def packet_rpc_netlogon_30(packet, conversation, context): # NetrServerPasswordSet2 c = context.get_netlogon_connection() (auth, succ) = context.get_authenticator() DATA_LEN = 512 # Set the new password to the existing password, this generates the same # work load as a new value, and leaves the account password intact for # subsequent runs newpass = context.machine_creds.get_password().encode('utf-16-le') pwd_len = len(newpass) filler = [ord(x) for x in os.urandom(DATA_LEN - pwd_len)] pwd = netlogon.netr_CryptPassword() pwd.length = pwd_len pwd.data = filler + [ord(x) for x in newpass] context.machine_creds.encrypt_netr_crypt_password(pwd) c.netr_ServerPasswordSet2( context.server, # must ends with $, so use get_username instead # of get_workstation here context.machine_creds.get_username(), context.machine_creds.get_secure_channel_type(), context.netbios_name, auth, pwd) return True
def do_Netr_ServerPasswordSet2(self): c = self.get_netlogon_connection() (authenticator, subsequent) = self.get_authenticator(c) PWD_LEN = 32 DATA_LEN = 512 newpass = samba.generate_random_password(PWD_LEN, PWD_LEN) encoded = newpass.encode('utf-16-le') pwd_len = len(encoded) filler = [ x if isinstance(x, int) else ord(x) for x in os.urandom(DATA_LEN - pwd_len) ] pwd = netlogon.netr_CryptPassword() pwd.length = pwd_len pwd.data = filler + [ x if isinstance(x, int) else ord(x) for x in encoded ] self.machine_creds.encrypt_netr_crypt_password(pwd) c.netr_ServerPasswordSet2(self.server, self.machine_creds.get_workstation(), SEC_CHAN_WKSTA, self.machine_name, authenticator, pwd) self.machine_pass = newpass self.machine_creds.set_password(newpass)
def do_Netr_ServerPasswordSet2(self): c = self.get_netlogon_connection() (authenticator, subsequent) = self.get_authenticator(c) PWD_LEN = 32 DATA_LEN = 512 newpass = samba.generate_random_password(PWD_LEN, PWD_LEN) filler = [ord(x) for x in os.urandom(DATA_LEN - PWD_LEN)] pwd = netlogon.netr_CryptPassword() pwd.length = PWD_LEN pwd.data = filler + [ord(x) for x in newpass] self.machine_creds.encrypt_netr_crypt_password(pwd) c.netr_ServerPasswordSet2(self.server, self.machine_creds.get_workstation(), SEC_CHAN_WKSTA, self.machine_name, authenticator, pwd) self.machine_pass = newpass self.machine_creds.set_password(newpass)
def do_Netr_ServerPasswordSet2(self): c = self.get_netlogon_connection() (authenticator, subsequent) = self.get_authenticator(c) PWD_LEN = 32 DATA_LEN = 512 newpass = samba.generate_random_password(PWD_LEN, PWD_LEN) encoded = newpass.encode('utf-16-le') pwd_len = len(encoded) filler = [ord(x) for x in os.urandom(DATA_LEN-pwd_len)] pwd = netlogon.netr_CryptPassword() pwd.length = pwd_len pwd.data = filler + [ord(x) for x in encoded] self.machine_creds.encrypt_netr_crypt_password(pwd) c.netr_ServerPasswordSet2(self.server, self.machine_creds.get_workstation(), SEC_CHAN_WKSTA, self.machine_name, authenticator, pwd) self.machine_pass = newpass self.machine_creds.set_password(newpass)
def packet_rpc_netlogon_30(packet, conversation, context): # NetrServerPasswordSet2 c = context.get_netlogon_connection() (auth, succ) = context.get_authenticator() DATA_LEN = 512 # Set the new password to the existing password, this generates the same # work load as a new value, and leaves the account password intact for # subsequent runs newpass = context.machine_creds.get_password().encode('utf-16-le') pwd_len = len(newpass) filler = [ord(x) for x in os.urandom(DATA_LEN - pwd_len)] pwd = netlogon.netr_CryptPassword() pwd.length = pwd_len pwd.data = filler + [ord(x) for x in newpass] context.machine_creds.encrypt_netr_crypt_password(pwd) c.netr_ServerPasswordSet2(context.server, # must ends with $, so use get_username instead # of get_workstation here context.machine_creds.get_username(), context.machine_creds.get_secure_channel_type(), context.netbios_name, auth, pwd) return True