3 # Copyright Isaac Boukris 2020
5 # This program is free software; you can redistribute it and/or modify
6 # it under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
10 # This program is distributed in the hope that it will be useful,
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
15 # You should have received a copy of the GNU General Public License
16 # along with this program. If not, see <http://www.gnu.org/licenses/>.
19 from samba
.dcerpc
import lsa
, drsblobs
20 from samba
.ndr
import ndr_pack
21 from samba
import arcfour_encrypt
, string_to_byte_array
23 from samba
import crypto
25 def CreateTrustedDomainRelax(lsaconn
, policy
, trust_info
, mask
, in_blob
, out_blob
):
27 def generate_AuthInfoInternal(session_key
, incoming
=None, outgoing
=None):
28 confounder
= [0] * 512
29 for i
in range(len(confounder
)):
30 confounder
[i
] = random
.randint(0, 255)
32 trustpass
= drsblobs
.trustDomainPasswords()
34 trustpass
.confounder
= confounder
35 trustpass
.outgoing
= outgoing
36 trustpass
.incoming
= incoming
38 trustpass_blob
= ndr_pack(trustpass
)
40 encrypted_trustpass
= arcfour_encrypt(session_key
, trustpass_blob
)
42 auth_blob
= lsa
.DATA_BUF2()
43 auth_blob
.size
= len(encrypted_trustpass
)
44 auth_blob
.data
= string_to_byte_array(encrypted_trustpass
)
46 auth_info
= lsa
.TrustDomainInfoAuthInfoInternal()
47 auth_info
.auth_blob
= auth_blob
51 session_key
= lsaconn
.session_key
54 if lsaconn
.transport_encrypted():
55 crypto
.set_relax_mode()
56 auth_info
= generate_AuthInfoInternal(session_key
,
60 crypto
.set_strict_mode()
62 return lsaconn
.CreateTrustedDomainEx2(policy
, trust_info
, auth_info
, mask
)
