Vagadziri veiyo chirongwa cheSamba vakafumura munguva pfupi yapfuura kuburikidza nechiziviso kune vashandisi nezve kuwanikwa kwe «ZeroLogin» kushomeka muWindows (CVE-2020-1472) uye izvo zvakare se yakaratidzwa mukuitwa kubva kune domain controller zvichibva paSamba.
Kunetseka inokonzerwa nezvikanganiso muMS-NRPC protocol uye iyo AES-CFB8 crypto algorithm, uye kana ikashandiswa zvisirizvo, inobvumira anorwisa kuti awane kodzero dzevatariri pane domain controller.
Musimboti wekushupika ndeyekuti MS-NRPC (Netlogon Remote Protocol) inobvumidza chokwadi chekutsinhana dhata kushandisa kushandisa RPC kubatana hapana encryption.
Anorwisa anogona kuzoshandisa kukanganisa muAES-CFB8 algorithm kuti spoof (spoof) inobudirira kupinda mukati. Anenge mazana maviri nemakumi maviri nemashanu ekuedza kubiridzira anodiwa kuti upinde nekodzero dzemutungamiriri paavhareji.
Kurwiswa hakudi account inoshanda pane domain controller; Kutevedzera kuedza kunogona kuitwa nenhamba isiriyo.
Iyo NTLM yekusimbisa chikumbiro ichaendeswa kune iyo domain controller, iyo inodzosera kupinda kwakarambwa, asi anorwisa anogona kukanganisa iyi mhinduro uye iyo yakarwiswa system ichafunga kuti kupinda kwakabudirira.
Kukwidziridzwa kwerombo rakanaka kunovapo kana munhu anorwisa paakagadza nzira isina njodzi yeNetlogon yekubatanidza chiteshi kune mutongi wedomeini, achishandisa Netlogon Remote Protocol (MS-NRPC). Anorwisa akabudirira kushandisa kushushikana anogona kumhanyisa chikumbiro chakarongedzwa pamutambo wedandemutande.
Kuti ushandise kusagadzikana, anorwisa asingazivikanwe anodikanwa kuti ashandise MS-NRPC kubatanidza kune domain controller kuti uwane domain Administrator kuwana.
MuSamba, kunetseka inoratidzika chete pane masystem asingashandisi iyo "server schannel = yes" setting inova ndiyo default kubva Samba 4.8.
Kunyanya masystem ane marongero "server schannel = kwete" uye "server schannel = auto" inogona kukanganiswa, iyo inobvumidza Samba kushandisa zvakafanana zvikanganiso muAES-CFB8 algorithm senge muWindows.
Paunenge uchishandisa Windows-yakagadzirira kushandisa prototype, iyo chete ServerAuthenticate3 yekufisa moto muSamba uye iyo ServerPasswordSet2 inoshanda inokundikana (kushandisa kunoda kuchinjirwa kweSamba).
Ndicho chikonzero nei vashambadziri veSamba vachikoka vashandisi vakaita shanduko ku server schannel = hongu ku "kwete" kana "auto", dzokera kune yakasarudzika kurongedza "hongu" uye nekudaro kudzivirira dambudziko rekushupika.
Hapana chakaziviswa nezvekuitwa kwezvimwe zviitwa, kunyangwe kuyedza kurwisa masisitimu kunogona kutevedzwa nekuongorora kuvepo kwezvinyorwa zvine kutaurwa kweServerAuthenticate3 uye ServerPasswordSet mumatanda ekuongorora eSamba.
Microsoft iri kutaura nezvekusagadzikana mukutumirwa kwezvikamu zviviri. Izvi zvinogadziridza zvinotarisana nekushomeka nekugadzirisa nzira iyo Netlogon inobata kushandiswa kweNetlogon nzira dzakachengeteka.
Kana chikamu chechipiri cheWindows dudziro chave kuwanikwa muQ2021 XNUMX, vatengi vanozoziviswa kuburikidza nechigamba chekuchengetedzeka uku.
Chekupedzisira, kune avo vanoshandisa shanduro dzekare dzesamba, ita zveruzivo zvine chekuita nesamba yazvino yakagadzika yesamba kana sarudza kushandisa zvigamba zvinoenderana nekugadzirisa kusagadzikana uku.
Samba ine chengetedzo yedambudziko iri nekuti kubvira Samba 4.8 isu tine yakasarudzika kukosha kwe 'server schannel = hongu'.
Vashandisi vakachinja izvi zvekupedzisira vanorairwa kuti Samba inoshandisa netlogon AES protocol nokutendeka uye nekudaro inowira kune imwechete cryptosystem dhizaini yekukanganisa.
Vanopa vanotsigira Samba 4.7 uye vhezheni dzapakutanga vanofanira kumisikidza kuiswa kwavo uye mapakeji kuti vachinje izvi zvisizvo.
Ivo HAVANA kuchengetedzeka uye tinovimba kuti vanogona kukonzeresa kuzara kwesimba, kunyanya kune AD madomeni.
Pakupedzisira, kana iwe uchifarira kuziva zvakawanda nezvazvo pamusoro pekukuvara uku unogona kutarisa zviziviso zvakaitwa nechikwata che samba (mune iyi link) kana zvakare neMicrosoft (kubatana uku).