Re: NTLM 24-byte response generated by giving windows API's a chal
- From: yucca04 <yucca04@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 7 Apr 2006 10:29:51 -0700
Let me know how you get on. I'm fairly sure you should be able to do what you
want to (if I understand correctly).
My code is usually used to authenticate to a remote process, so I haven't
been running in the same situation as you, where you are using
LsaLogonUser(). I either provide credentials (via a UI) when I need to
authenticate as someone else rather than the current user, or pass a NULLed
out SEC_XXX structure to provide unified logon.
Are you running in the security context of the logged on user, or are you
trying to run from an isolated service?
I guess trying to find out exactly what you need to do without having to
expose everything is always an issue :-)
Carl
--
Carl Young
Senior Software Engineer - CA
"schommer@xxxxxxxxx" wrote:
The fact that your trying to help is encouraging (nothing like getting.
stuck and having nobody care or know even remotely what I'm talking
about).
I'll try using the SEC_WINNT_AUTH_IDENTITY with "empty" values for all
string fields, password fields, etc. The hard part is that you try so
many combinations and add so many things (like impersonation and such)
and forget to try all the matrix of possiblities every time you tweak
something :)
Overall it seems that you actually know what I'm talking about so
that's good! :)
What I want to do, basically is provide a response to a challenge
without having to re-enter the password text in the
SEC_WINNT_AUTH_IDENTITY structure (since the user is already logged in
I want to avoid having to save off this type of information "until"
this call is made since that's kinda not cool to leave lying around).
I'll try all the possible combinations, I just wish there was an easier
way to obtain credentials so that you don't have to work so hard to get
this information. Hell, if I could get the LM hashes and do the silly
response code myself I would (without using those hacking tools like
pwdump or whatever to obtain them).
I also spent some time messing with type-2 message flags to disable the
"short circuit" that occurs if you login to the local system using
these api's (it doesn't bother to hand me off a challenge-response if
it detects the system is authenticating to itself). I see the
advantage, but how annoying!! :)
Anyway, I appreciate the response... this area of windows coding is
fairly new to me so I've been doing a lot of banging heads against
keyboards and such. I appreciate that Microsoft documented it, but
given that all these routines take like 12 to 14 arguments makes it
fairly tough to get it all correct (especially since its a casting
battle to get the right data structures into calls like
LsaLogonUser()).
Thanks Again!!
Derrick
- Follow-Ups:
- References:
- Prev by Date: Re: How to make PKCS#7 signature using CryptoAPI?
- Next by Date: Re: NTLM 24-byte response generated by giving windows API's a chal
- Previous by thread: Re: NTLM 24-byte response generated by giving windows API's a chal
- Next by thread: Re: NTLM 24-byte response generated by giving windows API's a chal
- Index(es):
Relevant Pages
|
