Issue #2742: Do a MITM attack on NetServerAuthenticate2 and LogonGetCapabilities - freeipa

freeipa

#2742 Do a MITM attack on NetServerAuthenticate2 and LogonGetCapabilities

Closed: Fixed None Opened 12 years ago by asn.

Do a MITM attack on NetServerAuthenticate2 and LogonGetCapabilities. Let the client set the AES flag and remove the flag in the packet with MITM.

Check how Windows detects this attack and implmentend it corrently for netlogon schannel with AES.

The MITM could maybe be done with https://www.samba.org/ftp/unpacked/junkcode/sockspy-rpc.c

asn commented 11 years ago

Done. I've uploaded the code I used for the MITM attack to:

http://xor.cryptomilk.org/junkcode/

Metadata Update from @asn:
- Issue assigned to asn
- Issue set to the milestone: FreeIPA 3.0 Trust Effort - 2012/06

7 years ago

Metadata

Assignee

asn

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

FreeIPA 3.0 Trust Effort - 2012/06

None

affects_doc

None

source

None

knownissue

None

type

task

blockedby

None

test_case

None

component

Samba code

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

tester

None

changelog

None

design

None

freeipa

Source Code

#2742 Do a MITM attack on NetServerAuthenticate2 and LogonGetCapabilities Closed: Fixed None Opened 12 years ago by asn.

Metadata

#2742 Do a MITM attack on NetServerAuthenticate2 and LogonGetCapabilities

Closed: Fixed None Opened 12 years ago by asn.