El día martes, junio 06, 2017 a las 12:00:34p. m. +0200, Matthias Apitz 

> Hello,
> At work I have to run FreeBSD (12-CURRENT, amd64) in vbox on Win7 host
> and used successful mount_smbfs to mount the hosts disk to FreeBSD. This
> worked fine until the last password change of the domain pw we have todo
> every 12 weeks or so.
> Now the new crypted and stored pw from /etc/nsmb.conf is not accepted
> anymore. In detail, when I do:
> ...

I looked into the sources in src/contrib/smbfs/lib/smb to understand how
the hashed pw is translated to clear text and wrote a small test pgm
which uses the same function of the /usr/lib/libsmb.so

$ cc -o smbpw smbpw.c -l smb

I now crypt a dummy pw with the following chars '1234567890-1-1234567':

$ smbutil crypt 1234567890-1-1234567

the resulting hash gives retranslated by smb_simpledecrypt():

$ ./smbpw 
smb_simpledecrypt(): hash: [$$12a1a06767a6a5e4ebaa0b09b9af5e3eddfcd1312] gives 
clear [1234567890-1-12345]

i.e. the last two chars are missing.

$ cat smbpw.c

#include <stdio.h>

smb_simpledecrypt(char *dst, const char *src);

int main()

    char *hash = "$$12a1a06767a6a5e4ebaa0b09b9af5e3eddfcd1312";
    char clear[256];

    clear[0] = '\0';

    smb_simpledecrypt(clear, hash);

    printf("smb_simpledecrypt(): hash: [%s] gives clear [%s]\n", hash, clear);


This seems to be an issue in the libsmb...


Matthias Apitz, ✉ g...@unixarea.de, ⌂ http://www.unixarea.de/  ☎ 
Public GnuPG key: http://www.unixarea.de/key.pub
8. Mai 1945: Wer nicht feiert hat den Krieg verloren.
8 de mayo de 1945: Quien no festeja perdió la Guerra.
May 8, 1945: Who does not celebrate lost the War.

Attachment: signature.asc
Description: PGP signature

Reply via email to