pad : DATA_BLOB length=0
previous_authinfo : *
previous_authinfo: struct AuthenticationInformationCtr
info: ARRAY(2)
info: struct AuthenticationInformation
LastUpdateTime : Wed Jul 30 16:20:16
2008 EST
AuthType :
TRUST_AUTH_TYPE_CLEAR (2)
AuthInfo : union AuthInfo(case
2)
clear: struct AuthInfoClear
size : 0x0000001c (28)
password: ARRAY(28)
[0] : 0x23 (35)
[1] : 0x31 (49)
[2] : 0xd0 (208)
[3] : 0x4b (75)
[4] : 0x82 (130)
[5] : 0x59 (89)
[6] : 0x4c (76)
[7] : 0x14 (20)
[8] : 0xb3 (179)
[9] : 0x1b (27)
[10] : 0xc9 (201)
[11] : 0x11 (17)
[12] : 0x76 (118)
[13] : 0x55 (85)
[14] : 0x8d (141)
[15] : 0xeb (235)
[16] : 0xc3 (195)
[17] : 0x0d (13)
[18] : 0x84 (132)
[19] : 0x99 (153)
[20] : 0x41 (65)
[21] : 0xf5 (245)
[22] : 0xb9 (185)
[23] : 0x36 (54)
[24] : 0xc1 (193)
[25] : 0x8f (143)
[26] : 0x49 (73)
[27] : 0xbc (188)
_pad : DATA_BLOB length=0
info: struct AuthenticationInformation
LastUpdateTime : Wed Jul 30 16:32:06
2008 EST
AuthType : TRUST_AUTH_TYPE_NONE
(0)
AuthInfo : union AuthInfo(case
0)
none: struct AuthInfoNone
size : 0x00000000 (0)
_pad : DATA_BLOB length=0
pull returned NT_STATUS_OK
WARNING! 336 unread bytes
dump OK
signature.asc
Description: This is a digitally signed message part
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
