Module: Msf::Exploit::Remote::Kerberos::Client::Pac
- Included in:
- Msf::Exploit::Remote::Kerberos::Client
- Defined in:
- lib/msf/core/exploit/remote/kerberos/client/pac.rb
Instance Method Summary collapse
-
#build_pa_pac_request(opts = {}) ⇒ Rex::Proto::Kerberos::Model::Field::PreAuthData
Builds a kerberos PA-PAC-REQUEST pre authenticated structure.
-
#build_pac(opts = {}) ⇒ Rex::Proto::Kerberos::Pac::Type
Builds a kerberos PACTYPE structure.
-
#build_pac_authorization_data(opts = {}) ⇒ Rex::Proto::Kerberos::Model::AuthorizationData
Builds an kerberos AuthorizationData structure containing a PACTYPE.
Instance Method Details
#build_pa_pac_request(opts = {}) ⇒ Rex::Proto::Kerberos::Model::Field::PreAuthData
Builds a kerberos PA-PAC-REQUEST pre authenticated structure
17 18 19 20 21 22 23 24 25 26 |
# File 'lib/msf/core/exploit/remote/kerberos/client/pac.rb', line 17 def build_pa_pac_request(opts = {}) value = opts[:pac_request_value] || false pac_request = Rex::Proto::Kerberos::Model::PreAuthPacRequest.new(value: value) pa_pac_request = Rex::Proto::Kerberos::Model::PreAuthData.new( type: Rex::Proto::Kerberos::Model::PA_PAC_REQUEST, value: pac_request.encode ) pa_pac_request end |
#build_pac(opts = {}) ⇒ Rex::Proto::Kerberos::Pac::Type
Builds a kerberos PACTYPE structure
44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 |
# File 'lib/msf/core/exploit/remote/kerberos/client/pac.rb', line 44 def build_pac(opts = {}) user_name = opts[:client_name] || '' user_id = opts[:user_id] || Rex::Proto::Kerberos::Pac::DEFAULT_USER_SID primary_group_id = opts[:group_id] || Rex::Proto::Kerberos::Pac::DOMAIN_USERS group_ids = opts[:group_ids] || [Rex::Proto::Kerberos::Pac::DOMAIN_USERS] domain_name = opts[:realm] || '' domain_id = opts[:domain_id] || Rex::Proto::Kerberos::Pac::NT_AUTHORITY_SID logon_time = opts[:logon_time] || Time.now checksum_type = opts[:checksum_type] || Rex::Proto::Kerberos::Crypto::RSA_MD5 logon_info = Rex::Proto::Kerberos::Pac::LogonInfo.new( logon_time: logon_time, effective_name: user_name, user_id: user_id, primary_group_id: primary_group_id, group_ids: group_ids, logon_domain_name: domain_name, logon_domain_id: domain_id, ) client_info = Rex::Proto::Kerberos::Pac::ClientInfo.new( client_id: logon_time, name: user_name ) server_checksum = Rex::Proto::Kerberos::Pac::ServerChecksum.new( checksum: checksum_type ) priv_srv_checksum = Rex::Proto::Kerberos::Pac::PrivSvrChecksum.new( checksum: checksum_type ) pac_type = Rex::Proto::Kerberos::Pac::Type.new( buffers: [ logon_info, client_info, server_checksum, priv_srv_checksum ], checksum: checksum_type ) pac_type end |
#build_pac_authorization_data(opts = {}) ⇒ Rex::Proto::Kerberos::Model::AuthorizationData
Builds an kerberos AuthorizationData structure containing a PACTYPE
96 97 98 99 100 101 102 103 104 105 106 107 |
# File 'lib/msf/core/exploit/remote/kerberos/client/pac.rb', line 96 def (opts = {}) pac = opts[:pac] || build_pac(opts) pac_auth_data = Rex::Proto::Kerberos::Model::AuthorizationData.new( elements: [{:type => Rex::Proto::Kerberos::Pac::AD_WIN2K_PAC, :data => pac.encode}] ) = Rex::Proto::Kerberos::Model::AuthorizationData.new( elements: [{:type => Rex::Proto::Kerberos::Model::AD_IF_RELEVANT, :data => pac_auth_data.encode}] ) end |