Exception: Rex::Proto::Kerberos::Model::Error::KerberosError

Inherits:

StandardError

Object
StandardError
Rex::Proto::Kerberos::Model::Error::KerberosError

show all

Defined in:: lib/rex/proto/kerberos/model/error.rb

Overview

Runtime Error which can be raised by the Rex::Proto::Kerberos API

Direct Known Subclasses

KerberosDecodingError, KerberosEncryptionNotSupported

Instance Attribute Summary collapse

#error_code ⇒ Rex::Proto::Kerberos::Model::Error::ErrorCode readonly

A ErrorCode generated from a KDC.
#res ⇒ Rex::Proto::Kerberos::Model::KdcResponse, Rex::Proto::Kerberos::Model::EncKdcResponse readonly

The response associated with this error.

Instance Method Summary collapse

#initialize(message = nil, error_code: nil, res: nil) ⇒ KerberosError constructor

A new instance of KerberosError.
#message_for(error_code) ⇒ Object

Constructor Details

#initialize(message = nil, error_code: nil, res: nil) ⇒ `KerberosError`

Returns a new instance of KerberosError.

# File 'lib/rex/proto/kerberos/model/error.rb', line 159

def initialize(message = nil, error_code: nil, res: nil)
  error_code ||= res&.error_code
  @error_code = error_code
  @res = res

  super(message || message_for(error_code))
end

Instance Attribute Details

#error_code ⇒ `Rex::Proto::Kerberos::Model::Error::ErrorCode` (readonly)

Returns A ErrorCode generated from a KDC.

Returns:

(Rex::Proto::Kerberos::Model::Error::ErrorCode) —

A ErrorCode generated from a KDC



154
155
156

# File 'lib/rex/proto/kerberos/model/error.rb', line 154

def error_code
  @error_code
end

#res ⇒ `Rex::Proto::Kerberos::Model::KdcResponse`, `Rex::Proto::Kerberos::Model::EncKdcResponse` (readonly)

Returns The response associated with this error.

Returns:

(Rex::Proto::Kerberos::Model::KdcResponse, Rex::Proto::Kerberos::Model::EncKdcResponse) —

The response associated with this error



157
158
159

# File 'lib/rex/proto/kerberos/model/error.rb', line 157

def res
  @res
end

Instance Method Details

#message_for(error_code) ⇒ `Object`

# File 'lib/rex/proto/kerberos/model/error.rb', line 167

def message_for(error_code)
  return "Kerberos Error" unless error_code

  if error_code == ErrorCodes::KRB_AP_ERR_SKEW && res&.respond_to?(:stime)
    now = Time.now
    skew = (res.stime - now).abs.to_i
    return "#{error_code}. Local time: #{now}, Server time: #{res.stime}, off by #{skew} seconds"
  elsif error_code == ErrorCodes::KDC_ERR_CLIENT_REVOKED && res&.respond_to?(:e_data) && res.e_data.present?
    begin
      pa_datas = res.e_data_as_pa_data
    rescue OpenSSL::ASN1::ASN1Error
    else
      pa_data_entry = pa_datas.find do |pa_data|
        pa_data.type == Rex::Proto::Kerberos::Model::PreAuthType::KERB_SUPERSEDED_BY_USER
      end

      if pa_data_entry
        error_code = "#{error_code}. This account has been superseded by #{pa_data_entry.decoded_value}."
      end
    end
  end

  "Kerberos Error - #{error_code}"
end