Abathuthukisi bephrojekthi ye-Samba
Ingqikithi yokuba sengozini ukuthi iphrothokholi ye-MS-NRPC (Netlogon Remote Protocol) ikuvumela ukuthi ubuyele emuva ekusebenziseni uxhumano lwe-RPC ngaphandle kokubethela lapho ushintsha idatha yokuqinisekisa. Umhlaseli angabese esebenzisa iphutha ku-algorithm ye-AES-CFB8 ukuze aphange ukungena ngemvume okuyimpumelelo. Ngokwesilinganiso, kuthatha cishe 256 imizamo spoofing ukungena ngemvume njengomlawuli. Ukuze wenze ukuhlasela, awudingi ukuba ne-akhawunti esebenzayo kusilawuli sesizinda; imizamo yokukhohlisa ingenziwa kusetshenziswa iphasiwedi engalungile. Isicelo sokuqinisekisa se-NTLM sizoqondiswa kabusha kusilawuli sesizinda, esizobuyisela ukwenqatshwa kokufinyelela, kodwa umhlaseli angakwazi ukuphamba le mpendulo, futhi isistimu ehlaselwe izobheka ukungena ngemvume njengempumelelo.
Ku-Samba, ukuba sengozini kuvela kuphela kumasistimu angasebenzisi ukulungiselelwa kokuthi “isiteshi seseva = yebo”, okuzenzakalelayo kusukela ku-Samba 4.8. Ikakhulukazi, amasistimu anezilungiselelo ze-"server schannel = no" kanye "nesiteshi seseva = okuzenzakalelayo" zingafakwa engozini, okuvumela i-Samba ukuthi isebenzise amaphutha afanayo ku-algorithm ye-AES-CFB8 njengaku-Windows.
Uma usebenzisa ireferensi elungiselelwe iWindows
Source: opennet.ru