}
static void display_trust_dom_info_4(struct lsa_TrustDomainInfoPassword *p,
- uint8_t session_key[16])
+ DATA_BLOB session_key)
{
char *pwd, *pwd_old;
DATA_BLOB data = data_blob_const(p->password->data, p->password->length);
DATA_BLOB data_old = data_blob_const(p->old_password->data, p->old_password->length);
- DATA_BLOB session_key_blob = data_blob_const(session_key, sizeof(session_key));
- pwd = sess_decrypt_string(talloc_tos(), &data, &session_key_blob);
- pwd_old = sess_decrypt_string(talloc_tos(), &data_old, &session_key_blob);
+ pwd = sess_decrypt_string(talloc_tos(), &data, &session_key);
+ pwd_old = sess_decrypt_string(talloc_tos(), &data_old, &session_key);
d_printf("Password:\t%s\n", pwd);
d_printf("Old Password:\t%s\n", pwd_old);
static void display_trust_dom_info(TALLOC_CTX *mem_ctx,
union lsa_TrustedDomainInfo *info,
enum lsa_TrustDomInfoEnum info_class,
- uint8_t nt_hash[16])
+ DATA_BLOB session_key)
{
switch (info_class) {
case LSA_TRUSTED_DOMAIN_INFO_PASSWORD:
- display_trust_dom_info_4(&info->password, nt_hash);
+ display_trust_dom_info_4(&info->password, session_key);
break;
default: {
const char *str = NULL;
uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
union lsa_TrustedDomainInfo *info = NULL;
enum lsa_TrustDomInfoEnum info_class = 1;
- uint8_t nt_hash[16];
+ DATA_BLOB session_key;
struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc > 3 || argc < 2) {
goto done;
}
- if (!rpccli_get_pwd_hash(cli, nt_hash)) {
- d_fprintf(stderr, "Could not get pwd hash\n");
+ status = cli_get_session_key(mem_ctx, cli, &session_key);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("Could not retrieve session key: %s\n", nt_errstr(status)));
goto done;
}
- display_trust_dom_info(mem_ctx, info, info_class, nt_hash);
+ display_trust_dom_info(mem_ctx, info, info_class, session_key);
done:
dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
union lsa_TrustedDomainInfo *info = NULL;
enum lsa_TrustDomInfoEnum info_class = 1;
struct lsa_String trusted_domain;
- uint8_t nt_hash[16];
struct dcerpc_binding_handle *b = cli->binding_handle;
+ DATA_BLOB session_key;
if (argc > 3 || argc < 2) {
printf("Usage: %s [name] [info_class]\n", argv[0]);
goto done;
}
- if (!rpccli_get_pwd_hash(cli, nt_hash)) {
- d_fprintf(stderr, "Could not get pwd hash\n");
+ status = cli_get_session_key(mem_ctx, cli, &session_key);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("Could not retrieve session key: %s\n", nt_errstr(status)));
goto done;
}
- display_trust_dom_info(mem_ctx, info, info_class, nt_hash);
+ display_trust_dom_info(mem_ctx, info, info_class, session_key);
done:
dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
return status;
}
+static NTSTATUS cmd_lsa_set_trustdominfo(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx, int argc,
+ const char **argv)
+{
+ struct policy_handle pol, trustdom_pol;
+ NTSTATUS status, result;
+ uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+ union lsa_TrustedDomainInfo info;
+ struct dom_sid dom_sid;
+ enum lsa_TrustDomInfoEnum info_class = 1;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
+
+ if (argc > 4 || argc < 3) {
+ printf("Usage: %s [sid] [info_class] [value]\n", argv[0]);
+ return NT_STATUS_OK;
+ }
+
+ if (!string_to_sid(&dom_sid, argv[1])) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+
+ info_class = atoi(argv[2]);
+
+ switch (info_class) {
+ case 13: /* LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES */
+ info.enc_types.enc_types = atoi(argv[3]);
+ break;
+ default:
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ status = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ status = dcerpc_lsa_OpenTrustedDomain(b, mem_ctx,
+ &pol,
+ &dom_sid,
+ access_mask,
+ &trustdom_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto done;
+ }
+
+ status = dcerpc_lsa_SetInformationTrustedDomain(b, mem_ctx,
+ &trustdom_pol,
+ info_class,
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto done;
+ }
+ done:
+ dcerpc_lsa_Close(b, mem_ctx, &trustdom_pol, &result);
+ dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
+
+ return status;
+}
+
static NTSTATUS cmd_lsa_query_trustdominfo(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
union lsa_TrustedDomainInfo *info = NULL;
struct dom_sid dom_sid;
enum lsa_TrustDomInfoEnum info_class = 1;
- uint8_t nt_hash[16];
+ DATA_BLOB session_key;
struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc > 3 || argc < 2) {
goto done;
}
- if (!rpccli_get_pwd_hash(cli, nt_hash)) {
- d_fprintf(stderr, "Could not get pwd hash\n");
+ status = cli_get_session_key(mem_ctx, cli, &session_key);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("Could not retrieve session key: %s\n", nt_errstr(status)));
goto done;
}
- display_trust_dom_info(mem_ctx, info, info_class, nt_hash);
+ display_trust_dom_info(mem_ctx, info, info_class, session_key);
done:
dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
{ "LSARPC" },
- { "lsaquery", RPC_RTYPE_NTSTATUS, cmd_lsa_query_info_policy, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query info policy", "" },
- { "lookupsids", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert SIDs to names", "" },
- { "lookupsids3", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids3, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert SIDs to names", "" },
- { "lookupnames", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert names to SIDs", "" },
- { "lookupnames4", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names4, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert names to SIDs", "" },
- { "lookupnames_level", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names_level, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert names to SIDs", "" },
- { "enumtrust", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_trust_dom, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate trusted domains", "Usage: [preferred max number] [enum context (0)]" },
- { "enumprivs", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privilege, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate privileges", "" },
- { "getdispname", RPC_RTYPE_NTSTATUS, cmd_lsa_get_dispname, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Get the privilege name", "" },
- { "lsaenumsid", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_sids, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate the LSA SIDS", "" },
- { "lsacreateaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_create_account, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Create a new lsa account", "" },
- { "lsaenumprivsaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privsaccounts, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate the privileges of an SID", "" },
- { "lsaenumacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_rights, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate the rights of an SID", "" },
- { "lsaaddpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_add_priv, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Assign a privilege to a SID", "" },
- { "lsadelpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_del_priv, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Revoke a privilege from a SID", "" },
- { "lsaaddacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_add_acct_rights, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Add rights to an account", "" },
- { "lsaremoveacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_remove_acct_rights, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Remove rights from an account", "" },
- { "lsalookupprivvalue", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_priv_value, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Get a privilege value given its name", "" },
- { "lsaquerysecobj", RPC_RTYPE_NTSTATUS, cmd_lsa_query_secobj, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA security object", "" },
- { "lsaquerytrustdominfo",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfo, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA trusted domains info (given a SID)", "" },
- { "lsaquerytrustdominfobyname",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfobyname, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA trusted domains info (given a name), only works for Windows > 2k", "" },
- { "lsaquerytrustdominfobysid",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfobysid, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA trusted domains info (given a SID)", "" },
- { "getusername", RPC_RTYPE_NTSTATUS, cmd_lsa_get_username, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Get username", "" },
- { "createsecret", RPC_RTYPE_NTSTATUS, cmd_lsa_create_secret, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Create Secret", "" },
- { "deletesecret", RPC_RTYPE_NTSTATUS, cmd_lsa_delete_secret, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Delete Secret", "" },
- { "querysecret", RPC_RTYPE_NTSTATUS, cmd_lsa_query_secret, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query Secret", "" },
- { "setsecret", RPC_RTYPE_NTSTATUS, cmd_lsa_set_secret, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Set Secret", "" },
- { "retrieveprivatedata", RPC_RTYPE_NTSTATUS, cmd_lsa_retrieve_private_data, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Retrieve Private Data", "" },
- { "storeprivatedata", RPC_RTYPE_NTSTATUS, cmd_lsa_store_private_data, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Store Private Data", "" },
- { "createtrustdom", RPC_RTYPE_NTSTATUS, cmd_lsa_create_trusted_domain, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Create Trusted Domain", "" },
- { "deletetrustdom", RPC_RTYPE_NTSTATUS, cmd_lsa_delete_trusted_domain, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Delete Trusted Domain", "" },
+ { "lsaquery", RPC_RTYPE_NTSTATUS, cmd_lsa_query_info_policy, NULL, &ndr_table_lsarpc, NULL, "Query info policy", "" },
+ { "lookupsids", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids, NULL, &ndr_table_lsarpc, NULL, "Convert SIDs to names", "" },
+ { "lookupsids3", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids3, NULL, &ndr_table_lsarpc, NULL, "Convert SIDs to names", "" },
+ { "lookupnames", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names, NULL, &ndr_table_lsarpc, NULL, "Convert names to SIDs", "" },
+ { "lookupnames4", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names4, NULL, &ndr_table_lsarpc, NULL, "Convert names to SIDs", "" },
+ { "lookupnames_level", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names_level, NULL, &ndr_table_lsarpc, NULL, "Convert names to SIDs", "" },
+ { "enumtrust", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_trust_dom, NULL, &ndr_table_lsarpc, NULL, "Enumerate trusted domains", "Usage: [preferred max number] [enum context (0)]" },
+ { "enumprivs", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privilege, NULL, &ndr_table_lsarpc, NULL, "Enumerate privileges", "" },
+ { "getdispname", RPC_RTYPE_NTSTATUS, cmd_lsa_get_dispname, NULL, &ndr_table_lsarpc, NULL, "Get the privilege name", "" },
+ { "lsaenumsid", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_sids, NULL, &ndr_table_lsarpc, NULL, "Enumerate the LSA SIDS", "" },
+ { "lsacreateaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_create_account, NULL, &ndr_table_lsarpc, NULL, "Create a new lsa account", "" },
+ { "lsaenumprivsaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privsaccounts, NULL, &ndr_table_lsarpc, NULL, "Enumerate the privileges of an SID", "" },
+ { "lsaenumacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_rights, NULL, &ndr_table_lsarpc, NULL, "Enumerate the rights of an SID", "" },
+ { "lsaaddpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_add_priv, NULL, &ndr_table_lsarpc, NULL, "Assign a privilege to a SID", "" },
+ { "lsadelpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_del_priv, NULL, &ndr_table_lsarpc, NULL, "Revoke a privilege from a SID", "" },
+ { "lsaaddacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_add_acct_rights, NULL, &ndr_table_lsarpc, NULL, "Add rights to an account", "" },
+ { "lsaremoveacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_remove_acct_rights, NULL, &ndr_table_lsarpc, NULL, "Remove rights from an account", "" },
+ { "lsalookupprivvalue", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_priv_value, NULL, &ndr_table_lsarpc, NULL, "Get a privilege value given its name", "" },
+ { "lsaquerysecobj", RPC_RTYPE_NTSTATUS, cmd_lsa_query_secobj, NULL, &ndr_table_lsarpc, NULL, "Query LSA security object", "" },
+ { "lsaquerytrustdominfo",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfo, NULL, &ndr_table_lsarpc, NULL, "Query LSA trusted domains info (given a SID)", "" },
+ { "lsaquerytrustdominfobyname",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfobyname, NULL, &ndr_table_lsarpc, NULL, "Query LSA trusted domains info (given a name), only works for Windows > 2k", "" },
+ { "lsaquerytrustdominfobysid",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfobysid, NULL, &ndr_table_lsarpc, NULL, "Query LSA trusted domains info (given a SID)", "" },
+ { "lsasettrustdominfo", RPC_RTYPE_NTSTATUS, cmd_lsa_set_trustdominfo, NULL, &ndr_table_lsarpc, NULL, "Set LSA trusted domain info", "" },
+ { "getusername", RPC_RTYPE_NTSTATUS, cmd_lsa_get_username, NULL, &ndr_table_lsarpc, NULL, "Get username", "" },
+ { "createsecret", RPC_RTYPE_NTSTATUS, cmd_lsa_create_secret, NULL, &ndr_table_lsarpc, NULL, "Create Secret", "" },
+ { "deletesecret", RPC_RTYPE_NTSTATUS, cmd_lsa_delete_secret, NULL, &ndr_table_lsarpc, NULL, "Delete Secret", "" },
+ { "querysecret", RPC_RTYPE_NTSTATUS, cmd_lsa_query_secret, NULL, &ndr_table_lsarpc, NULL, "Query Secret", "" },
+ { "setsecret", RPC_RTYPE_NTSTATUS, cmd_lsa_set_secret, NULL, &ndr_table_lsarpc, NULL, "Set Secret", "" },
+ { "retrieveprivatedata", RPC_RTYPE_NTSTATUS, cmd_lsa_retrieve_private_data, NULL, &ndr_table_lsarpc, NULL, "Retrieve Private Data", "" },
+ { "storeprivatedata", RPC_RTYPE_NTSTATUS, cmd_lsa_store_private_data, NULL, &ndr_table_lsarpc, NULL, "Store Private Data", "" },
+ { "createtrustdom", RPC_RTYPE_NTSTATUS, cmd_lsa_create_trusted_domain, NULL, &ndr_table_lsarpc, NULL, "Create Trusted Domain", "" },
+ { "deletetrustdom", RPC_RTYPE_NTSTATUS, cmd_lsa_delete_trusted_domain, NULL, &ndr_table_lsarpc, NULL, "Delete Trusted Domain", "" },
{ NULL }
};