/// <summary> /// The SamrUnicodeChangePasswordUser2 method changes a /// user account's password. Opnum: 55 /// </summary> /// <param name="BindingHandle"> /// An RPC binding handle parameter as specified in [C706-Ch2Intro]. /// </param> /// <param name="ServerName"> /// A null-terminated string containing the NETBIOS name /// of the server; this parameter MAY servers ignore the /// ServerName parameter. be ignored by the server. /// </param> /// <param name="UserName"> /// The name of the user. See the message processing later /// in this section for details on how this value is used /// as a database key to locate the account that is the /// target of this password change operation. /// </param> /// <param name="NewPasswordEncryptedWithOldNt"> /// A clear text password encrypted according to the specification /// of SAMPR_ENCRYPTED_USER_PASSWORD, where the key is /// the NT hash of the existing password for the target /// user (as presented by the client in the OldNtOwfPasswordEncryptedWithNewNt /// parameter). /// </param> /// <param name="OldNtOwfPasswordEncryptedWithNewNt"> /// The NT hash of the target user's existing password (as /// presented by the client) encrypted according to the /// specification of ENCRYPTED_LM_OWF_PASSWORD, where the /// key is the NT hash of the clear text password obtained /// from decrypting NewPasswordEncryptedWithOldNt. /// </param> /// <param name="LmPresent"> /// If this parameter is zero, NewPasswordEncryptedWithOldLm /// and OldLmOwfPasswordEncryptedWithOldLm MUST be ignored; /// otherwise these fields MUST be processed. /// </param> /// <param name="NewPasswordEncryptedWithOldLm"> /// A clear text password encrypted according to the specification /// of SAMPR_ENCRYPTED_USER_PASSWORD, where the key is /// the LM hash of the existing password for the target /// user (as presented by the client). /// </param> /// <param name="OldLmOwfPasswordEncryptedWithNewNt"> /// The LM hash the target user's existing password (as /// presented by the client) encrypted according to the /// specification of ENCRYPTED_LM_OWF_PASSWORD, where the /// key is the NT hash of the clear text password obtained /// from decrypting NewPasswordEncryptedWithOldNt. /// </param> /// <returns> /// status of the function call, for example: 0 indicates STATUS_SUCCESS /// </returns> public int SamrUnicodeChangePasswordUser2(System.IntPtr BindingHandle, _RPC_UNICODE_STRING ServerName, _RPC_UNICODE_STRING UserName, _SAMPR_ENCRYPTED_USER_PASSWORD NewPasswordEncryptedWithOldNt, _ENCRYPTED_LM_OWF_PASSWORD OldNtOwfPasswordEncryptedWithNewNt, byte LmPresent, _SAMPR_ENCRYPTED_USER_PASSWORD NewPasswordEncryptedWithOldLm, _ENCRYPTED_LM_OWF_PASSWORD OldLmOwfPasswordEncryptedWithNewNt) { return rpc.SamrUnicodeChangePasswordUser2(BindingHandle, ServerName, UserName, NewPasswordEncryptedWithOldNt, OldNtOwfPasswordEncryptedWithNewNt, LmPresent, NewPasswordEncryptedWithOldLm, OldLmOwfPasswordEncryptedWithNewNt); }
/// <summary> /// The SamrChangePasswordUser method changes the password /// of a user object. Opnum: 38 /// </summary> /// <param name="UserHandle"> /// An RPC context handle, as specified in section , representing /// a user object. /// </param> /// <param name="LmPresent"> /// If this parameter is zero, the LmOldEncryptedWithLmNew /// and LmNewEncryptedWithLmOld fields MUST be ignored /// by the server; otherwise these fields MUST be processed. /// </param> /// <param name="OldLmEncryptedWithNewLm"> /// The LM hash of the target user's existing password (as /// presented by the client) encrypted according to the /// specification of ENCRYPTED_LM_OWF_PASSWORD, where the /// key is the LM hash of the new password for the target /// user (as presented by the client in the LmNewEncryptedWithLmOld /// parameter). /// </param> /// <param name="NewLmEncryptedWithOldLm"> /// The LM hash of the target user's new password (as presented /// by the client) encrypted according to the specification /// of ENCRYPTED_LM_OWF_PASSWORD, where the key is the /// LM hash of the existing password for the target user /// (as presented by the client in the LmOldEncryptedWithLmNew /// parameter). /// </param> /// <param name="NtPresent"> /// If this parameter is zero, NtOldEncryptedWithNtNew and /// NtNewEncryptedWithNtOld MUST be ignored by the server; /// otherwise these fields MUST be processed. /// </param> /// <param name="OldNtEncryptedWithNewNt"> /// The NT hash of the target user's existing password (as /// presented by the client) encrypted according to the /// specification of ENCRYPTED_NT_OWF_PASSWORD, where /// the key is the NT hash of the new password for the /// target user (as presented by the client). /// </param> /// <param name="NewNtEncryptedWithOldNt"> /// The NT hash of the target user's new password (as presented /// by the client) encrypted according to the specification /// of ENCRYPTED_NT_OWF_PASSWORD, where the key is the /// NT hash of the existing password for the target user /// (as presented by the client). /// </param> /// <param name="NtCrossEncryptionPresent"> /// If this parameter is zero, NtNewEncryptedWithLmNew MUST /// be ignored; otherwise, this field MUST be processed. /// </param> /// <param name="NewNtEncryptedWithNewLm"> /// The NT hash of the target user's new password (as presented /// by the client) encrypted according to the specification /// of ENCRYPTED_NT_OWF_PASSWORD, where the key is the /// LM hash of the new password for the target user (as /// presented by the client). /// </param> /// <param name="LmCrossEncryptionPresent"> /// If this parameter is zero, LmNewEncryptedWithNtNew MUST /// be ignored; otherwise, this field MUST be processed. /// </param> /// <param name="NewLmEncryptedWithNewNt"> /// The LM hash of the target user's new password (as presented /// by the client) encrypted according to the specification /// of ENCRYPTED_LM_OWF_PASSWORD, where the key is the /// NT hash of the new password for the target user (as /// presented by the client). /// </param> /// <returns> /// status of the function call, for example: 0 indicates STATUS_SUCCESS /// </returns> public int SamrChangePasswordUser(System.IntPtr UserHandle, byte LmPresent, _ENCRYPTED_LM_OWF_PASSWORD? OldLmEncryptedWithNewLm, _ENCRYPTED_LM_OWF_PASSWORD? NewLmEncryptedWithOldLm, byte NtPresent, _ENCRYPTED_LM_OWF_PASSWORD? OldNtEncryptedWithNewNt, _ENCRYPTED_LM_OWF_PASSWORD? NewNtEncryptedWithOldNt, byte NtCrossEncryptionPresent, _ENCRYPTED_LM_OWF_PASSWORD? NewNtEncryptedWithNewLm, byte LmCrossEncryptionPresent, _ENCRYPTED_LM_OWF_PASSWORD? NewLmEncryptedWithNewNt) { return rpc.SamrChangePasswordUser(UserHandle, LmPresent, OldLmEncryptedWithNewLm, NewLmEncryptedWithOldLm, NtPresent, OldNtEncryptedWithNewNt, NewNtEncryptedWithOldNt, NtCrossEncryptionPresent, NewNtEncryptedWithNewLm, LmCrossEncryptionPresent, NewLmEncryptedWithNewNt); }
/// <summary> /// The SamrOemChangePasswordUser2 method changes a user's /// password. Opnum: 54 /// </summary> /// <param name="BindingHandle"> /// An RPC binding handle parameter as specified in [C706-Ch2Intro]. /// </param> /// <param name="ServerName"> /// A counted string, encoded in the OEM character set, /// containing the NETBIOS name of the server; this parameter /// MAY servers ignore the ServerName parameter. be ignored /// by the server. /// </param> /// <param name="UserName"> /// A counted string, encoded in the OEM character set, /// containing the name of the user whose password is to /// be changed; see message processing later in this section /// for details on how this value is used as a database /// key to locate the account that is the target of this /// password change operation. /// </param> /// <param name="NewPasswordEncryptedWithOldLm"> /// A clear text password encrypted according to the specification /// of SAMPR_ENCRYPTED_USER_PASSWORD, where the key is /// the LM hash of the existing password for the target /// user (as presented by the client). The clear text password /// MUST be encoded in an OEM code page character set (as /// opposed to UTF-16). /// </param> /// <param name="OldLmOwfPasswordEncryptedWithNewLm"> /// The LM hash of the target user's existing password (as /// presented by the client) encrypted according to the /// specification of ENCRYPTED_LM_OWF_PASSWORD, where the /// key is the LM hash of the clear text password obtained /// from decrypting NewPasswordEncryptedWithOldLm (see /// the preceding description for decryption details). /// </param> /// <returns> /// status of the function call, for example: 0 indicates STATUS_SUCCESS /// </returns> public int SamrOemChangePasswordUser2(System.IntPtr BindingHandle, _RPC_STRING ServerName, _RPC_STRING UserName, _SAMPR_ENCRYPTED_USER_PASSWORD NewPasswordEncryptedWithOldLm, _ENCRYPTED_LM_OWF_PASSWORD OldLmOwfPasswordEncryptedWithNewLm) { return rpc.SamrOemChangePasswordUser2(BindingHandle, ServerName, UserName, NewPasswordEncryptedWithOldLm, OldLmOwfPasswordEncryptedWithNewLm); }
/// <summary> /// The SamrSetDSRMPassword method sets a local recovery /// password. Opnum: 66 /// </summary> /// <param name="BindingHandle"> /// An RPC binding handle parameter, as specified in [C706-Ch2Intro]. /// </param> /// <param name="Unused"> /// A string value. This value is not used in the protocol /// and is ignored by the server. /// </param> /// <param name="UserId"> /// A RID of a user account. See the message processing /// later in this section for details on restrictions on /// this value. /// </param> /// <param name="EncryptedNtOwfPassword"> /// The NT hash of the new password (as presented by the /// client) encrypted according to the specification of /// ENCRYPTED_NT_OWF_PASSWORD, where the key is the User ID. /// </param> /// <returns> /// status of the function call, for example: 0 indicates STATUS_SUCCESS /// </returns> public int SamrSetDSRMPassword(System.IntPtr BindingHandle, _RPC_UNICODE_STRING Unused, uint UserId, _ENCRYPTED_LM_OWF_PASSWORD EncryptedNtOwfPassword) { return rpc.SamrSetDSRMPassword(BindingHandle, Unused, UserId, EncryptedNtOwfPassword); }
/// <summary> /// Validate the NT hash of the existing password (as presented by the client) encrypted according to the /// specification of ENCRYPTED_NT_OWF_PASSWORD where the key is the 16-byte SMB session key established by /// the underlying authentication protocol(either Kerberos or NTLM). /// </summary> /// <param name="sessionKey">The session key used for encryption.</param> /// <param name="target"> the target to be validate</param> /// <returns>validate result</returns> public bool ValidateOldNtOwfPasswordEncryptedWithSessionKey(byte[] sessionKey, _ENCRYPTED_LM_OWF_PASSWORD target) { _ENCRYPTED_LM_OWF_PASSWORD expected = GetOldNtOwfPasswordEncryptedWithSessionKey(sessionKey); bool isSame = ObjectUtility.DeepCompare(expected, target); return isSame; }
/// <summary> /// The SamrChangePasswordUser method changes the password /// of a user object. Opnum: 38 /// </summary> /// <param name="UserHandle"> /// An RPC context handle, as specified in section , representing /// a user object. /// </param> /// <param name="LmPresent"> /// If this parameter is zero, the LmOldEncryptedWithLmNew /// and LmNewEncryptedWithLmOld fields MUST be ignored /// by the server; otherwise these fields MUST be processed. /// </param> /// <param name="OldLmEncryptedWithNewLm"> /// The LM hash of the target user's existing password (as /// presented by the client) encrypted according to the /// specification of ENCRYPTED_LM_OWF_PASSWORD, where the /// key is the LM hash of the new password for the target /// user (as presented by the client in the LmNewEncryptedWithLmOld /// parameter). /// </param> /// <param name="NewLmEncryptedWithOldLm"> /// The LM hash of the target user's new password (as presented /// by the client) encrypted according to the specification /// of ENCRYPTED_LM_OWF_PASSWORD, where the key is the /// LM hash of the existing password for the target user /// (as presented by the client in the LmOldEncryptedWithLmNew /// parameter). /// </param> /// <param name="NtPresent"> /// If this parameter is zero, NtOldEncryptedWithNtNew and /// NtNewEncryptedWithNtOld MUST be ignored by the server; /// otherwise these fields MUST be processed. /// </param> /// <param name="OldNtEncryptedWithNewNt"> /// The NT hash of the target user's existing password (as /// presented by the client) encrypted according to the /// specification of ENCRYPTED_NT_OWF_PASSWORD, where /// the key is the NT hash of the new password for the /// target user (as presented by the client). /// </param> /// <param name="NewNtEncryptedWithOldNt"> /// The NT hash of the target user's new password (as presented /// by the client) encrypted according to the specification /// of ENCRYPTED_NT_OWF_PASSWORD, where the key is the /// NT hash of the existing password for the target user /// (as presented by the client). /// </param> /// <param name="NtCrossEncryptionPresent"> /// If this parameter is zero, NtNewEncryptedWithLmNew MUST /// be ignored; otherwise, this field MUST be processed. /// </param> /// <param name="NewNtEncryptedWithNewLm"> /// The NT hash of the target user's new password (as presented /// by the client) encrypted according to the specification /// of ENCRYPTED_NT_OWF_PASSWORD, where the key is the /// LM hash of the new password for the target user (as /// presented by the client). /// </param> /// <param name="LmCrossEncryptionPresent"> /// If this parameter is zero, LmNewEncryptedWithNtNew MUST /// be ignored; otherwise, this field MUST be processed. /// </param> /// <param name="NewLmEncryptedWithNewNt"> /// The LM hash of the target user's new password (as presented /// by the client) encrypted according to the specification /// of ENCRYPTED_LM_OWF_PASSWORD, where the key is the /// NT hash of the new password for the target user (as /// presented by the client). /// </param> /// <returns> /// status of the function call, for example: 0 indicates STATUS_SUCCESS /// </returns> public int SamrChangePasswordUser( IntPtr UserHandle, byte LmPresent, _ENCRYPTED_LM_OWF_PASSWORD? OldLmEncryptedWithNewLm, _ENCRYPTED_LM_OWF_PASSWORD? NewLmEncryptedWithOldLm, byte NtPresent, _ENCRYPTED_LM_OWF_PASSWORD? OldNtEncryptedWithNewNt, _ENCRYPTED_LM_OWF_PASSWORD? NewNtEncryptedWithOldNt, byte NtCrossEncryptionPresent, _ENCRYPTED_LM_OWF_PASSWORD? NewNtEncryptedWithNewLm, byte LmCrossEncryptionPresent, _ENCRYPTED_LM_OWF_PASSWORD? NewLmEncryptedWithNewNt) { const ushort opnum = 38; Int3264[] paramList; int retVal = 0; SafeIntPtr pOldLmEncryptedWithNewLm = TypeMarshal.ToIntPtr(OldLmEncryptedWithNewLm); SafeIntPtr pNewLmEncryptedWithOldLm = TypeMarshal.ToIntPtr(NewLmEncryptedWithOldLm); SafeIntPtr pOldNtEncryptedWithNewNt = TypeMarshal.ToIntPtr(OldNtEncryptedWithNewNt); SafeIntPtr pNewNtEncryptedWithOldNt = TypeMarshal.ToIntPtr(NewNtEncryptedWithOldNt); SafeIntPtr pNewNtEncryptedWithNewLm = TypeMarshal.ToIntPtr(NewNtEncryptedWithNewLm); SafeIntPtr pNewLmEncryptedWithNewNt = TypeMarshal.ToIntPtr(NewLmEncryptedWithNewNt); paramList = new Int3264[] { UserHandle, (uint)LmPresent, pOldLmEncryptedWithNewLm, pNewLmEncryptedWithOldLm, (uint)NtPresent, pOldNtEncryptedWithNewNt, pNewNtEncryptedWithOldNt, (uint)NtCrossEncryptionPresent, pNewNtEncryptedWithNewLm, (uint)LmCrossEncryptionPresent, pNewLmEncryptedWithNewNt, IntPtr.Zero }; try { using (RpceInt3264Collection outParamList = RpceCall(paramList, opnum)) { retVal = outParamList[11].ToInt32(); } } finally { pNewLmEncryptedWithNewNt.Dispose(); pNewLmEncryptedWithOldLm.Dispose(); pNewNtEncryptedWithNewLm.Dispose(); pNewNtEncryptedWithOldNt.Dispose(); pOldLmEncryptedWithNewLm.Dispose(); pOldNtEncryptedWithNewNt.Dispose(); } return retVal; }
public bool ValidateOldNtEncryptedWithNewNt(_ENCRYPTED_LM_OWF_PASSWORD target) { _ENCRYPTED_LM_OWF_PASSWORD expected = GetOldNtEncryptedWithNewNt(); bool isSame = ObjectUtility.DeepCompare(expected, target); return isSame; }
public bool ValidateEncryptedNtOwfPasswordWithUserId(uint userId, _ENCRYPTED_LM_OWF_PASSWORD target) { _ENCRYPTED_LM_OWF_PASSWORD expected = GetEncryptedNtOwfPasswordWithUserId(userId); bool isSame = ObjectUtility.DeepCompare(expected, target); return isSame; }
/// <summary> /// Splits both the block and the key to 2 halves, then transforms the keys, and encrypts the blocks /// with the transformed keys /// </summary> /// <param name="block">The input block to be encrypted</param> /// <param name="key">The encryption key</param> /// <returns>The encrypted data</returns> public static _ENCRYPTED_LM_OWF_PASSWORD EncryptBlockWithKey(byte[] block, byte[] key) { // The block size for DES ECB encryption const int samrEncryptionBlockSize = 8; _ENCRYPTED_LM_OWF_PASSWORD encryptedPwd = new _ENCRYPTED_LM_OWF_PASSWORD(); byte[] block1 = null; byte[] block2 = null; byte[] key1 = null; byte[] key2 = null; // Split blocks into 2 blocks with each has the length samrEncryptionBlockSize SplitBlock(block, samrEncryptionBlockSize, samrEncryptionBlockSize, out block1, out block2); // Split keys into 2 underivedKeySize size blocks SplitBlock(key, underivedKeySize, underivedKeySize, out key1, out key2); // Derive keys byte[] transformedKey1 = TransformKey(key1); byte[] transformedKey2 = TransformKey(key2); // Do encryption byte[] encryptedBlock1 = DesEcbEncrypt(block1, transformedKey1); byte[] encryptedBlock2 = DesEcbEncrypt(block2, transformedKey2); // Concatenate the encrypted blocks encryptedPwd.data = MergeBlocks(encryptedBlock1, encryptedBlock2); return encryptedPwd; }
/// <summary> /// Decodes the request stub, and fills the fields of the class /// </summary> /// <param name="sessionContext">The session context of the request received</param> /// <param name="requestStub">The request stub got from RPCE layer</param> internal override void Decode(SamrServerSessionContext sessionContext, byte[] requestStub) { using (RpceInt3264Collection inParams = RpceStubDecoder.ToParamList( RpceStubHelper.GetPlatform(), SamrRpcStubFormatString.TypeFormatString, new RpceStubExprEval[]{ new RpceStubExprEval(SamrRpcAdapter.samr_SAMPR_USER_LOGON_INFORMATIONExprEval_0000), new RpceStubExprEval(SamrRpcAdapter.samr_SAMPR_USER_LOGON_HOURS_INFORMATIONExprEval_0001), new RpceStubExprEval(SamrRpcAdapter.samr_SAMPR_USER_ACCOUNT_INFORMATIONExprEval_0002), new RpceStubExprEval(SamrRpcAdapter.samr_SAMPR_LOGON_HOURSExprEval_0003)}, SamrRpcStubFormatString.ProcFormatString, SamrRpcStubFormatString.ProcFormatStringOffsetTable[(int)Opnum], false, requestStub)) { Unused = TypeMarshal.ToStruct<_RPC_UNICODE_STRING>(inParams[0]); UserId = inParams[1].ToUInt32(); EncryptedNtOwfPassword = TypeMarshal.ToStruct<_ENCRYPTED_LM_OWF_PASSWORD>(inParams[2]); } }
/// <summary> /// Decodes the request stub, and fills the fields of the class /// </summary> /// <param name="sessionContext">The session context of the request received</param> /// <param name="requestStub">The request stub got from RPCE layer</param> internal override void Decode(SamrServerSessionContext sessionContext, byte[] requestStub) { using (RpceInt3264Collection inParams = RpceStubDecoder.ToParamList( RpceStubHelper.GetPlatform(), SamrRpcStubFormatString.TypeFormatString, new RpceStubExprEval[]{ new RpceStubExprEval(SamrRpcAdapter.samr_SAMPR_USER_LOGON_INFORMATIONExprEval_0000), new RpceStubExprEval(SamrRpcAdapter.samr_SAMPR_USER_LOGON_HOURS_INFORMATIONExprEval_0001), new RpceStubExprEval(SamrRpcAdapter.samr_SAMPR_USER_ACCOUNT_INFORMATIONExprEval_0002), new RpceStubExprEval(SamrRpcAdapter.samr_SAMPR_LOGON_HOURSExprEval_0003)}, SamrRpcStubFormatString.ProcFormatString, SamrRpcStubFormatString.ProcFormatStringOffsetTable[(int)Opnum], false, requestStub)) { //BindingHandle = inParams[0].ToIntPtr(); ServerName = TypeMarshal.ToStruct<_RPC_STRING>(inParams[0]); UserName = TypeMarshal.ToStruct<_RPC_STRING>(inParams[1]); NewPasswordEncryptedWithOldLm = TypeMarshal.ToStruct<_SAMPR_ENCRYPTED_USER_PASSWORD>(inParams[2]); OldLmOwfPasswordEncryptedWithNewLm = TypeMarshal.ToStruct<_ENCRYPTED_LM_OWF_PASSWORD>(inParams[3]); } }