Re: 'krbPrincipalKey' and 'sambaMungedDial'

To: debian-edu@lists.debian.org
Subject: Re: 'krbPrincipalKey' and 'sambaMungedDial'
From: Martin Schulte <schulte-martin@web.de>
Date: Sun, 24 Mar 2013 15:18:48 +0100
Message-id: <[🔎] 514F0B48.6010501@web.de>
In-reply-to: <[🔎] 20130322180127.GA10478@fuzi>
References: <[🔎] 514C95D7.2080502@web.de> <[🔎] 20130322180127.GA10478@fuzi>


Am 22.03.2013 19:01, schrieb Andreas B. Mundt:

Hi Martin,

On Fri, Mar 22, 2013 at 06:33:11PM +0100, Martin Schulte wrote:

while trying to upgrade to squeeze and restore old passwords, i had
a look to the ldap in squeeze. I found the two attributes
'krbPrincipalKey' and 'sambaMungedDial'. Can someone tell me, what
is the use of these two attributes and how they are generated? Is
there a relation between the userpassword and these two attributes?

Actually i try to replace the value of the attributes
'userPassword', 'sambaLMPassword', 'sambaNTPassword' from the
squeeze ldap with the values from the lenny ldap.


The authentication method has changed completely in squeeze.  Instead
of storing a hashed password in LDAP as it has been the case in Lenny,
Squeeze uses Kerberos keys.  These are also some kind of a user's
password, but can also be used to encrypt any connection over the
network.  There is no way to convert the password hash from Lenny to a
Kerberos principal key, so you have to create these from clear text
passwords.  I am not familliar with the samba stuff however.

Hi ,

thank you for your answer.

I found a way to get the passwords in cleartext from lenny ldap, thanksto windows, the secures OS ever :-) and his LM-Hash. You can crack thisLM-hash using ophcrack (http://en.wikipedia.org/wiki/Ophcrack ), whichuses rainbow tables.

To automate this, i wrote a perl-script which fetches theSambaLMpassword from each user. Than it's generates an file inpwdumper-Syntax

    <username>:<gid>:lm-hash::::

Than i load this file into ophcrack, which finds passwords using rainbowtables. This takes 45min. Then i save the results in a file. Anotherperl-script reads this file and fetchs the groups of every user. Becauseof LM-hash is caseinsensitive, it checks all combinations of upper- andlowercase combinations against the SambaNTPassword, which iscasesensitiv. After this it generates a csv-file which can be used bygosa's import function.


If someone interested i can put the script into the wiki.

Martin

Reply to:

Follow-Ups:
- Re: 'krbPrincipalKey' and 'sambaMungedDial'
  - From: Petter Reinholdtsen <pere@hungry.com>

References:
- 'krbPrincipalKey' and 'sambaMungedDial'
  - From: Martin Schulte <schulte-martin@web.de>
- Re: 'krbPrincipalKey' and 'sambaMungedDial'
  - From: "Andreas B. Mundt" <andi.mundt@web.de>

Prev by Date: Content and translation status for the debian-edu-wheezy manual
Next by Date: Processed: Re: Processed (with 1 errors): Re: Bug#703710: killer CRON disabled on diskless workstations
Previous by thread: Re: 'krbPrincipalKey' and 'sambaMungedDial'
Next by thread: Re: 'krbPrincipalKey' and 'sambaMungedDial'
Index(es):
- Date
- Thread