Class: Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::MSSQL
- Defined in:
- lib/msf/core/exploit/remote/kerberos/service_authenticator/mssql.rb
Overview
This class acts as standalone authenticator for Kerberos
Constant Summary
Constants inherited from Base
Base::GSS_CONFIDENTIAL, Base::GSS_DCE_STYLE, Base::GSS_DELEGATE, Base::GSS_INTEGRITY, Base::GSS_MUTUAL, Base::GSS_REPLAY_DETECT, Base::GSS_SEQUENCE
Constants included from Client
Client::NEG_TOKEN_ACCEPT_COMPLETED, Client::NEG_TOKEN_ACCEPT_INCOMPLETE, Client::NEG_TOKEN_REJECT, Client::NEG_TOKEN_REQUEST_MIC, Client::TOK_ID_KRB_AP_REP, Client::TOK_ID_KRB_AP_REQ, Client::TOK_ID_KRB_ERROR
Constants included from Client::ApRequest
Client::ApRequest::AP_MUTUAL_REQUIRED, Client::ApRequest::AP_USE_SESSION_KEY
Instance Attribute Summary collapse
-
#mssql_port ⇒ Object
readonly
Returns the value of attribute mssql_port.
Attributes inherited from Base
#dce_style, #framework, #framework_module, #host, #hostname, #key, #mechanism, #mutual_auth, #offered_etypes, #password, #pfx, #port, #proxies, #realm, #send_delegated_creds, #ticket_storage, #timeout, #use_gss_checksum, #username
Attributes included from Client
Instance Method Summary collapse
- #build_spn(options = {}) ⇒ Object
-
#initialize(mssql_port: 1433, **kwargs) ⇒ MSSQL
constructor
A new instance of MSSQL.
Methods inherited from Base
#authenticate, #authenticate_via_kdc, #connect, #get_message_encryptor, #parse_gss_init_response, #request_tgs_only, #request_tgt_only, #rhost, #rport, #s4u2proxy, #s4u2self, #u2uself, #validate_response!
Methods included from Rex::Proto::Gss::Asn1
#unwrap_pseudo_asn1, #wrap_pseudo_asn1
Methods included from Auxiliary::Report
#active_db?, #create_cracked_credential, #create_credential, #create_credential_and_login, #create_credential_login, #db, #db_warning_given?, #get_client, #get_host, #inside_workspace_boundary?, #invalidate_login, #mytask, #myworkspace, #myworkspace_id, #report_auth_info, #report_client, #report_exploit, #report_host, #report_loot, #report_note, #report_service, #report_vuln, #report_web_form, #report_web_page, #report_web_site, #report_web_vuln, #store_cred, #store_local, #store_loot
Methods included from Metasploit::Framework::Require
optionally, optionally_active_record_railtie, optionally_include_metasploit_credential_creation, #optionally_include_metasploit_credential_creation, optionally_require_metasploit_db_gem_engines
Methods included from Client
#cleanup, #connect, #disconnect, #framework_module, #peer, #proxies, #rhost, #rport, #select_cipher, #send_request_as, #send_request_tgs, #send_request_tgt, #send_request_tgt_pkinit, #timeout
Methods included from Client::Pkinit
#build_dh, #build_pa_pk_as_req, #calculate_shared_key, #extract_user_and_realm, #k_truncate, #sign_auth_pack
Methods included from Client::Pac
#build_empty_auth_data, #build_pa_pac_request, #build_pac, #build_pac_authorization_data
Methods included from Client::TgsResponse
#decrypt_kdc_tgs_rep_enc_part, #extract_kerb_creds
Methods included from Client::TgsRequest
#build_ap_req, #build_authenticator, #build_enc_auth_data, #build_pa_for_user, #build_subkey, #build_tgs_body_checksum, #build_tgs_request, #build_tgs_request_body
Methods included from Client::AsResponse
#decrypt_kdc_as_rep_enc_part, #extract_logon_time, #extract_session_key, #format_as_rep_to_john_hash
Methods included from Client::AsRequest
#build_as_pa_time_stamp, #build_as_request, #build_as_request_body
Methods included from Client::ApRequest
#build_service_ap_request, #encode_gss_kerberos_ap_request, #encode_gss_spnego_ap_request
Methods included from Client::Base
#build_client_name, #build_server_name
Constructor Details
#initialize(mssql_port: 1433, **kwargs) ⇒ MSSQL
Returns a new instance of MSSQL.
11 12 13 14 15 16 17 |
# File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/mssql.rb', line 11 def initialize( mssql_port: 1433, **kwargs ) @mssql_port = mssql_port super(**kwargs) end |
Instance Attribute Details
#mssql_port ⇒ Object (readonly)
Returns the value of attribute mssql_port.
9 10 11 |
# File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/mssql.rb', line 9 def mssql_port @mssql_port end |
Instance Method Details
#build_spn(options = {}) ⇒ Object
19 20 21 22 23 24 25 26 27 |
# File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/mssql.rb', line 19 def build_spn( = {}) Rex::Proto::Kerberos::Model::PrincipalName.new( name_type: Rex::Proto::Kerberos::Model::NameType::NT_SRV_INST, name_string: [ 'MSSQLSvc', "#{.fetch(:hostname) { hostname }}:#{.fetch(:mssql_port, mssql_port)}" ] ) end |