Class: Msf::Exploit::Remote::Kerberos::Ticket::Storage::StoredTicket

Inherits:

Object

• Object
• Msf::Exploit::Remote::Kerberos::Ticket::Storage::StoredTicket

Defined in:

lib/msf/core/exploit/remote/kerberos/ticket/storage/stored_ticket.rb

Overview

A StoredTicket object that internally holds a TGT/TGS object. This class abstracts the underlying persistence implementation, as currently this data is stored as Mdm::Loot - but in the future may be migrated to a Metasploit::Credential::Login or similar in the future.

Instance Attribute Summary

• #status ⇒ Object readonly

  Returns the value of attribute status.

Instance Method Summary

• #ccache ⇒ Rex::Proto::Kerberos::CredentialCache::Krb5Ccache
• #enctype ⇒ Object
• #expired?(now = Time.now) ⇒ TrueClass, FalseClass

  True if the ticket is valid within the starttime/authtime/endtime, false otherwise.

• #host_address ⇒ String

  The host address.

• #id ⇒ Object
• #info ⇒ String

  Human readable info about the ticket.

• #initialize(loot) ⇒ StoredTicket constructor

  A new instance of StoredTicket.

• #path ⇒ Object
• #principal ⇒ Object
• #sname ⇒ Object
• #starttime ⇒ Object

Constructor Details

#initialize(loot) ⇒ StoredTicket

Returns a new instance of StoredTicket.

Parameters:

• loot (Mdm::Loot)

# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage/stored_ticket.rb', line 7

def initialize(loot)
  @loot = loot
  parse_loot_info
end

Instance Attribute Details

#status ⇒ Object (readonly)

Returns the value of attribute status.

# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage/stored_ticket.rb', line 58

def status
  @status
end

Instance Method Details

#ccache ⇒ Rex::Proto::Kerberos::CredentialCache::Krb5Ccache

Returns:

• (Rex::Proto::Kerberos::CredentialCache::Krb5Ccache)

# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage/stored_ticket.rb', line 42

def ccache
  @ccache ||= Rex::Proto::Kerberos::CredentialCache::Krb5Ccache.read(loot.data)
end

#enctype ⇒ Object

# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage/stored_ticket.rb', line 37

def enctype
  credential.keyblock.enctype
end

#expired?(now = Time.now) ⇒ TrueClass, FalseClass

Returns True if the ticket is valid within the starttime/authtime/endtime, false otherwise.

Returns:

• (TrueClass, FalseClass) —

  True if the ticket is valid within the starttime/authtime/endtime, false otherwise

# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage/stored_ticket.rb', line 52

def expired?(now = Time.now)
  tkt_start = credential.starttime == Time.at(0).utc ? credential.authtime : credential.starttime
  tkt_end = credential.endtime
  !(tkt_start < now && now < tkt_end)
end

#host_address ⇒ String

Returns the host address.

Returns:

• (String) —

  the host address

# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage/stored_ticket.rb', line 17

def host_address
  loot.host && loot.host.address ? loot.host.address : ''
end

#id ⇒ Object

# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage/stored_ticket.rb', line 12

def id
  @loot.id
end

#info ⇒ String

Returns human readable info about the ticket.

Returns:

• (String) —

  human readable info about the ticket

# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage/stored_ticket.rb', line 47

def info
  loot.info
end

#path ⇒ Object

# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage/stored_ticket.rb', line 21

def path
  loot.path
end

#principal ⇒ Object

# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage/stored_ticket.rb', line 25

def principal
  credential.client
end

#sname ⇒ Object

# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage/stored_ticket.rb', line 29

def sname
  credential.server
end

#starttime ⇒ Object

# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage/stored_ticket.rb', line 33

def starttime
  credential.starttime
end