adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/api/Msf/Exploit/Remote/Kerberos/Client.html
T
jenkins-metasploit c3f5bd3de2 Reboot gh-pages
2026-05-08 17:08:43 +00:00

2828 lines
143 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Module: Msf::Exploit::Remote::Kerberos::Client
&mdash; Documentation by YARD 0.9.37
</title>
<link rel="stylesheet" href="../../../../css/style.css" type="text/css" />
<link rel="stylesheet" href="../../../../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "Msf::Exploit::Remote::Kerberos::Client";
relpath = '../../../../';
</script>
<script type="text/javascript" charset="utf-8" src="../../../../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../../../../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../../../../class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../../../../_index.html">Index (C)</a> &raquo;
<span class='title'><span class='object_link'><a href="../../../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Kerberos.html" title="Msf::Exploit::Remote::Kerberos (module)">Kerberos</a></span></span>
&raquo;
<span class="title">Client</span>
</div>
<div id="search">
<a class="full_list_link" id="class_list_link"
href="../../../../class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Module: Msf::Exploit::Remote::Kerberos::Client
</h1>
<div class="box_info">
<dl>
<dt>Includes:</dt>
<dd><span class='object_link'><a href="Client/ApRequest.html" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest (module)">ApRequest</a></span>, <span class='object_link'><a href="Client/AsRequest.html" title="Msf::Exploit::Remote::Kerberos::Client::AsRequest (module)">AsRequest</a></span>, <span class='object_link'><a href="Client/AsResponse.html" title="Msf::Exploit::Remote::Kerberos::Client::AsResponse (module)">AsResponse</a></span>, <span class='object_link'><a href="Client/Base.html" title="Msf::Exploit::Remote::Kerberos::Client::Base (module)">Base</a></span>, <span class='object_link'><a href="Client/Pac.html" title="Msf::Exploit::Remote::Kerberos::Client::Pac (module)">Pac</a></span>, <span class='object_link'><a href="Client/Pkinit.html" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit (module)">Pkinit</a></span>, <span class='object_link'><a href="Client/TgsRequest.html" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest (module)">TgsRequest</a></span>, <span class='object_link'><a href="Client/TgsResponse.html" title="Msf::Exploit::Remote::Kerberos::Client::TgsResponse (module)">TgsResponse</a></span></dd>
</dl>
<dl>
<dt>Included in:</dt>
<dd><span class='object_link'><a href="../../../../Metasploit/Framework/LoginScanner/Kerberos.html" title="Metasploit::Framework::LoginScanner::Kerberos (class)">Metasploit::Framework::LoginScanner::Kerberos</a></span>, <span class='object_link'><a href="AuthBrute.html" title="Msf::Exploit::Remote::Kerberos::AuthBrute (module)">AuthBrute</a></span>, <span class='object_link'><a href="ServiceAuthenticator/Base.html" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Base (class)">ServiceAuthenticator::Base</a></span></dd>
</dl>
<dl>
<dt>Defined in:</dt>
<dd>lib/msf/core/exploit/remote/kerberos/client.rb<span class="defines">,<br />
lib/msf/core/exploit/remote/kerberos/client/pac.rb,<br /> lib/msf/core/exploit/remote/kerberos/client/base.rb,<br /> lib/msf/core/exploit/remote/kerberos/client/pkinit.rb,<br /> lib/msf/core/exploit/remote/kerberos/client/ap_request.rb,<br /> lib/msf/core/exploit/remote/kerberos/client/as_request.rb,<br /> lib/msf/core/exploit/remote/kerberos/client/as_response.rb,<br /> lib/msf/core/exploit/remote/kerberos/client/tgs_request.rb,<br /> lib/msf/core/exploit/remote/kerberos/client/tgs_response.rb</span>
</dd>
</dl>
</div>
<h2>Overview</h2><div class="docstring">
<div class="discussion">
<p>Kerberos client helpers shared across mixins.</p>
</div>
</div>
<div class="tags">
</div><h2>Defined Under Namespace</h2>
<p class="children">
<strong class="modules">Modules:</strong> <span class='object_link'><a href="Client/ApRequest.html" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest (module)">ApRequest</a></span>, <span class='object_link'><a href="Client/AsRequest.html" title="Msf::Exploit::Remote::Kerberos::Client::AsRequest (module)">AsRequest</a></span>, <span class='object_link'><a href="Client/AsResponse.html" title="Msf::Exploit::Remote::Kerberos::Client::AsResponse (module)">AsResponse</a></span>, <span class='object_link'><a href="Client/Base.html" title="Msf::Exploit::Remote::Kerberos::Client::Base (module)">Base</a></span>, <span class='object_link'><a href="Client/Pac.html" title="Msf::Exploit::Remote::Kerberos::Client::Pac (module)">Pac</a></span>, <span class='object_link'><a href="Client/Pkinit.html" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit (module)">Pkinit</a></span>, <span class='object_link'><a href="Client/TgsRequest.html" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest (module)">TgsRequest</a></span>, <span class='object_link'><a href="Client/TgsResponse.html" title="Msf::Exploit::Remote::Kerberos::Client::TgsResponse (module)">TgsResponse</a></span>
</p>
<h2>
Constant Summary
<small><a href="#" class="constants_summary_toggle">collapse</a></small>
</h2>
<dl class="constants">
<dt id="TOK_ID_KRB_AP_REQ-constant" class="">TOK_ID_KRB_AP_REQ =
<div class="docstring">
<div class="discussion">
<p><a href="https://datatracker.ietf.org/doc/html/rfc4121#section-4.1">datatracker.ietf.org/doc/html/rfc4121#section-4.1</a></p>
</div>
</div>
<div class="tags">
</div>
</dt>
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>\x01\x00</span><span class='tstring_end'>&quot;</span></span></pre></dd>
<dt id="TOK_ID_KRB_AP_REP-constant" class="">TOK_ID_KRB_AP_REP =
</dt>
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>\x02\x00</span><span class='tstring_end'>&quot;</span></span></pre></dd>
<dt id="TOK_ID_KRB_ERROR-constant" class="">TOK_ID_KRB_ERROR =
</dt>
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>\x03\x00</span><span class='tstring_end'>&quot;</span></span></pre></dd>
<dt id="NEG_TOKEN_ACCEPT_COMPLETED-constant" class="">NEG_TOKEN_ACCEPT_COMPLETED =
<div class="docstring">
<div class="discussion">
<p><a href="https://datatracker.ietf.org/doc/html/rfc4178#section-4.2.2">datatracker.ietf.org/doc/html/rfc4178#section-4.2.2</a></p>
</div>
</div>
<div class="tags">
</div>
</dt>
<dd><pre class="code"><span class='int'>0</span></pre></dd>
<dt id="NEG_TOKEN_ACCEPT_INCOMPLETE-constant" class="">NEG_TOKEN_ACCEPT_INCOMPLETE =
</dt>
<dd><pre class="code"><span class='int'>1</span></pre></dd>
<dt id="NEG_TOKEN_REJECT-constant" class="">NEG_TOKEN_REJECT =
</dt>
<dd><pre class="code"><span class='int'>2</span></pre></dd>
<dt id="NEG_TOKEN_REQUEST_MIC-constant" class="">NEG_TOKEN_REQUEST_MIC =
</dt>
<dd><pre class="code"><span class='int'>3</span></pre></dd>
</dl>
<h3 class="inherited">Constants included
from <span class='object_link'><a href="Client/ApRequest.html" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest (module)">ApRequest</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Client/ApRequest.html#AP_MUTUAL_REQUIRED-constant" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest::AP_MUTUAL_REQUIRED (constant)">ApRequest::AP_MUTUAL_REQUIRED</a></span>, <span class='object_link'><a href="Client/ApRequest.html#AP_USE_SESSION_KEY-constant" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest::AP_USE_SESSION_KEY (constant)">ApRequest::AP_USE_SESSION_KEY</a></span></p>
<h2>Instance Attribute Summary <small><a href="#" class="summary_toggle">collapse</a></small></h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#client-instance_method" title="#client (instance method)">#<strong>client</strong> &#x21d2; Rex::Proto::Kerberos::Client </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>The kerberos client.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#kerberos_client-instance_method" title="#kerberos_client (instance method)">#<strong>kerberos_client</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute kerberos_client.</p>
</div></span>
</li>
</ul>
<h2>
Instance Method Summary
<small><a href="#" class="summary_toggle">collapse</a></small>
</h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#cleanup-instance_method" title="#cleanup (instance method)">#<strong>cleanup</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Performs cleanup as necessary, disconnecting the Kerberos client if its still established.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#connect-instance_method" title="#connect (instance method)">#<strong>connect</strong>(opts = {}) &#x21d2; Rex::Proto::Kerberos::Client </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Creates a kerberos connection.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#disconnect-instance_method" title="#disconnect (instance method)">#<strong>disconnect</strong>(kerb_client = kerberos_client) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Disconnects the Kerberos client.</p>
</div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#framework_module-instance_method" title="#framework_module (instance method)">#<strong>framework_module</strong> &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#initialize-instance_method" title="#initialize (instance method)">#<strong>initialize</strong>(info = {}) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#kerberos_clock_skew-instance_method" title="#kerberos_clock_skew (instance method)">#<strong>kerberos_clock_skew</strong> &#x21d2; Float </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the configured Kerberos clock skew in seconds.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#kerberos_clock_skew=-instance_method" title="#kerberos_clock_skew= (instance method)">#<strong>kerberos_clock_skew=</strong>(value) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Sets the Kerberos clock skew.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#kerberos_time-instance_method" title="#kerberos_time (instance method)">#<strong>kerberos_time</strong>(base_time = Time.now.utc) &#x21d2; Time </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the current time adjusted for Kerberos clock skew in UTC.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#kerberos_time_local-instance_method" title="#kerberos_time_local (instance method)">#<strong>kerberos_time_local</strong>(base_time = Time.now) &#x21d2; Time </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the current time adjusted for Kerberos clock skew in the local timezone.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#peer-instance_method" title="#peer (instance method)">#<strong>peer</strong> &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the kdc peer.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#proxies-instance_method" title="#proxies (instance method)">#<strong>proxies</strong> &#x21d2; String<sup>?</sup> </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the configured proxy list.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#rhost-instance_method" title="#rhost (instance method)">#<strong>rhost</strong> &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the target host.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#rport-instance_method" title="#rport (instance method)">#<strong>rport</strong> &#x21d2; Integer </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the remote port.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#select_cipher-instance_method" title="#select_cipher (instance method)">#<strong>select_cipher</strong>(client_etypes, server_etypeinfos_entries) &#x21d2; Rex::Proto::Kerberos::Model::EtypeInfo </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Select a cipher that both the server and client support, preferencing ours in order.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#send_request_as-instance_method" title="#send_request_as (instance method)">#<strong>send_request_as</strong>(opts = {}) &#x21d2; Rex::Proto::Kerberos::Model::KdcResponse </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Sends a kerberos AS request and reads the response.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#send_request_tgs-instance_method" title="#send_request_tgs (instance method)">#<strong>send_request_tgs</strong>(opts = {}) &#x21d2; Rex::Proto::Kerberos::Model::KdcResponse </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Sends a kerberos TGS request and reads the response.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#send_request_tgt-instance_method" title="#send_request_tgt (instance method)">#<strong>send_request_tgt</strong>(options = {}) &#x21d2; Msf::Exploit::Remote::Kerberos::Model::TgtResponse </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Sends the required kerberos AS requests for a kerberos Ticket Granting Ticket.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#send_request_tgt_pkinit-instance_method" title="#send_request_tgt_pkinit (instance method)">#<strong>send_request_tgt_pkinit</strong>(options = {}) &#x21d2; Msf::Exploit::Remote::Kerberos::Model::TgtResponse </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Send a TGT request using PKINIT (certificate) authentication.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#timeout-instance_method" title="#timeout (instance method)">#<strong>timeout</strong> &#x21d2; Integer </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the TCP timeout.</p>
</div></span>
</li>
</ul>
<h3 class="inherited">Methods included from <span class='object_link'><a href="Client/Pkinit.html" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit (module)">Pkinit</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Client/Pkinit.html#build_dh-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit#build_dh (method)">#build_dh</a></span>, <span class='object_link'><a href="Client/Pkinit.html#build_pa_pk_as_req-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit#build_pa_pk_as_req (method)">#build_pa_pk_as_req</a></span>, <span class='object_link'><a href="Client/Pkinit.html#calculate_shared_key-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit#calculate_shared_key (method)">#calculate_shared_key</a></span>, <span class='object_link'><a href="Client/Pkinit.html#extract_user_and_realm-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit#extract_user_and_realm (method)">#extract_user_and_realm</a></span>, <span class='object_link'><a href="Client/Pkinit.html#k_truncate-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit#k_truncate (method)">#k_truncate</a></span>, <span class='object_link'><a href="Client/Pkinit.html#sign_auth_pack-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit#sign_auth_pack (method)">#sign_auth_pack</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="Client/Pac.html" title="Msf::Exploit::Remote::Kerberos::Client::Pac (module)">Pac</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Client/Pac.html#build_empty_auth_data-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pac#build_empty_auth_data (method)">#build_empty_auth_data</a></span>, <span class='object_link'><a href="Client/Pac.html#build_pa_pac_request-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pac#build_pa_pac_request (method)">#build_pa_pac_request</a></span>, <span class='object_link'><a href="Client/Pac.html#build_pac-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pac#build_pac (method)">#build_pac</a></span>, <span class='object_link'><a href="Client/Pac.html#build_pac_authorization_data-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pac#build_pac_authorization_data (method)">#build_pac_authorization_data</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="Client/TgsResponse.html" title="Msf::Exploit::Remote::Kerberos::Client::TgsResponse (module)">TgsResponse</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Client/TgsResponse.html#decrypt_kdc_tgs_rep_enc_part-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsResponse#decrypt_kdc_tgs_rep_enc_part (method)">#decrypt_kdc_tgs_rep_enc_part</a></span>, <span class='object_link'><a href="Client/TgsResponse.html#extract_kerb_creds-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsResponse#extract_kerb_creds (method)">#extract_kerb_creds</a></span>, <span class='object_link'><a href="Client/TgsResponse.html#format_tgs_rep_to_john_hash-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsResponse#format_tgs_rep_to_john_hash (method)">#format_tgs_rep_to_john_hash</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="Client/TgsRequest.html" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest (module)">TgsRequest</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Client/TgsRequest.html#build_ap_req-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_ap_req (method)">#build_ap_req</a></span>, <span class='object_link'><a href="Client/TgsRequest.html#build_authenticator-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_authenticator (method)">#build_authenticator</a></span>, <span class='object_link'><a href="Client/TgsRequest.html#build_enc_auth_data-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_enc_auth_data (method)">#build_enc_auth_data</a></span>, <span class='object_link'><a href="Client/TgsRequest.html#build_pa_for_user-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_pa_for_user (method)">#build_pa_for_user</a></span>, <span class='object_link'><a href="Client/TgsRequest.html#build_subkey-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_subkey (method)">#build_subkey</a></span>, <span class='object_link'><a href="Client/TgsRequest.html#build_tgs_body_checksum-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_tgs_body_checksum (method)">#build_tgs_body_checksum</a></span>, <span class='object_link'><a href="Client/TgsRequest.html#build_tgs_request-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_tgs_request (method)">#build_tgs_request</a></span>, <span class='object_link'><a href="Client/TgsRequest.html#build_tgs_request_body-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_tgs_request_body (method)">#build_tgs_request_body</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="Client/AsResponse.html" title="Msf::Exploit::Remote::Kerberos::Client::AsResponse (module)">AsResponse</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Client/AsResponse.html#decrypt_kdc_as_rep_enc_part-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::AsResponse#decrypt_kdc_as_rep_enc_part (method)">#decrypt_kdc_as_rep_enc_part</a></span>, <span class='object_link'><a href="Client/AsResponse.html#extract_logon_time-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::AsResponse#extract_logon_time (method)">#extract_logon_time</a></span>, <span class='object_link'><a href="Client/AsResponse.html#extract_session_key-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::AsResponse#extract_session_key (method)">#extract_session_key</a></span>, <span class='object_link'><a href="Client/AsResponse.html#format_as_rep_to_john_hash-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::AsResponse#format_as_rep_to_john_hash (method)">#format_as_rep_to_john_hash</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="Client/AsRequest.html" title="Msf::Exploit::Remote::Kerberos::Client::AsRequest (module)">AsRequest</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Client/AsRequest.html#build_as_pa_time_stamp-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::AsRequest#build_as_pa_time_stamp (method)">#build_as_pa_time_stamp</a></span>, <span class='object_link'><a href="Client/AsRequest.html#build_as_request-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::AsRequest#build_as_request (method)">#build_as_request</a></span>, <span class='object_link'><a href="Client/AsRequest.html#build_as_request_body-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::AsRequest#build_as_request_body (method)">#build_as_request_body</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="Client/ApRequest.html" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest (module)">ApRequest</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Client/ApRequest.html#build_service_ap_request-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest#build_service_ap_request (method)">#build_service_ap_request</a></span>, <span class='object_link'><a href="Client/ApRequest.html#encode_gss_kerberos_ap_request-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest#encode_gss_kerberos_ap_request (method)">#encode_gss_kerberos_ap_request</a></span>, <span class='object_link'><a href="Client/ApRequest.html#encode_gss_spnego_ap_request-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest#encode_gss_spnego_ap_request (method)">#encode_gss_spnego_ap_request</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="Client/Base.html" title="Msf::Exploit::Remote::Kerberos::Client::Base (module)">Base</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Client/Base.html#build_client_name-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Base#build_client_name (method)">#build_client_name</a></span>, <span class='object_link'><a href="Client/Base.html#build_server_name-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Base#build_server_name (method)">#build_server_name</a></span></p>
<div id="instance_attr_details" class="attr_details">
<h2>Instance Attribute Details</h2>
<span id="client=-instance_method"></span>
<div class="method_details first">
<h3 class="signature first" id="client-instance_method">
#<strong>client</strong> &#x21d2; <tt><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Client.html" title="Rex::Proto::Kerberos::Client (class)">Rex::Proto::Kerberos::Client</a></span></tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns The kerberos client.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Client.html" title="Rex::Proto::Kerberos::Client (class)">Rex::Proto::Kerberos::Client</a></span></tt>)</span>
&mdash;
<div class='inline'>
<p>The kerberos client</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
33</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 33</span>
<span class='id identifier rubyid_attr_accessor'>attr_accessor</span> <span class='symbol'>:kerberos_client</span></pre>
</td>
</tr>
</table>
</div>
<span id="kerberos_client=-instance_method"></span>
<div class="method_details ">
<h3 class="signature " id="kerberos_client-instance_method">
#<strong>kerberos_client</strong> &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the value of attribute kerberos_client.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
33
34
35</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 33</span>
<span class='kw'>def</span> <span class='id identifier rubyid_kerberos_client'>kerberos_client</span>
<span class='ivar'>@kerberos_client</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
<div id="instance_method_details" class="method_details_list">
<h2>Instance Method Details</h2>
<div class="method_details first">
<h3 class="signature first" id="cleanup-instance_method">
#<strong>cleanup</strong> &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Performs cleanup as necessary, disconnecting the Kerberos client if its still established.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
168
169
170
171</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 168</span>
<span class='kw'>def</span> <span class='id identifier rubyid_cleanup'>cleanup</span>
<span class='kw'>super</span>
<span class='id identifier rubyid_disconnect'>disconnect</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="connect-instance_method">
#<strong>connect</strong>(opts = {}) &#x21d2; <tt><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Client.html" title="Rex::Proto::Kerberos::Client (class)">Rex::Proto::Kerberos::Client</a></span></tt>
</h3><div class="docstring">
<div class="discussion">
<p>Creates a kerberos connection</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>opts</span>
<span class='type'>(<tt>Hash{Symbol =&gt; &lt;String, Integer&gt;}</tt>)</span>
<em class="default">(defaults to: <tt>{}</tt>)</em>
</li>
</ul>
<p class="tag_title">Options Hash (<tt>opts</tt>):</p>
<ul class="option">
<li>
<span class="name">:rhost</span>
<span class="type">(<tt>String</tt>)</span>
<span class="default">
</span>
</li>
<li>
<span class="name">:rport</span>
<span class="type">(<tt>&lt;String, Integer&gt;</tt>)</span>
<span class="default">
</span>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Client.html" title="Rex::Proto::Kerberos::Client (class)">Rex::Proto::Kerberos::Client</a></span></tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 131</span>
<span class='kw'>def</span> <span class='id identifier rubyid_connect'>connect</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='id identifier rubyid_has_session'>has_session</span> <span class='op'>=</span> <span class='kw'>defined?</span><span class='lparen'>(</span><span class='id identifier rubyid_session'>session</span><span class='rparen'>)</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_session'>session</span>
<span class='id identifier rubyid_remote_host'>remote_host</span> <span class='op'>=</span> <span class='id identifier rubyid_has_session'>has_session</span> <span class='op'>?</span> <span class='id identifier rubyid_session'>session</span><span class='period'>.</span><span class='id identifier rubyid_client'>client</span><span class='period'>.</span><span class='id identifier rubyid_peerhost'>peerhost</span> <span class='op'>:</span> <span class='id identifier rubyid_rhost'>rhost</span>
<span class='comment'># Can&#39;t use session.client.rport as a fallback here with an LDAP session as that&#39;s port 389. We need port 88.
</span> <span class='id identifier rubyid_remote_port'>remote_port</span> <span class='op'>=</span> <span class='id identifier rubyid_has_session'>has_session</span> <span class='op'>?</span> <span class='int'>88</span> <span class='op'>:</span> <span class='id identifier rubyid_rport'>rport</span>
<span class='id identifier rubyid_kerb_client'>kerb_client</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Client.html" title="Rex::Proto::Kerberos::Client (class)">Client</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Client.html#initialize-instance_method" title="Rex::Proto::Kerberos::Client#initialize (method)">new</a></span></span><span class='lparen'>(</span>
<span class='label'>host:</span> <span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:rhost</span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='id identifier rubyid_remote_host'>remote_host</span><span class='comma'>,</span>
<span class='label'>port:</span> <span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:rport</span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='id identifier rubyid_remote_port'>remote_port</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span><span class='comma'>,</span>
<span class='label'>proxies:</span> <span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:proxies</span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='id identifier rubyid_proxies'>proxies</span><span class='comma'>,</span>
<span class='label'>timeout:</span> <span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:timeout</span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='id identifier rubyid_timeout'>timeout</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span><span class='comma'>,</span>
<span class='label'>context:</span> <span class='lbrace'>{</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Msf</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_framework'>framework</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>MsfExploit</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_framework_module'>framework_module</span>
<span class='rbrace'>}</span><span class='comma'>,</span>
<span class='label'>protocol:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>tcp</span><span class='tstring_end'>&#39;</span></span>
<span class='rparen'>)</span>
<span class='id identifier rubyid_disconnect'>disconnect</span> <span class='kw'>if</span> <span class='id identifier rubyid_kerberos_client'>kerberos_client</span>
<span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_kerberos_client'>kerberos_client</span> <span class='op'>=</span> <span class='id identifier rubyid_kerb_client'>kerb_client</span>
<span class='id identifier rubyid_kerb_client'>kerb_client</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="disconnect-instance_method">
#<strong>disconnect</strong>(kerb_client = kerberos_client) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Disconnects the Kerberos client</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>kerb_client</span>
<span class='type'>(<tt><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Client.html" title="Rex::Proto::Kerberos::Client (class)">Rex::Proto::Kerberos::Client</a></span></tt>)</span>
<em class="default">(defaults to: <tt>kerberos_client</tt>)</em>
&mdash;
<div class='inline'>
<p>the client to disconnect</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
158
159
160
161
162
163
164</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 158</span>
<span class='kw'>def</span> <span class='id identifier rubyid_disconnect'>disconnect</span><span class='lparen'>(</span><span class='id identifier rubyid_kerb_client'>kerb_client</span> <span class='op'>=</span> <span class='id identifier rubyid_kerberos_client'>kerberos_client</span><span class='rparen'>)</span>
<span class='id identifier rubyid_kerb_client'>kerb_client</span><span class='period'>.</span><span class='id identifier rubyid_close'>close</span> <span class='kw'>if</span> <span class='id identifier rubyid_kerb_client'>kerb_client</span>
<span class='kw'>if</span> <span class='id identifier rubyid_kerb_client'>kerb_client</span> <span class='op'>==</span> <span class='id identifier rubyid_kerberos_client'>kerberos_client</span>
<span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_kerberos_client'>kerberos_client</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="framework_module-instance_method">
#<strong>framework_module</strong> &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
487
488
489</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 487</span>
<span class='kw'>def</span> <span class='id identifier rubyid_framework_module'>framework_module</span>
<span class='kw'>self</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="initialize-instance_method">
#<strong>initialize</strong>(info = {}) &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 35</span>
<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_info'>info</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='kw'>super</span>
<span class='id identifier rubyid_register_options'>register_options</span><span class='lparen'>(</span>
<span class='lbracket'>[</span>
<span class='const'><span class='object_link'><a href="../../../Opt.html" title="Msf::Opt (module)">Opt</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Opt.html#RHOST-constant" title="Msf::Opt::RHOST (constant)">RHOST</a></span></span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../../Opt.html" title="Msf::Opt (module)">Opt</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Opt.html#RPORT-constant" title="Msf::Opt::RPORT (constant)">RPORT</a></span></span><span class='lparen'>(</span><span class='int'>88</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../../OptInt.html" title="Msf::OptInt (class)">OptInt</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../OptBase.html#initialize-instance_method" title="Msf::OptBase#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Timeout</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>true</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The TCP timeout to establish Kerberos connection and read data</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='int'>10</span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='rbracket'>]</span><span class='comma'>,</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_class'>class</span>
<span class='rparen'>)</span>
<span class='id identifier rubyid_register_advanced_options'>register_advanced_options</span><span class='lparen'>(</span>
<span class='lbracket'>[</span>
<span class='const'><span class='object_link'><a href="../../../OptTimedelta.html" title="Msf::OptTimedelta (class)">OptTimedelta</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../OptTimedelta.html#initialize-instance_method" title="Msf::OptTimedelta#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>KrbClockSkew</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>true</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Adjust Kerberos client clock by this offset (e.g. 90s, -5m, 1h)</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>0s</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='rbracket'>]</span><span class='comma'>,</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_class'>class</span>
<span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="kerberos_clock_skew-instance_method">
#<strong>kerberos_clock_skew</strong> &#x21d2; <tt>Float</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the configured Kerberos clock skew in seconds.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Float</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
77
78
79
80
81
82
83
84
85
86</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 77</span>
<span class='kw'>def</span> <span class='id identifier rubyid_kerberos_clock_skew'>kerberos_clock_skew</span>
<span class='kw'>return</span> <span class='ivar'>@kerberos_clock_skew</span> <span class='kw'>if</span> <span class='id identifier rubyid_instance_variable_defined?'>instance_variable_defined?</span><span class='lparen'>(</span><span class='symbol'>:@kerberos_clock_skew</span><span class='rparen'>)</span> <span class='op'>&amp;&amp;</span> <span class='op'>!</span><span class='ivar'>@kerberos_clock_skew</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
<span class='kw'>if</span> <span class='id identifier rubyid_respond_to?'>respond_to?</span><span class='lparen'>(</span><span class='symbol'>:datastore</span><span class='rparen'>)</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_datastore'>datastore</span>
<span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_kerberos_clock_skew'>kerberos_clock_skew</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>KrbClockSkew</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>else</span>
<span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_kerberos_clock_skew'>kerberos_clock_skew</span> <span class='op'>=</span> <span class='int'>0</span>
<span class='kw'>end</span>
<span class='ivar'>@kerberos_clock_skew</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="kerberos_clock_skew=-instance_method">
#<strong>kerberos_clock_skew=</strong>(value) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Sets the Kerberos clock skew.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>value</span>
<span class='type'>(<tt>String</tt>, <tt>Numeric</tt>, <tt>nil</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
91
92
93</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 91</span>
<span class='kw'>def</span> <span class='id identifier rubyid_kerberos_clock_skew='>kerberos_clock_skew=</span><span class='lparen'>(</span><span class='id identifier rubyid_value'>value</span><span class='rparen'>)</span>
<span class='ivar'>@kerberos_clock_skew</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../OptTimedelta.html" title="Msf::OptTimedelta (class)">OptTimedelta</a></span></span><span class='period'>.</span><span class='id identifier rubyid_parse'><span class='object_link'><a href="../../../OptTimedelta.html#parse-class_method" title="Msf::OptTimedelta.parse (method)">parse</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_value'>value</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="kerberos_time-instance_method">
#<strong>kerberos_time</strong>(base_time = Time.now.utc) &#x21d2; <tt>Time</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the current time adjusted for Kerberos clock skew in UTC.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>base_time</span>
<span class='type'>(<tt>Time</tt>)</span>
<em class="default">(defaults to: <tt>Time.now.utc</tt>)</em>
&mdash;
<div class='inline'>
<p>base time to adjust</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Time</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
99
100
101</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 99</span>
<span class='kw'>def</span> <span class='id identifier rubyid_kerberos_time'>kerberos_time</span><span class='lparen'>(</span><span class='id identifier rubyid_base_time'>base_time</span> <span class='op'>=</span> <span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='period'>.</span><span class='id identifier rubyid_utc'>utc</span><span class='rparen'>)</span>
<span class='lparen'>(</span><span class='id identifier rubyid_base_time'>base_time</span> <span class='op'>+</span> <span class='id identifier rubyid_kerberos_clock_skew'>kerberos_clock_skew</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_utc'>utc</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="kerberos_time_local-instance_method">
#<strong>kerberos_time_local</strong>(base_time = Time.now) &#x21d2; <tt>Time</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the current time adjusted for Kerberos clock skew in the local timezone.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>base_time</span>
<span class='type'>(<tt>Time</tt>)</span>
<em class="default">(defaults to: <tt>Time.now</tt>)</em>
&mdash;
<div class='inline'>
<p>base time to adjust</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Time</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
107
108
109</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 107</span>
<span class='kw'>def</span> <span class='id identifier rubyid_kerberos_time_local'>kerberos_time_local</span><span class='lparen'>(</span><span class='id identifier rubyid_base_time'>base_time</span> <span class='op'>=</span> <span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='rparen'>)</span>
<span class='id identifier rubyid_base_time'>base_time</span> <span class='op'>+</span> <span class='id identifier rubyid_kerberos_clock_skew'>kerberos_clock_skew</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="peer-instance_method">
#<strong>peer</strong> &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the kdc peer</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
114
115
116</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 114</span>
<span class='kw'>def</span> <span class='id identifier rubyid_peer'>peer</span>
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_rhost'>rhost</span><span class='embexpr_end'>}</span><span class='tstring_content'>:</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_rport'>rport</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="proxies-instance_method">
#<strong>proxies</strong> &#x21d2; <tt>String</tt><sup>?</sup>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the configured proxy list</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>, <tt>nil</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
121
122
123</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 121</span>
<span class='kw'>def</span> <span class='id identifier rubyid_proxies'>proxies</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Proxies</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="rhost-instance_method">
#<strong>rhost</strong> &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the target host</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
56
57
58</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 56</span>
<span class='kw'>def</span> <span class='id identifier rubyid_rhost'>rhost</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>RHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="rport-instance_method">
#<strong>rport</strong> &#x21d2; <tt>Integer</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the remote port</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Integer</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
63
64
65</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 63</span>
<span class='kw'>def</span> <span class='id identifier rubyid_rport'>rport</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>RPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="select_cipher-instance_method">
#<strong>select_cipher</strong>(client_etypes, server_etypeinfos_entries) &#x21d2; <tt>Rex::Proto::Kerberos::Model::EtypeInfo</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Select a cipher that both the server and client support, preferencing ours in order. This may just be the default behaviour on Windows, but lets be sure about it.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>client_etypes</span>
<span class='type'>(<tt>Array&lt;Integer&gt;</tt>)</span>
&mdash;
<div class='inline'>
<p>Available ciphers on the client side (etypes from Rex::Proto::Kerberos::Crypto::Encryption)</p>
</div>
</li>
<li>
<span class='name'>server_etypeinfos_entries</span>
<span class='type'>(<tt>Array&lt;<span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/PreAuthEtypeInfo2Entry.html" title="Rex::Proto::Kerberos::Model::PreAuthEtypeInfo2Entry (class)">Rex::Proto::Kerberos::Model::PreAuthEtypeInfo2Entry</a></span>&gt;</tt>)</span>
&mdash;
<div class='inline'>
<p>Available ciphers (including additional info such as salts) on the server</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Rex::Proto::Kerberos::Model::EtypeInfo</tt>)</span>
&mdash;
<div class='inline'>
<p>The selected cipher</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
208
209
210
211
212
213
214
215
216</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 208</span>
<span class='kw'>def</span> <span class='id identifier rubyid_select_cipher'>select_cipher</span><span class='lparen'>(</span><span class='id identifier rubyid_client_etypes'>client_etypes</span><span class='comma'>,</span> <span class='id identifier rubyid_server_etypeinfos_entries'>server_etypeinfos_entries</span><span class='rparen'>)</span>
<span class='id identifier rubyid_client_etypes'>client_etypes</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_client_etype'>client_etype</span><span class='op'>|</span>
<span class='id identifier rubyid_server_etypeinfos_entries'>server_etypeinfos_entries</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_server_etypeinfo2_entry'>server_etypeinfo2_entry</span><span class='op'>|</span>
<span class='kw'>if</span> <span class='id identifier rubyid_server_etypeinfo2_entry'>server_etypeinfo2_entry</span><span class='period'>.</span><span class='id identifier rubyid_etype'>etype</span> <span class='op'>==</span> <span class='id identifier rubyid_client_etype'>client_etype</span>
<span class='kw'>return</span> <span class='id identifier rubyid_server_etypeinfo2_entry'>server_etypeinfo2_entry</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="send_request_as-instance_method">
#<strong>send_request_as</strong>(opts = {}) &#x21d2; <tt><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/KdcResponse.html" title="Rex::Proto::Kerberos::Model::KdcResponse (class)">Rex::Proto::Kerberos::Model::KdcResponse</a></span></tt>
</h3><div class="docstring">
<div class="discussion">
<p>Sends a kerberos AS request and reads the response</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>opts</span>
<span class='type'>(<tt>Hash</tt>)</span>
<em class="default">(defaults to: <tt>{}</tt>)</em>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/KdcResponse.html" title="Rex::Proto::Kerberos::Model::KdcResponse (class)">Rex::Proto::Kerberos::Model::KdcResponse</a></span></tt>)</span>
</li>
</ul>
<p class="tag_title">See Also:</p>
<ul class="see">
<li>Kerberos::Client::AsRequest#build_as_request</li>
<li><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/KdcResponse.html" title="Rex::Proto::Kerberos::Model::KdcResponse (class)">Rex::Proto::Kerberos::Model::KdcResponse</a></span></li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
179
180
181
182
183
184
185</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 179</span>
<span class='kw'>def</span> <span class='id identifier rubyid_send_request_as'>send_request_as</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='id identifier rubyid_connect'>connect</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='rparen'>)</span>
<span class='id identifier rubyid_req'>req</span> <span class='op'>=</span> <span class='id identifier rubyid_opts'>opts</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:req</span><span class='rparen'>)</span> <span class='lbrace'>{</span> <span class='id identifier rubyid_build_as_request'>build_as_request</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='rparen'>)</span> <span class='rbrace'>}</span>
<span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='id identifier rubyid_kerberos_client'>kerberos_client</span><span class='period'>.</span><span class='id identifier rubyid_send_recv'>send_recv</span><span class='lparen'>(</span><span class='id identifier rubyid_req'>req</span><span class='rparen'>)</span>
<span class='id identifier rubyid_disconnect'>disconnect</span>
<span class='id identifier rubyid_res'>res</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="send_request_tgs-instance_method">
#<strong>send_request_tgs</strong>(opts = {}) &#x21d2; <tt><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/KdcResponse.html" title="Rex::Proto::Kerberos::Model::KdcResponse (class)">Rex::Proto::Kerberos::Model::KdcResponse</a></span></tt>
</h3><div class="docstring">
<div class="discussion">
<p>Sends a kerberos TGS request and reads the response</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>opts</span>
<span class='type'>(<tt>Hash</tt>)</span>
<em class="default">(defaults to: <tt>{}</tt>)</em>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/KdcResponse.html" title="Rex::Proto::Kerberos::Model::KdcResponse (class)">Rex::Proto::Kerberos::Model::KdcResponse</a></span></tt>)</span>
</li>
</ul>
<p class="tag_title">See Also:</p>
<ul class="see">
<li>Kerberos::Client::TgsRequest#build_tgs_request</li>
<li><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/KdcResponse.html" title="Rex::Proto::Kerberos::Model::KdcResponse (class)">Rex::Proto::Kerberos::Model::KdcResponse</a></span></li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
193
194
195
196
197
198
199</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 193</span>
<span class='kw'>def</span> <span class='id identifier rubyid_send_request_tgs'>send_request_tgs</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='id identifier rubyid_connect'>connect</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='rparen'>)</span>
<span class='id identifier rubyid_req'>req</span> <span class='op'>=</span> <span class='id identifier rubyid_opts'>opts</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:req</span><span class='rparen'>)</span> <span class='lbrace'>{</span> <span class='id identifier rubyid_build_tgs_request'>build_tgs_request</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='rparen'>)</span> <span class='rbrace'>}</span>
<span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='id identifier rubyid_kerberos_client'>kerberos_client</span><span class='period'>.</span><span class='id identifier rubyid_send_recv'>send_recv</span><span class='lparen'>(</span><span class='id identifier rubyid_req'>req</span><span class='rparen'>)</span>
<span class='id identifier rubyid_disconnect'>disconnect</span>
<span class='id identifier rubyid_res'>res</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="send_request_tgt-instance_method">
#<strong>send_request_tgt</strong>(options = {}) &#x21d2; <tt><span class='object_link'><a href="Model/TgtResponse.html" title="Msf::Exploit::Remote::Kerberos::Model::TgtResponse (class)">Msf::Exploit::Remote::Kerberos::Model::TgtResponse</a></span></tt>
</h3><div class="docstring">
<div class="discussion">
<p>Sends the required kerberos AS requests for a kerberos Ticket Granting Ticket</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>options</span>
<span class='type'>(<tt>Hash</tt>)</span>
<em class="default">(defaults to: <tt>{}</tt>)</em>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt><span class='object_link'><a href="Model/TgtResponse.html" title="Msf::Exploit::Remote::Kerberos::Model::TgtResponse (class)">Msf::Exploit::Remote::Kerberos::Model::TgtResponse</a></span></tt>)</span>
&mdash;
<div class='inline'>
<p>The TGT response and the key</p>
</div>
</li>
</ul>
<p class="tag_title">Raises:</p>
<ul class="raise">
<li>
<span class='type'>(<tt><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">Rex::Proto::Kerberos::Model::Error::KerberosError</a></span></tt>)</span>
&mdash;
<div class='inline'>
<p>if the provided credentials are invalid</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 297</span>
<span class='kw'>def</span> <span class='id identifier rubyid_send_request_tgt'>send_request_tgt</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='id identifier rubyid_realm'>realm</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:realm</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_server_name'>server_name</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:server_name</span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>krbtgt/</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_realm'>realm</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='id identifier rubyid_client_name'>client_name</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:client_name</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_client_name'>client_name</span> <span class='op'>=</span> <span class='id identifier rubyid_client_name'>client_name</span><span class='period'>.</span><span class='id identifier rubyid_dup'>dup</span><span class='period'>.</span><span class='id identifier rubyid_force_encoding'>force_encoding</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>utf-8</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='id identifier rubyid_client_name'>client_name</span>
<span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:password</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='id identifier rubyid_password'>password</span><span class='period'>.</span><span class='id identifier rubyid_dup'>dup</span><span class='period'>.</span><span class='id identifier rubyid_force_encoding'>force_encoding</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>utf-8</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='id identifier rubyid_password'>password</span>
<span class='id identifier rubyid_key'>key</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:key</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_request_pac'>request_pac</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:request_pac</span><span class='comma'>,</span> <span class='kw'>true</span><span class='rparen'>)</span>
<span class='id identifier rubyid_ticket_options'>ticket_options</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:options</span><span class='comma'>,</span> <span class='int'>0x50800000</span><span class='rparen'>)</span> <span class='comment'># Forwardable, Proxiable, Renewable
</span>
<span class='comment'># First stage: Send an initial AS-REQ request, used to exchange supported encryption methods.
</span> <span class='comment'># The server may respond with a ticket granting ticket (TGT) immediately,
</span> <span class='comment'># or the client may require preauthentication, and a second AS-REQ is required
</span>
<span class='id identifier rubyid_now'>now</span> <span class='op'>=</span> <span class='id identifier rubyid_kerberos_time'>kerberos_time</span>
<span class='id identifier rubyid_expiry_time'>expiry_time</span> <span class='op'>=</span> <span class='id identifier rubyid_now'>now</span> <span class='op'>+</span> <span class='int'>1</span><span class='period'>.</span><span class='id identifier rubyid_day'>day</span>
<span class='id identifier rubyid_offered_etypes'>offered_etypes</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:offered_etypes</span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Crypto.html" title="Rex::Proto::Kerberos::Crypto (module)">Crypto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Crypto/Encryption.html" title="Rex::Proto::Kerberos::Crypto::Encryption (module)">Encryption</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Crypto/Encryption.html#DefaultOfferedEtypes-constant" title="Rex::Proto::Kerberos::Crypto::Encryption::DefaultOfferedEtypes (constant)">DefaultOfferedEtypes</a></span></span>
<span class='kw'>if</span> <span class='op'>!</span><span class='id identifier rubyid_password'>password</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_key'>key</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_offered_etypes'>offered_etypes</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span> <span class='op'>!=</span> <span class='int'>1</span>
<span class='id identifier rubyid_raise'>raise</span> <span class='const'>ArgumentError</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Exactly one etype must be specified in :offered_etypes when a key is is defined without a password</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>end</span>
<span class='id identifier rubyid_initial_as_req'>initial_as_req</span> <span class='op'>=</span> <span class='id identifier rubyid_build_as_request'>build_as_request</span><span class='lparen'>(</span>
<span class='label'>pa_data:</span> <span class='lbracket'>[</span>
<span class='id identifier rubyid_build_pa_pac_request'>build_pa_pac_request</span><span class='lparen'>(</span><span class='label'>pac_request_value:</span> <span class='id identifier rubyid_request_pac'>request_pac</span><span class='rparen'>)</span>
<span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>body:</span> <span class='id identifier rubyid_build_as_request_body'>build_as_request_body</span><span class='lparen'>(</span>
<span class='label'>client_name:</span> <span class='id identifier rubyid_client_name'>client_name</span><span class='comma'>,</span>
<span class='label'>server_name:</span> <span class='id identifier rubyid_server_name'>server_name</span><span class='comma'>,</span>
<span class='label'>realm:</span> <span class='id identifier rubyid_realm'>realm</span><span class='comma'>,</span>
<span class='label'>etype:</span> <span class='id identifier rubyid_offered_etypes'>offered_etypes</span><span class='comma'>,</span>
<span class='comment'># Specify nil to ensure the KDC uses the current time for the desired starttime of the requested ticket
</span> <span class='label'>from:</span> <span class='kw'>nil</span><span class='comma'>,</span>
<span class='label'>till:</span> <span class='id identifier rubyid_expiry_time'>expiry_time</span><span class='comma'>,</span>
<span class='label'>rtime:</span> <span class='id identifier rubyid_expiry_time'>expiry_time</span><span class='comma'>,</span>
<span class='label'>options:</span> <span class='id identifier rubyid_ticket_options'>ticket_options</span>
<span class='rparen'>)</span>
<span class='rparen'>)</span>
<span class='id identifier rubyid_req_opts'>req_opts</span> <span class='op'>=</span> <span class='lbrace'>{</span> <span class='label'>req:</span> <span class='id identifier rubyid_initial_as_req'>initial_as_req</span> <span class='rbrace'>}</span>
<span class='id identifier rubyid_req_opts'>req_opts</span><span class='period'>.</span><span class='id identifier rubyid_update'>update</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span>
<span class='id identifier rubyid_initial_as_res'>initial_as_res</span> <span class='op'>=</span> <span class='id identifier rubyid_send_request_as'>send_request_as</span><span class='lparen'>(</span><span class='id identifier rubyid_req_opts'>req_opts</span><span class='rparen'>)</span>
<span class='comment'># If we receive an AS_REP response immediately, no-preauthentication was required and we can return immediately
</span> <span class='kw'>if</span> <span class='id identifier rubyid_initial_as_res'>initial_as_res</span><span class='period'>.</span><span class='id identifier rubyid_msg_type'>msg_type</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html#AS_REP-constant" title="Rex::Proto::Kerberos::Model::AS_REP (constant)">AS_REP</a></span></span>
<span class='id identifier rubyid_pa_data'>pa_data</span> <span class='op'>=</span> <span class='id identifier rubyid_initial_as_res'>initial_as_res</span><span class='period'>.</span><span class='id identifier rubyid_pa_data'>pa_data</span>
<span class='kw'>if</span> <span class='id identifier rubyid_password'>password</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_key'>key</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
<span class='id identifier rubyid_decrypted_part'>decrypted_part</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='id identifier rubyid_krb_enc_key'>krb_enc_key</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_etype_entries'>etype_entries</span> <span class='op'>=</span> <span class='id identifier rubyid_pa_data'>pa_data</span><span class='period'>.</span><span class='id identifier rubyid_find'>find</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_entry'>entry</span><span class='op'>|</span> <span class='id identifier rubyid_entry'>entry</span><span class='period'>.</span><span class='id identifier rubyid_type'>type</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/PreAuthType.html" title="Rex::Proto::Kerberos::Model::PreAuthType (module)">PreAuthType</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/PreAuthType.html#PA_ETYPE_INFO2-constant" title="Rex::Proto::Kerberos::Model::PreAuthType::PA_ETYPE_INFO2 (constant)">PA_ETYPE_INFO2</a></span></span> <span class='rbrace'>}</span>
<span class='comment'># Let&#39;s try to check the password
</span> <span class='id identifier rubyid_server_ciphers'>server_ciphers</span> <span class='op'>=</span> <span class='id identifier rubyid_etype_entries'>etype_entries</span><span class='period'>.</span><span class='id identifier rubyid_decoded_value'>decoded_value</span>
<span class='comment'># Should only have one etype
</span> <span class='id identifier rubyid_etype_info'>etype_info</span> <span class='op'>=</span> <span class='id identifier rubyid_server_ciphers'>server_ciphers</span><span class='period'>.</span><span class='id identifier rubyid_etype_info2_entries'>etype_info2_entries</span><span class='lbracket'>[</span><span class='int'>0</span><span class='rbracket'>]</span>
<span class='kw'>if</span> <span class='id identifier rubyid_password'>password</span>
<span class='id identifier rubyid_enc_key'>enc_key</span><span class='comma'>,</span> <span class='id identifier rubyid_salt'>salt</span> <span class='op'>=</span> <span class='id identifier rubyid_get_enc_key_from_password'>get_enc_key_from_password</span><span class='lparen'>(</span><span class='id identifier rubyid_password'>password</span><span class='comma'>,</span> <span class='id identifier rubyid_etype_info'>etype_info</span><span class='rparen'>)</span>
<span class='kw'>elsif</span> <span class='id identifier rubyid_key'>key</span>
<span class='id identifier rubyid_enc_key'>enc_key</span> <span class='op'>=</span> <span class='id identifier rubyid_key'>key</span>
<span class='kw'>end</span>
<span class='kw'>begin</span>
<span class='id identifier rubyid_decrypted_part'>decrypted_part</span> <span class='op'>=</span> <span class='id identifier rubyid_decrypt_kdc_as_rep_enc_part'>decrypt_kdc_as_rep_enc_part</span><span class='lparen'>(</span><span class='id identifier rubyid_initial_as_res'>initial_as_res</span><span class='comma'>,</span> <span class='id identifier rubyid_enc_key'>enc_key</span><span class='rparen'>)</span>
<span class='id identifier rubyid_krb_enc_key'>krb_enc_key</span> <span class='op'>=</span> <span class='lbrace'>{</span>
<span class='label'>enctype:</span> <span class='id identifier rubyid_etype_info'>etype_info</span><span class='period'>.</span><span class='id identifier rubyid_etype'>etype</span><span class='comma'>,</span>
<span class='label'>key:</span> <span class='id identifier rubyid_enc_key'>enc_key</span><span class='comma'>,</span>
<span class='label'>salt:</span> <span class='id identifier rubyid_salt'>salt</span>
<span class='rbrace'>}</span>
<span class='kw'>rescue</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span>
<span class='comment'># It&#39;s as if it were an invalid password
</span> <span class='id identifier rubyid_decrypted_part'>decrypted_part</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='id identifier rubyid_krb_enc_key'>krb_enc_key</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>return</span> <span class='const'><span class='object_link'><a href="../../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Kerberos.html" title="Msf::Exploit::Remote::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'>Model</span><span class='op'>::</span><span class='const'>TgtResponse</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
<span class='label'>as_rep:</span> <span class='id identifier rubyid_initial_as_res'>initial_as_res</span><span class='comma'>,</span>
<span class='label'>preauth_required:</span> <span class='kw'>false</span><span class='comma'>,</span>
<span class='label'>decrypted_part:</span> <span class='id identifier rubyid_decrypted_part'>decrypted_part</span><span class='comma'>,</span>
<span class='label'>krb_enc_key:</span> <span class='id identifier rubyid_krb_enc_key'>krb_enc_key</span>
<span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='comment'># If we&#39;re just AS_REP Roasting, we can&#39;t go any further
</span> <span class='kw'>if</span> <span class='id identifier rubyid_password'>password</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_key'>key</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
<span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Error::KerberosError#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='label'>res:</span> <span class='id identifier rubyid_initial_as_res'>initial_as_res</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='comment'># Verify error codes. Anything other than the server requiring an additional preauth request is considered a failure.
</span> <span class='kw'>if</span> <span class='id identifier rubyid_initial_as_res'>initial_as_res</span><span class='period'>.</span><span class='id identifier rubyid_msg_type'>msg_type</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html#KRB_ERROR-constant" title="Rex::Proto::Kerberos::Model::KRB_ERROR (constant)">KRB_ERROR</a></span></span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_initial_as_res'>initial_as_res</span><span class='period'>.</span><span class='id identifier rubyid_error_code'>error_code</span> <span class='op'>!=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/ErrorCodes.html" title="Rex::Proto::Kerberos::Model::Error::ErrorCodes (module)">ErrorCodes</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/ErrorCodes.html#KDC_ERR_PREAUTH_REQUIRED-constant" title="Rex::Proto::Kerberos::Model::Error::ErrorCodes::KDC_ERR_PREAUTH_REQUIRED (constant)">KDC_ERR_PREAUTH_REQUIRED</a></span></span>
<span class='kw'>if</span> <span class='id identifier rubyid_initial_as_res'>initial_as_res</span><span class='period'>.</span><span class='id identifier rubyid_error_code'>error_code</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/ErrorCodes.html" title="Rex::Proto::Kerberos::Model::Error::ErrorCodes (module)">ErrorCodes</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/ErrorCodes.html#KDC_ERR_ETYPE_NOSUPP-constant" title="Rex::Proto::Kerberos::Model::Error::ErrorCodes::KDC_ERR_ETYPE_NOSUPP (constant)">KDC_ERR_ETYPE_NOSUPP</a></span></span>
<span class='id identifier rubyid_raise'>raise</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosEncryptionNotSupported.html" title="Rex::Proto::Kerberos::Model::Error::KerberosEncryptionNotSupported (class)">KerberosEncryptionNotSupported</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosEncryptionNotSupported.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Error::KerberosEncryptionNotSupported#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='label'>encryption_type:</span> <span class='id identifier rubyid_offered_etypes'>offered_etypes</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Error::KerberosError#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='label'>res:</span> <span class='id identifier rubyid_initial_as_res'>initial_as_res</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='comment'># Second stage: Send an additional AS-REQ request with preauthentication provided
</span> <span class='comment'># Note that Clock skew issues may be raised at this point
</span>
<span class='id identifier rubyid_pa_data'>pa_data</span> <span class='op'>=</span> <span class='id identifier rubyid_initial_as_res'>initial_as_res</span><span class='period'>.</span><span class='id identifier rubyid_e_data_as_pa_data'>e_data_as_pa_data</span>
<span class='id identifier rubyid_etype_entries'>etype_entries</span> <span class='op'>=</span> <span class='id identifier rubyid_pa_data'>pa_data</span><span class='period'>.</span><span class='id identifier rubyid_find'>find</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_entry'>entry</span><span class='op'>|</span> <span class='id identifier rubyid_entry'>entry</span><span class='period'>.</span><span class='id identifier rubyid_type'>type</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/PreAuthType.html" title="Rex::Proto::Kerberos::Model::PreAuthType (module)">PreAuthType</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/PreAuthType.html#PA_ETYPE_INFO2-constant" title="Rex::Proto::Kerberos::Model::PreAuthType::PA_ETYPE_INFO2 (constant)">PA_ETYPE_INFO2</a></span></span> <span class='rbrace'>}</span>
<span class='comment'># No etypes specified - how are we supposed to negotiate ciphers?
</span> <span class='id identifier rubyid_raise'>raise</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosEncryptionNotSupported.html" title="Rex::Proto::Kerberos::Model::Error::KerberosEncryptionNotSupported (class)">KerberosEncryptionNotSupported</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosEncryptionNotSupported.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Error::KerberosEncryptionNotSupported#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='label'>encryption_type:</span> <span class='id identifier rubyid_offered_etypes'>offered_etypes</span><span class='rparen'>)</span> <span class='kw'>unless</span> <span class='id identifier rubyid_etype_entries'>etype_entries</span>
<span class='id identifier rubyid_server_ciphers'>server_ciphers</span> <span class='op'>=</span> <span class='id identifier rubyid_etype_entries'>etype_entries</span><span class='period'>.</span><span class='id identifier rubyid_decoded_value'>decoded_value</span>
<span class='id identifier rubyid_remaining_server_ciphers_to_attempt'>remaining_server_ciphers_to_attempt</span> <span class='op'>=</span> <span class='id identifier rubyid_server_ciphers'>server_ciphers</span><span class='period'>.</span><span class='id identifier rubyid_etype_info2_entries'>etype_info2_entries</span><span class='period'>.</span><span class='id identifier rubyid_select'>select</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_server_etypeinfo2_entry'>server_etypeinfo2_entry</span><span class='op'>|</span>
<span class='id identifier rubyid_offered_etypes'>offered_etypes</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='id identifier rubyid_server_etypeinfo2_entry'>server_etypeinfo2_entry</span><span class='period'>.</span><span class='id identifier rubyid_etype'>etype</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='id identifier rubyid_remaining_server_ciphers_to_attempt'>remaining_server_ciphers_to_attempt</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span>
<span class='id identifier rubyid_raise'>raise</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosEncryptionNotSupported.html" title="Rex::Proto::Kerberos::Model::Error::KerberosEncryptionNotSupported (class)">KerberosEncryptionNotSupported</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosEncryptionNotSupported.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Error::KerberosEncryptionNotSupported#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='label'>encryption_type:</span> <span class='id identifier rubyid_offered_etypes'>offered_etypes</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='comment'># Attempt to use the available ciphers; In some scenarios they can fail due to GPO configurations
</span> <span class='comment'># So we need to iterate until a success - or there&#39;s no more ciphers available
</span> <span class='kw'>while</span> <span class='id identifier rubyid_remaining_server_ciphers_to_attempt'>remaining_server_ciphers_to_attempt</span><span class='period'>.</span><span class='id identifier rubyid_any?'>any?</span>
<span class='id identifier rubyid_selected_etypeinfo'>selected_etypeinfo</span> <span class='op'>=</span> <span class='id identifier rubyid_select_cipher'>select_cipher</span><span class='lparen'>(</span><span class='id identifier rubyid_offered_etypes'>offered_etypes</span><span class='comma'>,</span> <span class='id identifier rubyid_remaining_server_ciphers_to_attempt'>remaining_server_ciphers_to_attempt</span><span class='rparen'>)</span>
<span class='id identifier rubyid_selected_etype'>selected_etype</span> <span class='op'>=</span> <span class='id identifier rubyid_selected_etypeinfo'>selected_etypeinfo</span><span class='period'>.</span><span class='id identifier rubyid_etype'>etype</span>
<span class='kw'>if</span> <span class='id identifier rubyid_password'>password</span>
<span class='id identifier rubyid_enc_key'>enc_key</span><span class='comma'>,</span> <span class='id identifier rubyid_salt'>salt</span> <span class='op'>=</span> <span class='id identifier rubyid_get_enc_key_from_password'>get_enc_key_from_password</span><span class='lparen'>(</span><span class='id identifier rubyid_password'>password</span><span class='comma'>,</span> <span class='id identifier rubyid_selected_etypeinfo'>selected_etypeinfo</span><span class='rparen'>)</span>
<span class='kw'>elsif</span> <span class='id identifier rubyid_key'>key</span>
<span class='kw'>unless</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:offered_etypes</span><span class='rbracket'>]</span><span class='op'>&amp;.</span><span class='id identifier rubyid_length'>length</span> <span class='op'>==</span> <span class='int'>1</span>
<span class='id identifier rubyid_raise'>raise</span> <span class='const'>ArgumentError</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Encryption key provided without one offered encryption type</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>end</span>
<span class='id identifier rubyid_enc_key'>enc_key</span> <span class='op'>=</span> <span class='id identifier rubyid_key'>key</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_preauth_as_req'>preauth_as_req</span> <span class='op'>=</span> <span class='id identifier rubyid_build_as_request'>build_as_request</span><span class='lparen'>(</span>
<span class='label'>pa_data:</span> <span class='lbracket'>[</span>
<span class='id identifier rubyid_build_as_pa_time_stamp'>build_as_pa_time_stamp</span><span class='lparen'>(</span><span class='label'>key:</span> <span class='id identifier rubyid_enc_key'>enc_key</span><span class='comma'>,</span> <span class='label'>etype:</span> <span class='id identifier rubyid_selected_etype'>selected_etype</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='id identifier rubyid_build_pa_pac_request'>build_pa_pac_request</span><span class='lparen'>(</span><span class='label'>pac_request_value:</span> <span class='id identifier rubyid_request_pac'>request_pac</span><span class='rparen'>)</span>
<span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>body:</span> <span class='id identifier rubyid_build_as_request_body'>build_as_request_body</span><span class='lparen'>(</span>
<span class='label'>client_name:</span> <span class='id identifier rubyid_client_name'>client_name</span><span class='comma'>,</span>
<span class='label'>server_name:</span> <span class='id identifier rubyid_server_name'>server_name</span><span class='comma'>,</span>
<span class='label'>realm:</span> <span class='id identifier rubyid_realm'>realm</span><span class='comma'>,</span>
<span class='label'>key:</span> <span class='id identifier rubyid_enc_key'>enc_key</span><span class='comma'>,</span>
<span class='label'>etype:</span> <span class='id identifier rubyid_remaining_server_ciphers_to_attempt'>remaining_server_ciphers_to_attempt</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span><span class='lparen'>(</span><span class='op'>&amp;</span><span class='symbol'>:etype</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='comment'># Specify nil to ensure the KDC uses the current time for the desired starttime of the requested ticket
</span> <span class='label'>from:</span> <span class='kw'>nil</span><span class='comma'>,</span>
<span class='label'>till:</span> <span class='id identifier rubyid_expiry_time'>expiry_time</span><span class='comma'>,</span>
<span class='label'>rtime:</span> <span class='id identifier rubyid_expiry_time'>expiry_time</span>
<span class='rparen'>)</span>
<span class='rparen'>)</span>
<span class='id identifier rubyid_req_opts'>req_opts</span> <span class='op'>=</span> <span class='lbrace'>{</span> <span class='label'>req:</span> <span class='id identifier rubyid_preauth_as_req'>preauth_as_req</span> <span class='rbrace'>}</span>
<span class='id identifier rubyid_req_opts'>req_opts</span><span class='period'>.</span><span class='id identifier rubyid_update'>update</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span>
<span class='id identifier rubyid_preauth_as_res'>preauth_as_res</span> <span class='op'>=</span> <span class='id identifier rubyid_send_request_as'>send_request_as</span><span class='lparen'>(</span><span class='id identifier rubyid_req_opts'>req_opts</span><span class='rparen'>)</span>
<span class='comment'># If we&#39;ve succeeded - break out of trying ciphers
</span> <span class='kw'>break</span> <span class='kw'>if</span> <span class='id identifier rubyid_preauth_as_res'>preauth_as_res</span><span class='period'>.</span><span class='id identifier rubyid_msg_type'>msg_type</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html#AS_REP-constant" title="Rex::Proto::Kerberos::Model::AS_REP (constant)">AS_REP</a></span></span>
<span class='comment'># If we&#39;ve hit a cipher not supported error, try the next cipher if there&#39;s more to try
</span> <span class='id identifier rubyid_is_etype_not_supported_error'>is_etype_not_supported_error</span> <span class='op'>=</span> <span class='id identifier rubyid_preauth_as_res'>preauth_as_res</span><span class='period'>.</span><span class='id identifier rubyid_msg_type'>msg_type</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html#KRB_ERROR-constant" title="Rex::Proto::Kerberos::Model::KRB_ERROR (constant)">KRB_ERROR</a></span></span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_preauth_as_res'>preauth_as_res</span><span class='period'>.</span><span class='id identifier rubyid_error_code'>error_code</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/ErrorCodes.html" title="Rex::Proto::Kerberos::Model::Error::ErrorCodes (module)">ErrorCodes</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/ErrorCodes.html#KDC_ERR_ETYPE_NOSUPP-constant" title="Rex::Proto::Kerberos::Model::Error::ErrorCodes::KDC_ERR_ETYPE_NOSUPP (constant)">KDC_ERR_ETYPE_NOSUPP</a></span></span>
<span class='kw'>if</span> <span class='id identifier rubyid_is_etype_not_supported_error'>is_etype_not_supported_error</span>
<span class='id identifier rubyid_remaining_server_ciphers_to_attempt'>remaining_server_ciphers_to_attempt</span> <span class='op'>-=</span> <span class='lbracket'>[</span><span class='id identifier rubyid_selected_etypeinfo'>selected_etypeinfo</span><span class='rbracket'>]</span>
<span class='kw'>next</span> <span class='kw'>if</span> <span class='id identifier rubyid_remaining_server_ciphers_to_attempt'>remaining_server_ciphers_to_attempt</span><span class='period'>.</span><span class='id identifier rubyid_any?'>any?</span>
<span class='kw'>end</span>
<span class='comment'># Unexpected server response
</span> <span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Error::KerberosError#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='label'>res:</span> <span class='id identifier rubyid_preauth_as_res'>preauth_as_res</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='const'><span class='object_link'><a href="../../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Kerberos.html" title="Msf::Exploit::Remote::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'>Model</span><span class='op'>::</span><span class='const'>TgtResponse</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
<span class='label'>as_rep:</span> <span class='id identifier rubyid_preauth_as_res'>preauth_as_res</span><span class='comma'>,</span>
<span class='label'>preauth_required:</span> <span class='kw'>true</span><span class='comma'>,</span>
<span class='label'>krb_enc_key:</span> <span class='lbrace'>{</span>
<span class='label'>enctype:</span> <span class='id identifier rubyid_selected_etype'>selected_etype</span><span class='comma'>,</span>
<span class='label'>key:</span> <span class='id identifier rubyid_enc_key'>enc_key</span><span class='comma'>,</span>
<span class='label'>salt:</span> <span class='id identifier rubyid_salt'>salt</span>
<span class='rbrace'>}</span><span class='comma'>,</span>
<span class='label'>decrypted_part:</span> <span class='id identifier rubyid_decrypt_kdc_as_rep_enc_part'>decrypt_kdc_as_rep_enc_part</span><span class='lparen'>(</span>
<span class='id identifier rubyid_preauth_as_res'>preauth_as_res</span><span class='comma'>,</span>
<span class='id identifier rubyid_enc_key'>enc_key</span>
<span class='rparen'>)</span>
<span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="send_request_tgt_pkinit-instance_method">
#<strong>send_request_tgt_pkinit</strong>(options = {}) &#x21d2; <tt><span class='object_link'><a href="Model/TgtResponse.html" title="Msf::Exploit::Remote::Kerberos::Model::TgtResponse (class)">Msf::Exploit::Remote::Kerberos::Model::TgtResponse</a></span></tt>
</h3><div class="docstring">
<div class="discussion">
<p>Send a TGT request using PKINIT (certificate) authentication</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>options</span>
<span class='type'>(<tt>Hash</tt>)</span>
<em class="default">(defaults to: <tt>{}</tt>)</em>
</li>
<li>
<span class='name'>[OpenSSL::PKCS12]</span>
<span class='type'>(<tt>Hash</tt>)</span>
&mdash;
<div class='inline'>
<p>a customizable set of options</p>
</div>
</li>
<li>
<span class='name'>[Boolean]</span>
<span class='type'>(<tt>Hash</tt>)</span>
&mdash;
<div class='inline'>
<p>a customizable set of options</p>
</div>
</li>
<li>
<span class='name'>[String]</span>
<span class='type'>(<tt>Hash</tt>)</span>
&mdash;
<div class='inline'>
<p>a customizable set of options</p>
</div>
</li>
<li>
<span class='name'>[Array&lt;Integer&gt;]</span>
<span class='type'>(<tt>Hash</tt>)</span>
&mdash;
<div class='inline'>
<p>a customizable set of options</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt><span class='object_link'><a href="Model/TgtResponse.html" title="Msf::Exploit::Remote::Kerberos::Model::TgtResponse (class)">Msf::Exploit::Remote::Kerberos::Model::TgtResponse</a></span></tt>)</span>
&mdash;
<div class='inline'>
<p>The TGT response and the key</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 228</span>
<span class='kw'>def</span> <span class='id identifier rubyid_send_request_tgt_pkinit'>send_request_tgt_pkinit</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='id identifier rubyid_pfx'>pfx</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:pfx</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_request_pac'>request_pac</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:request_pac</span><span class='comma'>,</span> <span class='kw'>true</span><span class='rparen'>)</span>
<span class='id identifier rubyid_realm'>realm</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:realm</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_server_name'>server_name</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:server_name</span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>krbtgt/</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_realm'>realm</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='id identifier rubyid_client_name'>client_name</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:client_name</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_client_name'>client_name</span> <span class='op'>=</span> <span class='id identifier rubyid_client_name'>client_name</span><span class='period'>.</span><span class='id identifier rubyid_dup'>dup</span><span class='period'>.</span><span class='id identifier rubyid_force_encoding'>force_encoding</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>utf-8</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='id identifier rubyid_client_name'>client_name</span>
<span class='id identifier rubyid_ticket_options'>ticket_options</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:options</span><span class='comma'>,</span> <span class='int'>0x50800000</span><span class='rparen'>)</span> <span class='comment'># Forwardable, Proxiable, Renewable
</span>
<span class='comment'># The diffie hellman client parameters
</span> <span class='id identifier rubyid_dh'>dh</span><span class='comma'>,</span> <span class='id identifier rubyid_dh_nonce'>dh_nonce</span> <span class='op'>=</span> <span class='id identifier rubyid_build_dh'>build_dh</span>
<span class='id identifier rubyid_now'>now</span> <span class='op'>=</span> <span class='id identifier rubyid_kerberos_time'>kerberos_time</span>
<span class='id identifier rubyid_expiry_time'>expiry_time</span> <span class='op'>=</span> <span class='id identifier rubyid_now'>now</span> <span class='op'>+</span> <span class='int'>1</span><span class='period'>.</span><span class='id identifier rubyid_day'>day</span>
<span class='id identifier rubyid_offered_etypes'>offered_etypes</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:offered_etypes</span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Crypto.html" title="Rex::Proto::Kerberos::Crypto (module)">Crypto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Crypto/Encryption.html" title="Rex::Proto::Kerberos::Crypto::Encryption (module)">Encryption</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Crypto/Encryption.html#PkinitEtypes-constant" title="Rex::Proto::Kerberos::Crypto::Encryption::PkinitEtypes (constant)">PkinitEtypes</a></span></span>
<span class='id identifier rubyid_request_body'>request_body</span> <span class='op'>=</span> <span class='id identifier rubyid_build_as_request_body'>build_as_request_body</span><span class='lparen'>(</span>
<span class='label'>client_name:</span> <span class='id identifier rubyid_client_name'>client_name</span><span class='comma'>,</span>
<span class='label'>server_name:</span> <span class='id identifier rubyid_server_name'>server_name</span><span class='comma'>,</span>
<span class='label'>realm:</span> <span class='id identifier rubyid_realm'>realm</span><span class='comma'>,</span>
<span class='label'>etype:</span> <span class='id identifier rubyid_offered_etypes'>offered_etypes</span><span class='comma'>,</span>
<span class='comment'># Specify nil to ensure the KDC uses the current time for the desired starttime of the requested ticket
</span> <span class='label'>from:</span> <span class='kw'>nil</span><span class='comma'>,</span>
<span class='label'>till:</span> <span class='id identifier rubyid_expiry_time'>expiry_time</span><span class='comma'>,</span>
<span class='label'>rtime:</span> <span class='id identifier rubyid_expiry_time'>expiry_time</span><span class='comma'>,</span>
<span class='label'>options:</span> <span class='id identifier rubyid_ticket_options'>ticket_options</span>
<span class='rparen'>)</span>
<span class='id identifier rubyid_as_req'>as_req</span> <span class='op'>=</span> <span class='id identifier rubyid_build_as_request'>build_as_request</span><span class='lparen'>(</span>
<span class='label'>pa_data:</span> <span class='lbracket'>[</span>
<span class='id identifier rubyid_build_pa_pac_request'>build_pa_pac_request</span><span class='lparen'>(</span><span class='label'>pac_request_value:</span> <span class='id identifier rubyid_request_pac'>request_pac</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='id identifier rubyid_build_pa_pk_as_req'>build_pa_pk_as_req</span><span class='lparen'>(</span><span class='id identifier rubyid_pfx'>pfx</span><span class='comma'>,</span> <span class='id identifier rubyid_dh'>dh</span><span class='comma'>,</span> <span class='id identifier rubyid_dh_nonce'>dh_nonce</span><span class='comma'>,</span> <span class='id identifier rubyid_request_body'>request_body</span><span class='comma'>,</span> <span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span>
<span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>body:</span> <span class='id identifier rubyid_request_body'>request_body</span>
<span class='rparen'>)</span>
<span class='comment'># Send the request
</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:req</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_as_req'>as_req</span>
<span class='id identifier rubyid_as_res'>as_res</span> <span class='op'>=</span> <span class='id identifier rubyid_send_request_as'>send_request_as</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_as_res'>as_res</span><span class='period'>.</span><span class='id identifier rubyid_msg_type'>msg_type</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html#AS_REP-constant" title="Rex::Proto::Kerberos::Model::AS_REP (constant)">AS_REP</a></span></span>
<span class='id identifier rubyid_entry'>entry</span> <span class='op'>=</span> <span class='id identifier rubyid_as_res'>as_res</span><span class='period'>.</span><span class='id identifier rubyid_pa_data'>pa_data</span><span class='period'>.</span><span class='id identifier rubyid_find'>find</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_data_entry'>data_entry</span><span class='op'>|</span> <span class='id identifier rubyid_data_entry'>data_entry</span><span class='period'>.</span><span class='id identifier rubyid_type'>type</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/PreAuthType.html" title="Rex::Proto::Kerberos::Model::PreAuthType (module)">PreAuthType</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/PreAuthType.html#PA_PK_AS_REP-constant" title="Rex::Proto::Kerberos::Model::PreAuthType::PA_PK_AS_REP (constant)">PA_PK_AS_REP</a></span></span> <span class='rbrace'>}</span>
<span class='comment'># Should never happen from a spec-compliant server
</span> <span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>No PKINIT PreAuth data received</span><span class='tstring_end'>&#39;</span></span> <span class='kw'>if</span> <span class='id identifier rubyid_entry'>entry</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
<span class='id identifier rubyid_pa_pk_as_rep'>pa_pk_as_rep</span> <span class='op'>=</span> <span class='id identifier rubyid_entry'>entry</span><span class='period'>.</span><span class='id identifier rubyid_decoded_value'>decoded_value</span>
<span class='id identifier rubyid_key'>key</span> <span class='op'>=</span> <span class='id identifier rubyid_calculate_shared_key'>calculate_shared_key</span><span class='lparen'>(</span><span class='id identifier rubyid_pa_pk_as_rep'>pa_pk_as_rep</span><span class='comma'>,</span> <span class='id identifier rubyid_dh'>dh</span><span class='comma'>,</span> <span class='id identifier rubyid_dh_nonce'>dh_nonce</span><span class='comma'>,</span> <span class='id identifier rubyid_as_res'>as_res</span><span class='period'>.</span><span class='id identifier rubyid_enc_part'>enc_part</span><span class='period'>.</span><span class='id identifier rubyid_etype'>etype</span><span class='rparen'>)</span>
<span class='kw'>return</span> <span class='const'><span class='object_link'><a href="../../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Kerberos.html" title="Msf::Exploit::Remote::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'>Model</span><span class='op'>::</span><span class='const'>TgtResponse</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
<span class='label'>as_rep:</span> <span class='id identifier rubyid_as_res'>as_res</span><span class='comma'>,</span>
<span class='label'>preauth_required:</span> <span class='kw'>true</span><span class='comma'>,</span>
<span class='label'>decrypted_part:</span> <span class='id identifier rubyid_decrypt_kdc_as_rep_enc_part'>decrypt_kdc_as_rep_enc_part</span><span class='lparen'>(</span><span class='id identifier rubyid_as_res'>as_res</span><span class='comma'>,</span> <span class='id identifier rubyid_key'>key</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='label'>krb_enc_key:</span> <span class='lbrace'>{</span>
<span class='label'>enctype:</span> <span class='id identifier rubyid_as_res'>as_res</span><span class='period'>.</span><span class='id identifier rubyid_enc_part'>enc_part</span><span class='period'>.</span><span class='id identifier rubyid_etype'>etype</span><span class='comma'>,</span>
<span class='label'>key:</span> <span class='id identifier rubyid_key'>key</span>
<span class='rbrace'>}</span>
<span class='rparen'>)</span>
<span class='kw'>elsif</span> <span class='id identifier rubyid_as_res'>as_res</span><span class='period'>.</span><span class='id identifier rubyid_msg_type'>msg_type</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html#KRB_ERROR-constant" title="Rex::Proto::Kerberos::Model::KRB_ERROR (constant)">KRB_ERROR</a></span></span>
<span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Error::KerberosError#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='label'>res:</span> <span class='id identifier rubyid_as_res'>as_res</span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='comment'># Should never happen, per the spec
</span> <span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Unexpected response type (expected AS_REP or KRB_ERROR)</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="timeout-instance_method">
#<strong>timeout</strong> &#x21d2; <tt>Integer</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the TCP timeout</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Integer</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
70
71
72</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/client.rb', line 70</span>
<span class='kw'>def</span> <span class='id identifier rubyid_timeout'>timeout</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Timeout</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
</div>
<div id="footer">
Generated on Fri May 8 17:02:16 2026 by
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.37 (ruby-3.1.5).
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink