Class: Rex::Proto::Kerberos::Model::PreAuthForUser

Inherits:
Element
  • Object
show all
Defined in:
lib/rex/proto/kerberos/model/pre_auth_for_user.rb

Overview

This class is a representation of a PA-FOR-USER, pre authenticated data to identify the user on whose behalf a service requests a service ticket, as defined in learn.microsoft.com/en-us/openspecs/windows_protocols/ms-sfu/aceb70de-40f0-4409-87fa-df00ca145f5a

Constant Summary

Constants included from Rex::Proto::Kerberos::Model

AP_REP, AP_REQ, AS_REP, AS_REQ, AUTHENTICATOR, ENC_AP_REP_PART, ENC_KRB_CRED_PART, KRB_CRED, KRB_ERROR, TGS_REP, TGS_REQ, TICKET, VERSION

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods inherited from Element

attr_accessor, attributes, #attributes, decode, #initialize

Constructor Details

This class inherits a constructor from Rex::Proto::Kerberos::Model::Element

Instance Attribute Details

#auth_packageString

authenticate the user.

Returns:

  • (String)

    The authentication mechanism used to



25
26
27
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 25

def auth_package
  @auth_package
end

#cksumRex::Proto::Kerberos::Model::Checksum

user_name, user_realm, and auth_package.

Returns:



21
22
23
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 21

def cksum
  @cksum
end

#user_nameRex::Proto::Kerberos::Model::PrincipalName

part of the user’s principal identifier



14
15
16
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 14

def user_name
  @user_name
end

#user_realmString

Returns The realm part of the user’s principal identifier.

Returns:

  • (String)

    The realm part of the user’s principal identifier



17
18
19
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 17

def user_realm
  @user_realm
end

Instance Method Details

#decode(input) ⇒ self

Decodes the Rex::Proto::Kerberos::Model::PreAuthForUser from an input

Parameters:

  • input (String, OpenSSL::ASN1::ASN1Data)

    the input to decode from

Returns:

  • (self)

    if decoding succeeds

Raises:



32
33
34
35
36
37
38
39
40
41
42
43
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 32

def decode(input)
  case input
  when String
    decode_string(input)
  when OpenSSL::ASN1::ASN1Data
    decode_asn1(input)
  else
    raise ::Rex::Proto::Kerberos::Model::Error::KerberosDecodingError, 'Failed to decode PreAuthForUser, invalid input'
  end

  self
end

#decode_asn1(input) ⇒ Object

Decodes a Rex::Proto::Kerberos::Model::PreAuthForUser from an OpenSSL::ASN1::Sequence

Parameters:

  • input (OpenSSL::ASN1::Sequence)

    the input to decode from

Raises:



105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 105

def decode_asn1(input)
  seq_values = input.value

  seq_values.each do |val|
    case val.tag
    when 0
      self.user_name = decode_user_name(val)
    when 1
      self.user_realm = decode_user_realm(val)
    when 2
      self.cksum = decode_cksum(val)
    when 3
      self.auth_package = decode_auth_package(val)
    else
      raise ::Rex::Proto::Kerberos::Model::Error::KerberosDecodingError, 'Failed to decode KdcRequestBody SEQUENCE'
    end
  end
end

#decode_auth_package(input) ⇒ String

Decodes the auth_package field

Parameters:

  • input (OpenSSL::ASN1::ASN1Data)

    the input to decode from

Returns:

  • (String)


152
153
154
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 152

def decode_auth_package(input)
  input.value[0].value
end

#decode_cksum(input) ⇒ Rex::Proto::Kerberos::Model::PrincipalName

Decodes the cksum field

Parameters:

  • input (OpenSSL::ASN1::ASN1Data)

    the input to decode from

Returns:



144
145
146
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 144

def decode_cksum(input)
  Rex::Proto::Kerberos::Model::Checksum.decode(input.value[0])
end

#decode_string(input) ⇒ Object

Decodes a Rex::Proto::Kerberos::Model::PreAuthForUser from an String

Parameters:

  • input (String)

    the input to decode from

Raises:



92
93
94
95
96
97
98
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 92

def decode_string(input)
  asn1 = OpenSSL::ASN1.decode(input)

  decode_asn1(asn1)
rescue OpenSSL::ASN1::ASN1Error
  raise Rex::Proto::Kerberos::Model::Error::KerberosDecodingError
end

#decode_user_name(input) ⇒ Rex::Proto::Kerberos::Model::PrincipalName

Decodes the user_name field

Parameters:

  • input (OpenSSL::ASN1::ASN1Data)

    the input to decode from

Returns:



128
129
130
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 128

def decode_user_name(input)
  Rex::Proto::Kerberos::Model::PrincipalName.decode(input.value[0])
end

#decode_user_realm(input) ⇒ String

Decodes the user_realm field

Parameters:

  • input (OpenSSL::ASN1::ASN1Data)

    the input to decode from

Returns:

  • (String)


136
137
138
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 136

def decode_user_realm(input)
  input.value[0].value
end

#encodeString

Encodes the Rex::Proto::Kerberos::Model::PreAuthForUser into an ASN.1 String

Returns:

  • (String)


48
49
50
51
52
53
54
55
56
57
58
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 48

def encode
  elems = []
  elems << OpenSSL::ASN1::ASN1Data.new([encode_user_name], 0, :CONTEXT_SPECIFIC)
  elems << OpenSSL::ASN1::ASN1Data.new([encode_user_realm], 1, :CONTEXT_SPECIFIC)
  elems << OpenSSL::ASN1::ASN1Data.new([encode_cksum], 2, :CONTEXT_SPECIFIC)
  elems << OpenSSL::ASN1::ASN1Data.new([encode_auth_package], 3, :CONTEXT_SPECIFIC)

  seq = OpenSSL::ASN1::Sequence.new(elems)

  seq.to_der
end

#encode_auth_packageOpenSSL::ASN1::GeneralString

Encodes the auth_package attribute

Returns:

  • (OpenSSL::ASN1::GeneralString)


84
85
86
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 84

def encode_auth_package
  OpenSSL::ASN1::GeneralString.new(auth_package)
end

#encode_cksumString

Encodes the cksum attribute

Returns:

  • (String)


77
78
79
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 77

def encode_cksum
  cksum.encode
end

#encode_user_nameString

Encodes the user_name attribute

Returns:

  • (String)


63
64
65
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 63

def encode_user_name
  user_name.encode
end

#encode_user_realmOpenSSL::ASN1::GeneralString

Encodes the user_realm attribute

Returns:

  • (OpenSSL::ASN1::GeneralString)


70
71
72
# File 'lib/rex/proto/kerberos/model/pre_auth_for_user.rb', line 70

def encode_user_realm
  OpenSSL::ASN1::GeneralString.new(user_realm)
end