Module: Msf::Exploit::Remote::Kerberos::Ticket::Storage

Included in:
LDAP, MSSQL, SMB::Client::Authenticated, WinRM, Rex::Proto::MSSQL::Client
Defined in:
lib/msf/core/exploit/remote/kerberos/ticket/storage.rb,
lib/msf/core/exploit/remote/kerberos/ticket/storage/base.rb,
lib/msf/core/exploit/remote/kerberos/ticket/storage/none.rb,
lib/msf/core/exploit/remote/kerberos/ticket/storage/read_only.rb,
lib/msf/core/exploit/remote/kerberos/ticket/storage/read_mixin.rb,
lib/msf/core/exploit/remote/kerberos/ticket/storage/read_write.rb,
lib/msf/core/exploit/remote/kerberos/ticket/storage/write_only.rb,
lib/msf/core/exploit/remote/kerberos/ticket/storage/write_mixin.rb,
lib/msf/core/exploit/remote/kerberos/ticket/storage/stored_ticket.rb
more...

Defined Under Namespace

Modules: ReadMixin, WriteMixin Classes: Base, None, ReadOnly, ReadWrite, StoredTicket, WriteOnly

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.store_ccache(ccache, options = {}) ⇒ Object

Storage a credential cache object.

Parameters:

  • options (Hash) (defaults to: {})

    See the options description in Base#tickets.

Options Hash (options):

  • The (Msf::Module)

    framework module associated with the store operation.

[View source]

9
10
11
12
# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage.rb', line 9

def self.store_ccache(ccache, options = {})
  driver = WriteOnly.new(framework_module: options[:framework_module])
  driver.store_ccache(ccache, options)
end

Instance Method Details

#initialize(info = {}) ⇒ Object

[View source]

14
15
16
# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage.rb', line 14

def initialize(info = {})
  super
end

#kerberos_storage_options(protocol:) ⇒ Array<Msf::OptEnum>

Parameters:

  • protocol (String)

    The service protocol type, i.e. smb/ldap/winrm/mssql

Returns:

[View source]

20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage.rb', line 20

def kerberos_storage_options(protocol:)
  option_conditions = ["#{protocol}::Auth", '==', 'kerberos']
  [
    Msf::OptEnum.new(
      'KrbCacheMode',
      [
        true,
        'Kerberos ticket cache storage mode',
        'read-write',
        %w[none read-only write-only read-write]
      ],
      conditions: option_conditions
    )
  ]
end

#kerberos_ticket_storage(options = {}) ⇒ Object

Build a ticket storage object based on either the specified options or the datastore if no options are defined.

Parameters:

  • options (Hash) (defaults to: {})

    Options used to select the ticket storage driver backend. If this option is present, it overrides the datastore configuration. All options it contains default to true, meaning it should only be necessary to specify the operations (e.g. read) that should be disabled.

Options Hash (options):

  • read (Boolean)

    Whether or not the storage mechanism should support reading

  • write (Boolean)

    Whether or not the storage mechanism should support writing

[View source]

43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# File 'lib/msf/core/exploit/remote/kerberos/ticket/storage.rb', line 43

def kerberos_ticket_storage(options = {})
  if options.present?
    case [options.fetch(:read, true), options.fetch(:write, true)]
    when [false, false]
      mode = 'none'
    when [false, true]
      mode = 'write-only'
    when [true, false]
      mode = 'read-only'
    when [true, true]
      mode = 'read-write'
    end
  else
    mode = datastore['KrbCacheMode']
  end

  case mode
  when 'none'
    None.new(framework_module: self)
  when 'read-only'
    ReadOnly.new(framework_module: self)
  when 'write-only'
    WriteOnly.new(framework_module: self)
  when 'read-write'
    ReadWrite.new(framework_module: self)
  end
end