[pptp-server] Yes, blank username/password works! <-- Fix at tached to this email

Justin Kreger jkreger at avidsolutionsinc.com
Fri Mar 2 21:20:47 CST 2001


 In short, Diffrent means of authentication.  It may use the password file,
but it does not interact with samba's daemon processes.

As for fixing this problem, I have written a patch.

It fixes the two problems, the blank login/password  problem, and the
unknown user/blankpassword problem.

Please TEST this ASAP with win9x, Both my win9x boxen think that they should
be only talking in CHAP, not MSCHAP, and I can't seem to find msdun128.exe
to fix it.

(This patch was tested on linux 2.2.16, with ppp-2.3.11, and tested with
Windows NT Server 4, Service Pack 6)

-Justin Kreger, MCP MCSE

-----Original Message-----
From: robert
To: Cowles, Steve; pptp-server at lists.schulte.org
Sent: 3/2/01 9:24 PM
Subject: Re: [pptp-server] Yes, blank username/password works!

I'm wondering if anyone has considered that if  you have a good guest
account 
for samba, then samba will use that if a bad username/password is sent.

Blank would definately count as bad.  I use blank password to list
shares, 
i.e. smbclient -L somemachine and just hit enter when asked for a
password.  
Logs show guest account is used and I do get the listing.  Could someone

having this problem try disabling the guest account and seeing if the
problem 
goes away?

On Friday 02 March 2001 11:19, Cowles, Steve wrote:
> > -----Original Message-----
> > From: Dread Boy [mailto:dreadboy at hotmail.com]
> > Sent: Friday, March 02, 2001 1:37 AM
> > To: pptp-server at lists.schulte.org; vgill at technologist.com
> > Subject: RE: [pptp-server] Yes, blank username/password works!
> >
> >
> > Yeah, and on top of all this it doesn't seem to matter what I
> > log in as, my username and password don't get carried over to
> > SAMBA for authenticating with server shares.
>
> Lets make sure we are comparing apples to apples here. The
> username/password that you specify in your windows PPTP dialup profile
has
> NEVER been carried over for share access. Please keep the following in
> mind...
>
> 1) The PPTP tunnel uses the user/pass specified in your PPTP dialup
profile
> to authenticate the tunnel connection ONLY.
>
> 2) Share access uses the user/pass that you specified when you turned
on
> your PC and logged in to get to your desktop. FWIW: This same
user/pass can
> be specified in your PPTP dialup profile to be used to authenticate
the
> PPTP tunnel.
>
> > i.e.  Whether I use a valid username/password or the blank, I
> > still can not access resources (or possibly ACLs) on the
> > servers even with valid usernames.  On my local LAN it's no
> > problem, but remotely, it doesn't seem to know who I am while
> > I'm logged on.
> >
> > For example, when I click a share locally on my SAMBA server,
> > I can get into it and have certain rights based on my username/
> > password.  I don't even have to think about it. "security =
> > user" in /etc/smb.conf. However, when I log in remotely with
> > Windoze using my PPTPD Linux server, when I even try to access
> > the server itself (let alone the share) it keeps asking me for
> > the IPC$ administration password as if it was an NT server.
> > It doesn't matter what I enter here, I can't get any farther.
>
> From the samba docs...
>
> Some people find browsing fails because they don't have the global
> "guest account" set to a valid account.  Remember that the IPC$
> connection that lists the shares is done as guest, and thus you must
> have a valid guest account.
> ----------------------------
>
> Also, is the PPTP clients WORKGROUP participation set to match what
the
> clients on the LAN are configured to?
>
> > Does PPTPD know my SMB username but not my password, or vice
> > versa?  I thought maybe because it was encrypted using
> > libsmbpw.so that maybe it couldn't figure it out, but then
> > using chap-secrets plain-text passwords don't cut it either.
> >
> > Anyone know what this is all about?
> >
> > Geez, I thought this whole PPTPD Linux server was gonna be at
> > least a weekend of work, but it's turning out to be months
> > worth of work.
>
> With regards to the "subject" line of this thread... lets make sure we
are
> comparing apples to apples here. I'd hate to see PopTop/PPPD get the
> reputation of being insecure without the following clarification being
> noted.
>
> 1) If you have configured your PopTop/PPPD system to re-direct PPTP
tunnel
> authentication to use the libsmbpw.o lib's (smbpasswd), then your
system
> appears to be vulnerable to the blank user/pass exploit mentioned in
this
> thread.
>
> 2) Those of you who are still using the chap-secrets file (no
re-direct)
> for tunnel authentication are NOT vulnerable to the blank user/pass
exploit
> mentioned in this thread. I just verified this on my PopTop server! I
do
> not use the re-direct to libsmbpw.o
>
> Steve Cowles
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!
_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
List services provided by www.schulteconsulting.com!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smbpasswdauthfix.patch
Type: application/octet-stream
Size: 1770 bytes
Desc: not available
URL: <http://lists.schulte.org/mailman/private/pptp-server/attachments/20010302/2dfd0c94/attachment.obj>


More information about the pptp-server mailing list