Samba mashruuca horumarinta isticmaala in dhawaan Nuglaanta Windows ZeroLogin () iyo in la hirgaliyo maamulaha samba-ku-salaysan. Nuglaanta cilladaha ku jira borotokoolka MS-NRPC iyo AES-CFB8 cryptographic algorithm, iyo haddii si guul leh looga faa'iidaysto, waxay u oggolaanaysaa weeraryahan inuu galo maamulaha kontoroolka domainka.
Nuxurka nuglaanta ayaa ah in nidaamka MS-NRPC (Netlogon Remote Protocol) uu kuu ogolaado inaad dib ugu dhacdo isticmaalka xidhiidhka RPC adigoon sir qarin markaad isweydaarsanayso xogta aqoonsiga. Weeraryahanku wuxuu markaa ka faa'iidaysan karaa cilad ku jirta AES-CFB8 algorithmism si uu u xumeeyo galitaanka guusha leh. Celcelis ahaan, waxay qaadataa ilaa 256 isku dayo xaaqid ah si loo galo maamule ahaan. Si aad weerar u qaaddo, uma baahnid in aad akoon ku leedahay koontaroolaha domain; isku dayo xasad ah ayaa la samayn karaa iyada oo la isticmaalayo erayga sirta ah ee khaldan. Codsiga xaqiijinta ee NTLM waxaa loo wareejin doonaa maamulaha domainka, kaas oo soo celin doona diidmada gelitaanka, laakiin weeraryahanku waxa uu ka yeeli karaa jawaabtan, nidaamka la weerarayna waxa uu tixgelin doonaa gelitaanka guul.
Samba gudaheeda, dayacanka ayaa ka muuqda kaliya nidaamyada aan isticmaalin goobta "Schannel server = haa", kaas oo ah mid aan caadi ahayn ilaa Samba 4.8. Gaar ahaan, nidaamyada leh "Schannel server = maya" iyo "server schannel = auto" waa la jebin karaa, taas oo u oggolaanaysa Samba inay isticmaasho cilladaha AES-CFB8 algorithm sida Windows.
Markaad isticmaalayso tixraac-diyaarsan Windows , Samba kaliya wicitaanka ServerAuthenticate3 wuu shaqeeyaa, iyo hawlgalka ServerPasswordSet2 wuu guuldarraystay (ka faa'iidaysiga wuxuu u baahan yahay la qabsiga Samba). Ku saabsan waxqabadka ka faa'iidaysiga kale (, , , ) waxba lagama sheego. Waxaad la socon kartaa weerarrada nidaamyada adiga oo falanqeynaya joogitaanka qoraallada lagu xusay ServerAuthenticate3 iyo ServerPasswordSet ee ku jira diiwaannada xisaabinta ee Samba.
Source: opennet.ru