Samba project developers cov neeg siv uas tsis ntev los no Windows ZeroLogin vulnerability () thiab nyob rau hauv kev siv ntawm Samba-based domain controller. Qhov tsis zoo qhov tsis zoo hauv MS-NRPC raws tu qauv thiab AES-CFB8 cryptographic algorithm, thiab yog tias siv tau zoo, tso cai rau tus neeg tawm tsam kom nkag mus rau tus thawj tswj hwm ntawm tus tswj hwm.
Lub ntsiab lus ntawm qhov tsis zoo yog tias MS-NRPC (Netlogon Remote Protocol) raws tu qauv tso cai rau koj rov qab los siv RPC kev twb kev txuas yam tsis muaj encryption thaum sib pauv cov ntaub ntawv pov thawj. Tus neeg tawm tsam tuaj yeem siv qhov tsis txaus ntseeg hauv AES-CFB8 algorithm kom tsis txhob nkag mus nkag tau zoo. Qhov nruab nrab, nws yuav siv li 256 spoofing sim nkag mus ua tus thawj coj. Txhawm rau ua qhov kev tawm tsam, koj tsis tas yuav muaj tus lej ua haujlwm ntawm tus tswj hwm sau npe; spoofing sim ua tau siv tus password tsis raug. NTLM authentication thov yuav raug xa rov qab mus rau tus thawj tswj hwm, uas yuav rov qab tsis lees txais kev nkag mus, tab sis tus neeg tawm tsam tuaj yeem spoof cov lus teb no, thiab lub kaw lus tawm tsam yuav xav txog kev nkag mus ua tiav.
Hauv Samba, qhov tsis zoo tsuas yog tshwm sim ntawm cov tshuab uas tsis siv "server schannel = yog" qhov chaw, uas yog lub neej ntawd txij li Samba 4.8. Tshwj xeeb, cov tshuab nrog "server schannel = tsis" thiab "server schannel = auto" tuaj yeem cuam tshuam, uas tso cai rau Samba siv tib qhov tsis zoo hauv AES-CFB8 algorithm xws li Windows.
Thaum siv Windows-npaj siv siv , hauv Samba tsuas yog hu rau ServerAuthenticate3 ua haujlwm, thiab ServerPasswordSet2 ua haujlwm tsis ua haujlwm (qhov kev siv yuav tsum tau hloov kho rau Samba). Hais txog kev ua tau zoo ntawm lwm txoj kev siv (, , , ) tsis muaj dab tsi qhia. Koj tuaj yeem taug qab kev tawm tsam ntawm cov kab ke los ntawm kev txheeb xyuas qhov muaj qhov nkag hais txog ServerAuthenticate3 thiab ServerPasswordSet hauv Samba cov ntawv txheeb xyuas.
Tau qhov twg los: opennet.ru