Module: Msf::Exploit::Remote::Kerberos::Client::CacheCredential

Included in:
Msf::Exploit::Remote::Kerberos::Client
Defined in:
lib/msf/core/exploit/kerberos/client/cache_credential.rb

Instance Method Summary collapse

Instance Method Details

#create_cache(opts = {}) ⇒ Rex::Proto::Kerberos::CredentialCache::Cache

Builds a MIT Credential Cache

Parameters:

Options Hash (opts):

Returns:

See Also:


20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# File 'lib/msf/core/exploit/kerberos/client/cache_credential.rb', line 20

def create_cache(opts = {})
  version = opts[:version] || Rex::Proto::Kerberos::CredentialCache::VERSION
  headers = opts[:headers] || [Rex::Proto::Kerberos::CredentialCache::HEADER]
  primary_principal = opts[:primary_principal] || create_cache_principal(opts)
  credentials = opts[:credentials] || [create_cache_credential(opts)]

  cache = Rex::Proto::Kerberos::CredentialCache::Cache.new(
    version: version,
    headers: headers,
    primary_principal: primary_principal,
    credentials: credentials
  )

  cache
end

#create_cache_credential(opts = {}) ⇒ Rex::Proto::Kerberos::CredentialCache::Credential

Builds a MIT Credential Cache credential

Parameters:

  • opts (Hash<{Symbol => <>}>) (defaults to: {})

Options Hash (opts):

Returns:

See Also:


120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
# File 'lib/msf/core/exploit/kerberos/client/cache_credential.rb', line 120

def create_cache_credential(opts = {})
  client = opts[:client] || create_cache_principal(opts)
  server = opts[:server] || create_cache_principal(opts)
  key = opts[:key] || create_cache_key_block(opts)
  time = opts[:time] || create_cache_times(opts)
  is_skey = opts[:is_skey] || 0
  tkt_flags = opts[:flags] || 0
  addrs = opts[:addrs] || []
  auth_data = opts[:auth_data] || []
  ticket = opts[:ticket] || ''
  second_ticket = opts[:second_ticket] || ''

  cred = Rex::Proto::Kerberos::CredentialCache::Credential.new(
    client: client,
    server: server,
    key: key,
    time: time,
    is_skey: is_skey,
    tkt_flags:tkt_flags,
    addrs: addrs,
    auth_data: auth_data,
    ticket: ticket,
    second_ticket: second_ticket
  )

  cred
end

#create_cache_key_block(opts = {}) ⇒ Rex::Proto::Kerberos::CredentialCache::KeyBlock

Builds a MIT Credential Cache key block

Parameters:

  • opts (Hash<{Symbol => <Integer, String>}>) (defaults to: {})

Options Hash (opts):

  • :key_type (Integer)
  • :e_type (Integer)
  • :key_value (String)

Returns:

See Also:


66
67
68
69
70
71
72
73
74
75
76
77
78
# File 'lib/msf/core/exploit/kerberos/client/cache_credential.rb', line 66

def create_cache_key_block(opts = {})
  key_type = opts[:key_type] || Rex::Proto::Kerberos::Crypto::RC4_HMAC
  e_type = opts[:e_type] || 0
  key_value = opts[:key_value] || ''

  key_block = Rex::Proto::Kerberos::CredentialCache::KeyBlock.new(
    key_type: key_type,
    e_type: e_type,
    key_value: key_value
  )

  key_block
end

#create_cache_principal(opts = {}) ⇒ Rex::Proto::Kerberos::CredentialCache::Principal

Builds a MIT Credential Cache principal

Parameters:

  • opts (Hash<{Symbol => <Integer, String, Array<String>>}>) (defaults to: {})

Options Hash (opts):

  • :name_type (Integer)
  • :realm (String)
  • :components (Array<String>)

Returns:

See Also:


44
45
46
47
48
49
50
51
52
53
54
55
56
# File 'lib/msf/core/exploit/kerberos/client/cache_credential.rb', line 44

def create_cache_principal(opts = {})
  name_type = opts[:name_type] || 0
  realm = opts[:realm] || ''
  components = opts[:components] || ['']

  principal = Rex::Proto::Kerberos::CredentialCache::Principal.new(
    name_type: name_type,
    realm: realm,
    components:components
  )

  principal
end

#create_cache_times(opts = {}) ⇒ Rex::Proto::Kerberos::CredentialCache::Time

Builds a times structure linked to a credential in a MIT Credential Cache

Parameters:

  • opts (Hash<{Symbol => Integer}>) (defaults to: {})

Options Hash (opts):

  • auth_time (Integer)
  • start_time (Integer)
  • end_time (Integer)
  • renew_till (Integer)

Returns:

See Also:


89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
# File 'lib/msf/core/exploit/kerberos/client/cache_credential.rb', line 89

def create_cache_times(opts = {})
  auth_time = opts[:auth_time] || 0
  start_time = opts[:start_time] || 0
  end_time = opts[:end_time] || 0
  renew_till = opts[:renew_till] || 0

  time = Rex::Proto::Kerberos::CredentialCache::Time.new(
    auth_time: auth_time.to_i,
    start_time: start_time.to_i,
    end_time: end_time.to_i,
    renew_till: renew_till.to_i
  )

  time
end