OpenForum RSS: Samba �� PDC

Samba �� PDC (��)

Wed, 28 Jun 2017 11:36:12 GMT

> � �� ... ��
> � ��?

�� ӣ ��: �� samba �� ntlm �� kerberos, � � �� DNS SRV ��. �� , �� SRV �� A �� , �� . ��
MYDOMAIN.LOCAL IN A 192.168.0.1
MYDOMAIN.LOCAL IN A 192.168.0.3
�� ntlm �� WINS.

Samba �� PDC (kuksha12)

Thu, 22 Jun 2017 11:00:41 GMT

��!!!
��, � �� ޣ� ��... :(

��
#klist
� �� , �� . � ��, �� -�� , �� ӣ ��.
�� AD1, � ��
#kinit -p admin@MYDOMAIN.RU
�� . �� ۣ� �� -�� AD1 � �� AD2 !!! :)

�� .

�� , �� , �� , �� ...
�� , �� , �� , �� , �� -�� AD? �� , �� AD �� - �� , �� ...

� �� ... �� ?

PS:
� ��

Samba �� PDC (kuksha12)

Thu, 22 Jun 2017 10:30:43 GMT

> �� DNS �� "�� " ��
> �� http://itband.ru/2010/03/active-directory-works-with-dns/. ��
> �� Active Directory.

�� , �� DNS Manager �� - �� .

�� dig:
#dig -t srv _ldap._tcp.mydomain.ru _kerberos._tcp.mydomain.ru _ldap._tcp.dc._msdcs.mydomain.ru _kerberos._tcp.dc._msdcs.mydomain.ru

�� , �� :

;; QUESTION SECTION:
;_ldap._tcp.mydomain.ru. IN SRV
;; ANSWER SECTION:
_ldap._tcp.mydomain.ru. 600 IN SRV 0 100 389 ad2.mydomain.ru.
_ldap._tcp.mydomain.ru. 600 IN SRV 0 100 389 ad1.mydomain.ru.

;; QUESTION SECTION:
;_kerberos._tcp.mydomain.ru. IN SRV
;; ANSWER SECTION:
_kerberos._tcp.mydomain.ru. 600 IN SRV 0 100 88 ad2.mydomain.ru.
_kerberos._tcp.mydomain.ru. 600 IN SRV 0 100 88 ad1.mydomain.ru.

;; Q

Samba �� PDC (��)

Thu, 22 Jun 2017 08:59:02 GMT

>[�� ]
> ad2.mydomain.ru. 3600 IN A 192.168.1.3
> mail.mydomain.ru. 3600 IN A 192.168.1.22
> ;; Query time: 0 msec
> ;; SERVER: 192.168.1.3#53(192.168.1.3)
> ;; WHEN: �� 22 10:34:46 MSK 2017
> ;; MSG SIZE rcvd: 273
> PS:
> ad4 - �� , 2012-�, �� .
> �� DNS, � AD �� .
> �� ݣ ��-�� - �� .

�� DNS �� "�� " �� http://itband.ru/2010/03/active-directory-works-with-dns/. �� Active Directory.

>[�� ]
>> � �� , � ��
>> � ��. ��ģ�� , �� ӣ �� - � ��
>> �� .
> ��... � �� AD... ��
> �� ?
> ��, � �� , � ��
> � ��, ��-�� :
> net

Samba �� PDC (kuksha12)

Thu, 22 Jun 2017 08:05:42 GMT

��, �� . ��. �� :

# wbinfo -t
checking the trust secret for domain GM via RPC calls failed
error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc0000233)
failed to call wbcCheckTrustCredentials: WBC_ERR_AUTH_ERROR
Could not check secret

�� -�� , �� ...

Samba �� PDC (kuksha12)

Thu, 22 Jun 2017 07:52:07 GMT

>� �� , � �� AD2.

�� dig:

; <<>> DiG 9.10.1 <<>> mydomain.ru any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34954
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 5

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;mydomain.ru.INANY

;; ANSWER SECTION:
mydomain.ru.600INA192.168.1.3
mydomain.ru.600INA192.168.1.2
mydomain.ru.3600INNSad4.mydomain.ru.
mydomain.ru.3600INNSad1.mydomain.ru.
mydomain.ru.3600INNSad2.mydomain.ru.
mydomain.ru.3600INSOAad2.mydomain.ru. . 45531 900 600 86400 3600
mydomain.ru.3600INMX10 mail.mydomain.ru.
mydomain.ru.0INTYPE65281 \# 20 00000000000000020000038400000001C0A86407

;; ADDITIONAL SECTION:
ad4.mydomain.ru.3600INA192.168.1.9
ad1.mydomain.ru.3600INA192.168.1.2
ad2.mydomain.ru.3600INA192.168.1.3
mail.mydomain.ru.3600INA1

Samba �� PDC (��)

Wed, 21 Jun 2017 17:46:14 GMT

>[�� ]
>>> � /etc/resolv.conf �� IP �� - AD1 � AD2 (��
>>> �� DNS)
>> �� dig MYDOMAIN.RU ANY
>> �� dc2. �� samba ��
>> �� DNS.
> dig �� , ��ޣ� �� AD2 (� ��
> � resolv.conf)
>> �� wbinfo -t
> �� - � �� :(
> ��... � �� ?

� �� , � �� . ��ģ�� , �� ӣ �� - � �� .

Samba �� PDC (��)

Wed, 21 Jun 2017 17:40:03 GMT

> �� ޣ�� AD1:
>>> � /etc/resolv.conf �� IP �� - AD1 � AD2 (��
>>> �� DNS)
>> �� dig MYDOMAIN.RU ANY
>> �� dc2. �� samba ��
>> �� DNS.
> dig �� , ��ޣ� �� AD2 (� ��
> � resolv.conf)

� �� , � �� AD2.

>> �� wbinfo -t
> �� - � �� :(
> ��... � �� ?

Samba �� PDC (Exploit)

Wed, 21 Jun 2017 17:23:25 GMT

�� ̣� � ��, �� , �� AD2 �� ?

OpenForum RSS: Samba �� ���������� ��� ���������� PDC

Samba �� ���������� ��� ���������� PDC (������)

Samba �� ���������� ��� ���������� PDC (kuksha12)

Samba �� ���������� ��� ���������� PDC (kuksha12)

Samba �� ���������� ��� ���������� PDC (������)

Samba �� ���������� ��� ���������� PDC (kuksha12)

Samba �� ���������� ��� ���������� PDC (kuksha12)

Samba �� ���������� ��� ���������� PDC (������)

Samba �� ���������� ��� ���������� PDC (������)

Samba �� ���������� ��� ���������� PDC (Exploit)

OpenForum RSS: Samba �� PDC

Samba �� PDC (��)

Samba �� PDC (kuksha12)

Samba �� PDC (kuksha12)

Samba �� PDC (��)

Samba �� PDC (kuksha12)

Samba �� PDC (kuksha12)

Samba �� PDC (��)

Samba �� PDC (��)

Samba �� PDC (Exploit)