Module: Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Options

Included in:
LDAP, MSSQL, SMB::Client::Authenticated, WinRM, Rex::Proto::MSSQL::Client
Defined in:
lib/msf/core/exploit/remote/kerberos/service_authenticator/options.rb

Overview

This class stores Metasploit option configuration used across service authentication

Instance Method Summary collapse

Instance Method Details

#kerberos_auth_options(protocol:, auth_methods:) ⇒ Object

Create the list of options that a module must provide for Kerberos authentication via the given protocol This method exists for ensuring consistency across service authentication modules

Parameters:

  • protocol (String)

    The service protocol type, i.e. smb/ldap/winrm/mssql

  • auth_methods (Array<String>)

    The allowed auth methods

See Also:

  • Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Options::Msf::Exploit::Remote::AuthOption
[View source]

13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/options.rb', line 13

def kerberos_auth_options(protocol:, auth_methods:)
  option_conditions = ["#{protocol}::Auth", '==', 'kerberos']

  etype_regex = "(#{Msf::Exploit::Remote::AuthOption::KERBEROS_DEFAULT_OFFERED_ENC_TYPES.map { |v| Regexp.escape(v) }.join('|')})"
  offered_enc_types_option = Msf::OptString.new(
    "#{protocol}::KrbOfferedEncryptionTypes",
    [
      true,
      'Kerberos encryption types to offer',
      Msf::Exploit::Remote::AuthOption::KERBEROS_DEFAULT_OFFERED_ENC_TYPES.join(',')
    ],
    regex: Regexp.new("(#{etype_regex},)*#{etype_regex}", Regexp::IGNORECASE),
    conditions: option_conditions
  )

  auth_options = [
    Msf::OptEnum.new(
      "#{protocol}::Auth",
      [true, 'The Authentication mechanism to use', Msf::Exploit::Remote::AuthOption::AUTO, auth_methods],
    ),
    Msf::OptString.new(
      "#{protocol}::Rhostname",
      [false, 'The rhostname which is required for kerberos - the SPN'],
      fallbacks: ['Rhostname'],
      conditions: option_conditions
    ),
    Msf::OptAddress.new(
      'DomainControllerRhost',
      [false, 'The resolvable rhost for the Domain Controller'],
      conditions: option_conditions
    ),
    Msf::OptPath.new(
      "#{protocol}::Krb5Ccname",
      [false, 'The ccache file to use for kerberos authentication', nil],
      conditions: option_conditions
    )
  ]

  [
    *auth_options,
    offered_enc_types_option
  ]
end