metasploit-gs/api/Msf/Exploit/Remote/Kerberos/ServiceAuthenticator/Base.html

<!DOCTYPE html>
<html>
  <head>
    <meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
  Class: Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Base

    &mdash; Documentation by YARD 0.9.37

</title>

  <link rel="stylesheet" href="../../../../../css/style.css" type="text/css" />

  <link rel="stylesheet" href="../../../../../css/common.css" type="text/css" />

<script type="text/javascript">
  pathId = "Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Base";
  relpath = '../../../../../';
</script>


  <script type="text/javascript" charset="utf-8" src="../../../../../js/jquery.js"></script>

  <script type="text/javascript" charset="utf-8" src="../../../../../js/app.js"></script>


  </head>
  <body>
    <div class="nav_wrap">
      <iframe id="nav" src="../../../../../class_list.html?1"></iframe>
      <div id="resizer"></div>
    </div>

    <div id="main" tabindex="-1">
      <div id="header">
        <div id="menu">

    <a href="../../../../../_index.html">Index (B)</a> &raquo;
    <span class='title'><span class='object_link'><a href="../../../../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../Kerberos.html" title="Msf::Exploit::Remote::Kerberos (module)">Kerberos</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../ServiceAuthenticator.html" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator (class)">ServiceAuthenticator</a></span></span>
     &raquo;
    <span class="title">Base</span>

</div>

        <div id="search">

    <a class="full_list_link" id="class_list_link"
        href="../../../../../class_list.html">

        <svg width="24" height="24">
          <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
          <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
          <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
        </svg>
    </a>

</div>
        <div class="clear"></div>
      </div>

      <div id="content"><h1>Class: Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Base


</h1>
<div class="box_info">

  <dl>
    <dt>Inherits:</dt>
    <dd>
      <span class="inheritName">Object</span>

        <ul class="fullTree">
          <li>Object</li>

            <li class="next">Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Base</li>

        </ul>
        <a href="#" class="inheritanceTree">show all</a>

    </dd>
  </dl>


  <dl>
      <dt>Extended by:</dt>
      <dd>Forwardable</dd>
  </dl>


  <dl>
      <dt>Includes:</dt>
      <dd><span class='object_link'><a href="../../../../Auxiliary/Report.html" title="Msf::Auxiliary::Report (module)">Auxiliary::Report</a></span>, <span class='object_link'><a href="../Client.html" title="Msf::Exploit::Remote::Kerberos::Client (module)">Client</a></span>, <span class='object_link'><a href="../../../../../Rex/Proto/Gss/Asn1.html" title="Rex::Proto::Gss::Asn1 (module)">Rex::Proto::Gss::Asn1</a></span></dd>
  </dl>


  <dl>
    <dt>Defined in:</dt>
    <dd>lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb</dd>
  </dl>

</div>

<h2>Overview</h2><div class="docstring">
  <div class="discussion">

<p>This class acts as standalone authenticator for Kerberos</p>


  </div>
</div>
<div class="tags">


</div><div id="subclasses">
  <h2>Direct Known Subclasses</h2>
  <p class="children"><span class='object_link'><a href="HTTP.html" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::HTTP (class)">HTTP</a></span>, <span class='object_link'><a href="LDAP.html" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::LDAP (class)">LDAP</a></span>, <span class='object_link'><a href="MSSQL.html" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::MSSQL (class)">MSSQL</a></span>, <span class='object_link'><a href="SMB.html" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::SMB (class)">SMB</a></span></p>
</div>
<h2>Defined Under Namespace</h2>
<p class="children">


      <strong class="modules">Modules:</strong> <span class='object_link'><a href="Base/Delegation.html" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Base::Delegation (module)">Delegation</a></span>


</p>


    <h2>
      Constant Summary
      <small><a href="#" class="constants_summary_toggle">collapse</a></small>
    </h2>

    <dl class="constants">

        <dt id="GSS_DELEGATE-constant" class="">GSS_DELEGATE =
          <div class="docstring">
  <div class="discussion">

<p>Flags - <a href="https://datatracker.ietf.org/doc/html/rfc4121#section-4.1.1.1">datatracker.ietf.org/doc/html/rfc4121#section-4.1.1.1</a></p>


  </div>
</div>
<div class="tags">


</div>
        </dt>
        <dd><pre class="code"><span class='int'>0x01</span></pre></dd>

        <dt id="GSS_MUTUAL-constant" class="">GSS_MUTUAL =

        </dt>
        <dd><pre class="code"><span class='int'>0x02</span></pre></dd>

        <dt id="GSS_REPLAY_DETECT-constant" class="">GSS_REPLAY_DETECT =

        </dt>
        <dd><pre class="code"><span class='int'>0x04</span></pre></dd>

        <dt id="GSS_SEQUENCE-constant" class="">GSS_SEQUENCE =

        </dt>
        <dd><pre class="code"><span class='int'>0x08</span></pre></dd>

        <dt id="GSS_CONFIDENTIAL-constant" class="">GSS_CONFIDENTIAL =

        </dt>
        <dd><pre class="code"><span class='int'>0x10</span></pre></dd>

        <dt id="GSS_INTEGRITY-constant" class="">GSS_INTEGRITY =

        </dt>
        <dd><pre class="code"><span class='int'>0x20</span></pre></dd>

        <dt id="GSS_DCE_STYLE-constant" class="">GSS_DCE_STYLE =

        </dt>
        <dd><pre class="code"><span class='int'>0x1000</span></pre></dd>

    </dl>


  <h3 class="inherited">Constants included
     from <span class='object_link'><a href="../Client.html" title="Msf::Exploit::Remote::Kerberos::Client (module)">Client</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../Client.html#NEG_TOKEN_ACCEPT_COMPLETED-constant" title="Msf::Exploit::Remote::Kerberos::Client::NEG_TOKEN_ACCEPT_COMPLETED (constant)">Client::NEG_TOKEN_ACCEPT_COMPLETED</a></span>, <span class='object_link'><a href="../Client.html#NEG_TOKEN_ACCEPT_INCOMPLETE-constant" title="Msf::Exploit::Remote::Kerberos::Client::NEG_TOKEN_ACCEPT_INCOMPLETE (constant)">Client::NEG_TOKEN_ACCEPT_INCOMPLETE</a></span>, <span class='object_link'><a href="../Client.html#NEG_TOKEN_REJECT-constant" title="Msf::Exploit::Remote::Kerberos::Client::NEG_TOKEN_REJECT (constant)">Client::NEG_TOKEN_REJECT</a></span>, <span class='object_link'><a href="../Client.html#NEG_TOKEN_REQUEST_MIC-constant" title="Msf::Exploit::Remote::Kerberos::Client::NEG_TOKEN_REQUEST_MIC (constant)">Client::NEG_TOKEN_REQUEST_MIC</a></span>, <span class='object_link'><a href="../Client.html#TOK_ID_KRB_AP_REP-constant" title="Msf::Exploit::Remote::Kerberos::Client::TOK_ID_KRB_AP_REP (constant)">Client::TOK_ID_KRB_AP_REP</a></span>, <span class='object_link'><a href="../Client.html#TOK_ID_KRB_AP_REQ-constant" title="Msf::Exploit::Remote::Kerberos::Client::TOK_ID_KRB_AP_REQ (constant)">Client::TOK_ID_KRB_AP_REQ</a></span>, <span class='object_link'><a href="../Client.html#TOK_ID_KRB_ERROR-constant" title="Msf::Exploit::Remote::Kerberos::Client::TOK_ID_KRB_ERROR (constant)">Client::TOK_ID_KRB_ERROR</a></span></p>


  <h3 class="inherited">Constants included
     from <span class='object_link'><a href="../Client/ApRequest.html" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest (module)">Client::ApRequest</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../Client/ApRequest.html#AP_MUTUAL_REQUIRED-constant" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest::AP_MUTUAL_REQUIRED (constant)">Client::ApRequest::AP_MUTUAL_REQUIRED</a></span>, <span class='object_link'><a href="../Client/ApRequest.html#AP_USE_SESSION_KEY-constant" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest::AP_USE_SESSION_KEY (constant)">Client::ApRequest::AP_USE_SESSION_KEY</a></span></p>


  <h2>Instance Attribute Summary <small><a href="#" class="summary_toggle">collapse</a></small></h2>
  <ul class="summary">

      <li class="public ">
  <span class="summary_signature">

      <a href="#dce_style-instance_method" title="#dce_style (instance method)">#<strong>dce_style</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute dce_style.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#framework-instance_method" title="#framework (instance method)">#<strong>framework</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute framework.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#framework_module-instance_method" title="#framework_module (instance method)">#<strong>framework_module</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute framework_module.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#host-instance_method" title="#host (instance method)">#<strong>host</strong>  &#x21d2; String<sup>?</sup> </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>The proxy directive to use for the socket.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#hostname-instance_method" title="#hostname (instance method)">#<strong>hostname</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute hostname.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#key-instance_method" title="#key (instance method)">#<strong>key</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute key.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#mechanism-instance_method" title="#mechanism (instance method)">#<strong>mechanism</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute mechanism.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#mutual_auth-instance_method" title="#mutual_auth (instance method)">#<strong>mutual_auth</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute mutual_auth.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#offered_etypes-instance_method" title="#offered_etypes (instance method)">#<strong>offered_etypes</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'></div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#password-instance_method" title="#password (instance method)">#<strong>password</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute password.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#pfx-instance_method" title="#pfx (instance method)">#<strong>pfx</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute pfx.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#port-instance_method" title="#port (instance method)">#<strong>port</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute port.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#proxies-instance_method" title="#proxies (instance method)">#<strong>proxies</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute proxies.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#realm-instance_method" title="#realm (instance method)">#<strong>realm</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute realm.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#send_delegated_creds-instance_method" title="#send_delegated_creds (instance method)">#<strong>send_delegated_creds</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute send_delegated_creds.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#ticket_storage-instance_method" title="#ticket_storage (instance method)">#<strong>ticket_storage</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute ticket_storage.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#timeout-instance_method" title="#timeout (instance method)">#<strong>timeout</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute timeout.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#use_gss_checksum-instance_method" title="#use_gss_checksum (instance method)">#<strong>use_gss_checksum</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute use_gss_checksum.</p>
</div></span>

</li>


      <li class="public ">
  <span class="summary_signature">

      <a href="#username-instance_method" title="#username (instance method)">#<strong>username</strong>  &#x21d2; Object </a>


  </span>


      <span class="note title readonly">readonly</span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute username.</p>
</div></span>

</li>


  </ul>


  <h3 class="inherited">Attributes included from <span class='object_link'><a href="../Client.html" title="Msf::Exploit::Remote::Kerberos::Client (module)">Client</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../Client.html#client-instance_method" title="Msf::Exploit::Remote::Kerberos::Client#client (method)">#client</a></span>, <span class='object_link'><a href="../Client.html#kerberos_client-instance_method" title="Msf::Exploit::Remote::Kerberos::Client#kerberos_client (method)">#kerberos_client</a></span></p>


    <h2>
      Instance Method Summary
      <small><a href="#" class="summary_toggle">collapse</a></small>
    </h2>

    <ul class="summary">

        <li class="public ">
  <span class="summary_signature">

      <a href="#authenticate-instance_method" title="#authenticate (instance method)">#<strong>authenticate</strong>(options = {})  &#x21d2; Hash </a>


  </span>


    <span class="summary_desc"><div class='inline'>
<p>The security_blob SPNEGO GSS and TGS session key.</p>
</div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#authenticate_via_kdc-instance_method" title="#authenticate_via_kdc (instance method)">#<strong>authenticate_via_kdc</strong>(options = {})  &#x21d2; Object </a>


  </span>


    <span class="summary_desc"><div class='inline'>
<p>Authenticate with credentials to the key distribution center (KDC).</p>
</div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#build_spn-instance_method" title="#build_spn (instance method)">#<strong>build_spn</strong>(options = {})  &#x21d2; Object </a>


  </span>


    <span class="summary_desc"><div class='inline'></div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#connect-instance_method" title="#connect (instance method)">#<strong>connect</strong>(options = {})  &#x21d2; Object </a>


  </span>


    <span class="summary_desc"><div class='inline'></div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#get_message_encryptor-instance_method" title="#get_message_encryptor (instance method)">#<strong>get_message_encryptor</strong>(key, client_sequence_number, server_sequence_number, use_acceptor_subkey: true, rc4_pad_style: :single_byte)  &#x21d2; Object </a>


  </span>


    <span class="summary_desc"><div class='inline'></div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#initialize-instance_method" title="#initialize (instance method)">#<strong>initialize</strong>(realm: nil, hostname: nil, username: nil, password: nil, host: nil, proxies: nil, port: 88, timeout: 25, framework: nil, framework_module: nil, mutual_auth: false, use_gss_checksum: false, mechanism: Rex::Proto::Gss::Mechanism::SPNEGO, send_delegated_creds: Delegation::ALWAYS, dce_style: false, cache_file: nil, ticket_storage: nil, key: nil, offered_etypes: nil, pfx: nil, clock_skew: nil)  &#x21d2; Base </a>


  </span>


    <span class="note title constructor">constructor</span>


    <span class="summary_desc"><div class='inline'>
<p>A new instance of Base.</p>
</div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#parse_gss_init_response-instance_method" title="#parse_gss_init_response (instance method)">#<strong>parse_gss_init_response</strong>(token, session_key)  &#x21d2; Object </a>


  </span>


    <span class="summary_desc"><div class='inline'></div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#request_service_ticket-instance_method" title="#request_service_ticket (instance method)">#<strong>request_service_ticket</strong>(session_key, tgt_ticket, realm, client_name, etypes, expiry_time, now, sname, options = {})  &#x21d2; Array </a>


  </span>


    <span class="summary_desc"><div class='inline'>
<p>The TGS ticket and the decrypted TGS credentials as a MIT Cache Credential.</p>
</div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#request_tgs_only-instance_method" title="#request_tgs_only (instance method)">#<strong>request_tgs_only</strong>(credential, options = {})  &#x21d2; Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential </a>


  </span>


    <span class="summary_desc"><div class='inline'>
<p>The ccache credential.</p>
</div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#request_tgt_only-instance_method" title="#request_tgt_only (instance method)">#<strong>request_tgt_only</strong>(options = {})  &#x21d2; Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential </a>


  </span>


    <span class="summary_desc"><div class='inline'>
<p>The ccache credential.</p>
</div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#rhost-instance_method" title="#rhost (instance method)">#<strong>rhost</strong>  &#x21d2; String </a>


  </span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the target host.</p>
</div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#rport-instance_method" title="#rport (instance method)">#<strong>rport</strong>  &#x21d2; Integer </a>


  </span>


    <span class="summary_desc"><div class='inline'>
<p>Returns the remote port.</p>
</div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#s4u2proxy-instance_method" title="#s4u2proxy (instance method)">#<strong>s4u2proxy</strong>(credential, options = {})  &#x21d2; Array </a>


  </span>


    <span class="summary_desc"><div class='inline'>
<p>Request a service ticket to another service on behalf of a user.</p>
</div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#s4u2self-instance_method" title="#s4u2self (instance method)">#<strong>s4u2self</strong>(credential, options = {})  &#x21d2; Array </a>


  </span>


    <span class="summary_desc"><div class='inline'>
<p>Request a service ticket to itself on behalf of a user.</p>
</div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#u2uself-instance_method" title="#u2uself (instance method)">#<strong>u2uself</strong>(credential, options = {})  &#x21d2; Object </a>


  </span>


    <span class="summary_desc"><div class='inline'>
<p>Request a service ticket to a user on behalf of themselves This is mostly useful for PKINIT to recover the NT hash Can combine this with S4U2Self by providing an :impersonate option to retrieve a PAC for any account, i.e.</p>
</div></span>

</li>


        <li class="public ">
  <span class="summary_signature">

      <a href="#validate_response!-instance_method" title="#validate_response! (instance method)">#<strong>validate_response!</strong>(security_blob, accept_incomplete: false)  &#x21d2; Object </a>


  </span>


    <span class="summary_desc"><div class='inline'></div></span>

</li>


    </ul>


  <h3 class="inherited">Methods included from <span class='object_link'><a href="../../../../../Rex/Proto/Gss/Asn1.html" title="Rex::Proto::Gss::Asn1 (module)">Rex::Proto::Gss::Asn1</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../../../../../Rex/Proto/Gss/Asn1.html#unwrap_pseudo_asn1-instance_method" title="Rex::Proto::Gss::Asn1#unwrap_pseudo_asn1 (method)">#unwrap_pseudo_asn1</a></span>, <span class='object_link'><a href="../../../../../Rex/Proto/Gss/Asn1.html#wrap_pseudo_asn1-instance_method" title="Rex::Proto::Gss::Asn1#wrap_pseudo_asn1 (method)">#wrap_pseudo_asn1</a></span></p>


  <h3 class="inherited">Methods included from <span class='object_link'><a href="../../../../Auxiliary/Report.html" title="Msf::Auxiliary::Report (module)">Auxiliary::Report</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../../../../Auxiliary/Report.html#active_db%3F-instance_method" title="Msf::Auxiliary::Report#active_db? (method)">#active_db?</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#create_cracked_credential-instance_method" title="Msf::Auxiliary::Report#create_cracked_credential (method)">#create_cracked_credential</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#create_credential-instance_method" title="Msf::Auxiliary::Report#create_credential (method)">#create_credential</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#create_credential_and_login-instance_method" title="Msf::Auxiliary::Report#create_credential_and_login (method)">#create_credential_and_login</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#create_credential_login-instance_method" title="Msf::Auxiliary::Report#create_credential_login (method)">#create_credential_login</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#db-instance_method" title="Msf::Auxiliary::Report#db (method)">#db</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#db_warning_given%3F-instance_method" title="Msf::Auxiliary::Report#db_warning_given? (method)">#db_warning_given?</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#get_client-instance_method" title="Msf::Auxiliary::Report#get_client (method)">#get_client</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#get_host-instance_method" title="Msf::Auxiliary::Report#get_host (method)">#get_host</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#inside_workspace_boundary%3F-instance_method" title="Msf::Auxiliary::Report#inside_workspace_boundary? (method)">#inside_workspace_boundary?</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#invalidate_login-instance_method" title="Msf::Auxiliary::Report#invalidate_login (method)">#invalidate_login</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#mytask-instance_method" title="Msf::Auxiliary::Report#mytask (method)">#mytask</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#myworkspace-instance_method" title="Msf::Auxiliary::Report#myworkspace (method)">#myworkspace</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#myworkspace_id-instance_method" title="Msf::Auxiliary::Report#myworkspace_id (method)">#myworkspace_id</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#report_auth_info-instance_method" title="Msf::Auxiliary::Report#report_auth_info (method)">#report_auth_info</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#report_client-instance_method" title="Msf::Auxiliary::Report#report_client (method)">#report_client</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#report_exploit-instance_method" title="Msf::Auxiliary::Report#report_exploit (method)">#report_exploit</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#report_host-instance_method" title="Msf::Auxiliary::Report#report_host (method)">#report_host</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#report_loot-instance_method" title="Msf::Auxiliary::Report#report_loot (method)">#report_loot</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#report_note-instance_method" title="Msf::Auxiliary::Report#report_note (method)">#report_note</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#report_service-instance_method" title="Msf::Auxiliary::Report#report_service (method)">#report_service</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#report_vuln-instance_method" title="Msf::Auxiliary::Report#report_vuln (method)">#report_vuln</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#report_web_form-instance_method" title="Msf::Auxiliary::Report#report_web_form (method)">#report_web_form</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#report_web_page-instance_method" title="Msf::Auxiliary::Report#report_web_page (method)">#report_web_page</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#report_web_site-instance_method" title="Msf::Auxiliary::Report#report_web_site (method)">#report_web_site</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#report_web_vuln-instance_method" title="Msf::Auxiliary::Report#report_web_vuln (method)">#report_web_vuln</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#store_cred-instance_method" title="Msf::Auxiliary::Report#store_cred (method)">#store_cred</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#store_local-instance_method" title="Msf::Auxiliary::Report#store_local (method)">#store_local</a></span>, <span class='object_link'><a href="../../../../Auxiliary/Report.html#store_loot-instance_method" title="Msf::Auxiliary::Report#store_loot (method)">#store_loot</a></span></p>


  <h3 class="inherited">Methods included from <span class='object_link'><a href="../../../../../Metasploit/Framework/Require.html" title="Metasploit::Framework::Require (module)">Metasploit::Framework::Require</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../../../../../Metasploit/Framework/Require.html#optionally-class_method" title="Metasploit::Framework::Require.optionally (method)">optionally</a></span>, <span class='object_link'><a href="../../../../../Metasploit/Framework/Require.html#optionally_active_record_railtie-class_method" title="Metasploit::Framework::Require.optionally_active_record_railtie (method)">optionally_active_record_railtie</a></span>, <span class='object_link'><a href="../../../../../Metasploit/Framework/Require.html#optionally_include_metasploit_credential_creation-class_method" title="Metasploit::Framework::Require.optionally_include_metasploit_credential_creation (method)">optionally_include_metasploit_credential_creation</a></span>, <span class='object_link'><a href="../../../../../Metasploit/Framework/Require.html#optionally_include_metasploit_credential_creation-instance_method" title="Metasploit::Framework::Require#optionally_include_metasploit_credential_creation (method)">#optionally_include_metasploit_credential_creation</a></span>, <span class='object_link'><a href="../../../../../Metasploit/Framework/Require.html#optionally_require_metasploit_db_gem_engines-class_method" title="Metasploit::Framework::Require.optionally_require_metasploit_db_gem_engines (method)">optionally_require_metasploit_db_gem_engines</a></span></p>


  <h3 class="inherited">Methods included from <span class='object_link'><a href="../Client.html" title="Msf::Exploit::Remote::Kerberos::Client (module)">Client</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../Client.html#cleanup-instance_method" title="Msf::Exploit::Remote::Kerberos::Client#cleanup (method)">#cleanup</a></span>, <span class='object_link'><a href="../Client.html#disconnect-instance_method" title="Msf::Exploit::Remote::Kerberos::Client#disconnect (method)">#disconnect</a></span>, <span class='object_link'><a href="../Client.html#kerberos_clock_skew-instance_method" title="Msf::Exploit::Remote::Kerberos::Client#kerberos_clock_skew (method)">#kerberos_clock_skew</a></span>, <span class='object_link'><a href="../Client.html#kerberos_clock_skew=-instance_method" title="Msf::Exploit::Remote::Kerberos::Client#kerberos_clock_skew= (method)">#kerberos_clock_skew=</a></span>, <span class='object_link'><a href="../Client.html#kerberos_time-instance_method" title="Msf::Exploit::Remote::Kerberos::Client#kerberos_time (method)">#kerberos_time</a></span>, <span class='object_link'><a href="../Client.html#kerberos_time_local-instance_method" title="Msf::Exploit::Remote::Kerberos::Client#kerberos_time_local (method)">#kerberos_time_local</a></span>, <span class='object_link'><a href="../Client.html#peer-instance_method" title="Msf::Exploit::Remote::Kerberos::Client#peer (method)">#peer</a></span>, <span class='object_link'><a href="../Client.html#select_cipher-instance_method" title="Msf::Exploit::Remote::Kerberos::Client#select_cipher (method)">#select_cipher</a></span>, <span class='object_link'><a href="../Client.html#send_request_as-instance_method" title="Msf::Exploit::Remote::Kerberos::Client#send_request_as (method)">#send_request_as</a></span>, <span class='object_link'><a href="../Client.html#send_request_tgs-instance_method" title="Msf::Exploit::Remote::Kerberos::Client#send_request_tgs (method)">#send_request_tgs</a></span>, <span class='object_link'><a href="../Client.html#send_request_tgt-instance_method" title="Msf::Exploit::Remote::Kerberos::Client#send_request_tgt (method)">#send_request_tgt</a></span>, <span class='object_link'><a href="../Client.html#send_request_tgt_pkinit-instance_method" title="Msf::Exploit::Remote::Kerberos::Client#send_request_tgt_pkinit (method)">#send_request_tgt_pkinit</a></span></p>


  <h3 class="inherited">Methods included from <span class='object_link'><a href="../Client/Pkinit.html" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit (module)">Client::Pkinit</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../Client/Pkinit.html#build_dh-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit#build_dh (method)">#build_dh</a></span>, <span class='object_link'><a href="../Client/Pkinit.html#build_pa_pk_as_req-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit#build_pa_pk_as_req (method)">#build_pa_pk_as_req</a></span>, <span class='object_link'><a href="../Client/Pkinit.html#calculate_shared_key-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit#calculate_shared_key (method)">#calculate_shared_key</a></span>, <span class='object_link'><a href="../Client/Pkinit.html#extract_user_and_realm-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit#extract_user_and_realm (method)">#extract_user_and_realm</a></span>, <span class='object_link'><a href="../Client/Pkinit.html#k_truncate-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit#k_truncate (method)">#k_truncate</a></span>, <span class='object_link'><a href="../Client/Pkinit.html#sign_auth_pack-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pkinit#sign_auth_pack (method)">#sign_auth_pack</a></span></p>


  <h3 class="inherited">Methods included from <span class='object_link'><a href="../Client/Pac.html" title="Msf::Exploit::Remote::Kerberos::Client::Pac (module)">Client::Pac</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../Client/Pac.html#build_empty_auth_data-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pac#build_empty_auth_data (method)">#build_empty_auth_data</a></span>, <span class='object_link'><a href="../Client/Pac.html#build_pa_pac_request-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pac#build_pa_pac_request (method)">#build_pa_pac_request</a></span>, <span class='object_link'><a href="../Client/Pac.html#build_pac-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pac#build_pac (method)">#build_pac</a></span>, <span class='object_link'><a href="../Client/Pac.html#build_pac_authorization_data-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Pac#build_pac_authorization_data (method)">#build_pac_authorization_data</a></span></p>


  <h3 class="inherited">Methods included from <span class='object_link'><a href="../Client/TgsResponse.html" title="Msf::Exploit::Remote::Kerberos::Client::TgsResponse (module)">Client::TgsResponse</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../Client/TgsResponse.html#decrypt_kdc_tgs_rep_enc_part-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsResponse#decrypt_kdc_tgs_rep_enc_part (method)">#decrypt_kdc_tgs_rep_enc_part</a></span>, <span class='object_link'><a href="../Client/TgsResponse.html#extract_kerb_creds-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsResponse#extract_kerb_creds (method)">#extract_kerb_creds</a></span>, <span class='object_link'><a href="../Client/TgsResponse.html#format_tgs_rep_to_john_hash-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsResponse#format_tgs_rep_to_john_hash (method)">#format_tgs_rep_to_john_hash</a></span></p>


  <h3 class="inherited">Methods included from <span class='object_link'><a href="../Client/TgsRequest.html" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest (module)">Client::TgsRequest</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../Client/TgsRequest.html#build_ap_req-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_ap_req (method)">#build_ap_req</a></span>, <span class='object_link'><a href="../Client/TgsRequest.html#build_authenticator-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_authenticator (method)">#build_authenticator</a></span>, <span class='object_link'><a href="../Client/TgsRequest.html#build_enc_auth_data-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_enc_auth_data (method)">#build_enc_auth_data</a></span>, <span class='object_link'><a href="../Client/TgsRequest.html#build_pa_for_user-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_pa_for_user (method)">#build_pa_for_user</a></span>, <span class='object_link'><a href="../Client/TgsRequest.html#build_subkey-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_subkey (method)">#build_subkey</a></span>, <span class='object_link'><a href="../Client/TgsRequest.html#build_tgs_body_checksum-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_tgs_body_checksum (method)">#build_tgs_body_checksum</a></span>, <span class='object_link'><a href="../Client/TgsRequest.html#build_tgs_request-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_tgs_request (method)">#build_tgs_request</a></span>, <span class='object_link'><a href="../Client/TgsRequest.html#build_tgs_request_body-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::TgsRequest#build_tgs_request_body (method)">#build_tgs_request_body</a></span></p>


  <h3 class="inherited">Methods included from <span class='object_link'><a href="../Client/AsResponse.html" title="Msf::Exploit::Remote::Kerberos::Client::AsResponse (module)">Client::AsResponse</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../Client/AsResponse.html#decrypt_kdc_as_rep_enc_part-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::AsResponse#decrypt_kdc_as_rep_enc_part (method)">#decrypt_kdc_as_rep_enc_part</a></span>, <span class='object_link'><a href="../Client/AsResponse.html#extract_logon_time-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::AsResponse#extract_logon_time (method)">#extract_logon_time</a></span>, <span class='object_link'><a href="../Client/AsResponse.html#extract_session_key-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::AsResponse#extract_session_key (method)">#extract_session_key</a></span>, <span class='object_link'><a href="../Client/AsResponse.html#format_as_rep_to_john_hash-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::AsResponse#format_as_rep_to_john_hash (method)">#format_as_rep_to_john_hash</a></span></p>


  <h3 class="inherited">Methods included from <span class='object_link'><a href="../Client/AsRequest.html" title="Msf::Exploit::Remote::Kerberos::Client::AsRequest (module)">Client::AsRequest</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../Client/AsRequest.html#build_as_pa_time_stamp-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::AsRequest#build_as_pa_time_stamp (method)">#build_as_pa_time_stamp</a></span>, <span class='object_link'><a href="../Client/AsRequest.html#build_as_request-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::AsRequest#build_as_request (method)">#build_as_request</a></span>, <span class='object_link'><a href="../Client/AsRequest.html#build_as_request_body-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::AsRequest#build_as_request_body (method)">#build_as_request_body</a></span></p>


  <h3 class="inherited">Methods included from <span class='object_link'><a href="../Client/ApRequest.html" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest (module)">Client::ApRequest</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../Client/ApRequest.html#build_service_ap_request-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest#build_service_ap_request (method)">#build_service_ap_request</a></span>, <span class='object_link'><a href="../Client/ApRequest.html#encode_gss_kerberos_ap_request-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest#encode_gss_kerberos_ap_request (method)">#encode_gss_kerberos_ap_request</a></span>, <span class='object_link'><a href="../Client/ApRequest.html#encode_gss_spnego_ap_request-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::ApRequest#encode_gss_spnego_ap_request (method)">#encode_gss_spnego_ap_request</a></span></p>


  <h3 class="inherited">Methods included from <span class='object_link'><a href="../Client/Base.html" title="Msf::Exploit::Remote::Kerberos::Client::Base (module)">Client::Base</a></span></h3>
  <p class="inherited"><span class='object_link'><a href="../Client/Base.html#build_client_name-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Base#build_client_name (method)">#build_client_name</a></span>, <span class='object_link'><a href="../Client/Base.html#build_server_name-instance_method" title="Msf::Exploit::Remote::Kerberos::Client::Base#build_server_name (method)">#build_server_name</a></span></p>
<div id="constructor_details" class="method_details_list">
  <h2>Constructor Details</h2>

    <div class="method_details first">
  <h3 class="signature first" id="initialize-instance_method">

    #<strong>initialize</strong>(realm: nil, hostname: nil, username: nil, password: nil, host: nil, proxies: nil, port: 88, timeout: 25, framework: nil, framework_module: nil, mutual_auth: false, use_gss_checksum: false, mechanism: Rex::Proto::Gss::Mechanism::SPNEGO, send_delegated_creds: Delegation::ALWAYS, dce_style: false, cache_file: nil, ticket_storage: nil, key: nil, offered_etypes: nil, pfx: nil, clock_skew: nil)  &#x21d2; <tt><span class='object_link'><a href="../Client/Base.html" title="Msf::Exploit::Remote::Kerberos::Client::Base (module)">Base</a></span></tt>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns a new instance of Base.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 112</span>

<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span>
    <span class='label'>realm:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>hostname:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>username:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>password:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>host:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>proxies:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>port:</span> <span class='int'>88</span><span class='comma'>,</span>
    <span class='label'>timeout:</span> <span class='int'>25</span><span class='comma'>,</span>
    <span class='label'>framework:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>framework_module:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>mutual_auth:</span> <span class='kw'>false</span><span class='comma'>,</span>
    <span class='label'>use_gss_checksum:</span> <span class='kw'>false</span><span class='comma'>,</span>
    <span class='label'>mechanism:</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss.html" title="Rex::Proto::Gss (module)">Gss</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss/Mechanism.html" title="Rex::Proto::Gss::Mechanism (module)">Mechanism</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss/Mechanism.html#SPNEGO-constant" title="Rex::Proto::Gss::Mechanism::SPNEGO (constant)">SPNEGO</a></span></span><span class='comma'>,</span>
    <span class='label'>send_delegated_creds:</span> <span class='const'><span class='object_link'><a href="Base/Delegation.html" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Base::Delegation (module)">Delegation</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Base/Delegation.html#ALWAYS-constant" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Base::Delegation::ALWAYS (constant)">ALWAYS</a></span></span><span class='comma'>,</span>
    <span class='label'>dce_style:</span> <span class='kw'>false</span><span class='comma'>,</span>
    <span class='label'>cache_file:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>ticket_storage:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>key:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>offered_etypes:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>pfx:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>clock_skew:</span> <span class='kw'>nil</span>
<span class='rparen'>)</span>
  <span class='ivar'>@realm</span> <span class='op'>=</span> <span class='id identifier rubyid_realm'>realm</span>
  <span class='ivar'>@hostname</span> <span class='op'>=</span> <span class='id identifier rubyid_hostname'>hostname</span>
  <span class='ivar'>@host</span> <span class='op'>=</span> <span class='id identifier rubyid_host'>host</span>
  <span class='ivar'>@proxies</span> <span class='op'>=</span> <span class='id identifier rubyid_proxies'>proxies</span>
  <span class='ivar'>@port</span> <span class='op'>=</span> <span class='id identifier rubyid_port'>port</span>
  <span class='ivar'>@timeout</span> <span class='op'>=</span> <span class='id identifier rubyid_timeout'>timeout</span>
  <span class='ivar'>@username</span> <span class='op'>=</span> <span class='id identifier rubyid_username'>username</span>
  <span class='ivar'>@password</span> <span class='op'>=</span> <span class='id identifier rubyid_password'>password</span>
  <span class='ivar'>@pfx</span> <span class='op'>=</span> <span class='id identifier rubyid_pfx'>pfx</span>
  <span class='ivar'>@framework</span> <span class='op'>=</span> <span class='id identifier rubyid_framework'>framework</span>
  <span class='ivar'>@framework_module</span> <span class='op'>=</span> <span class='id identifier rubyid_framework_module'>framework_module</span>
  <span class='ivar'>@mutual_auth</span> <span class='op'>=</span> <span class='id identifier rubyid_mutual_auth'>mutual_auth</span>
  <span class='ivar'>@use_gss_checksum</span> <span class='op'>=</span> <span class='id identifier rubyid_use_gss_checksum'>use_gss_checksum</span>
  <span class='ivar'>@mechanism</span> <span class='op'>=</span> <span class='id identifier rubyid_mechanism'>mechanism</span>
  <span class='ivar'>@send_delegated_creds</span> <span class='op'>=</span> <span class='id identifier rubyid_send_delegated_creds'>send_delegated_creds</span>
  <span class='ivar'>@dce_style</span> <span class='op'>=</span> <span class='id identifier rubyid_dce_style'>dce_style</span>
  <span class='ivar'>@ticket_storage</span> <span class='op'>=</span> <span class='id identifier rubyid_ticket_storage'>ticket_storage</span> <span class='op'>||</span> <span class='const'><span class='object_link'><a href="../../../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Kerberos.html" title="Msf::Exploit::Remote::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Ticket.html" title="Msf::Exploit::Remote::Kerberos::Ticket (module)">Ticket</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Ticket/Storage.html" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage (module)">Storage</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Ticket/Storage/ReadWrite.html" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage::ReadWrite (class)">ReadWrite</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../Ticket/Storage/Base.html#initialize-instance_method" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage::Base#initialize (method)">new</a></span></span><span class='lparen'>(</span>
    <span class='label'>framework:</span> <span class='id identifier rubyid_framework'>framework</span><span class='comma'>,</span>
    <span class='label'>framework_module:</span> <span class='id identifier rubyid_framework_module'>framework_module</span>
  <span class='rparen'>)</span>
  <span class='ivar'>@key</span> <span class='op'>=</span> <span class='id identifier rubyid_key'>key</span>
  <span class='ivar'>@offered_etypes</span> <span class='op'>=</span> <span class='id identifier rubyid_offered_etypes'>offered_etypes</span>
  <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_kerberos_clock_skew'>kerberos_clock_skew</span> <span class='op'>=</span> <span class='id identifier rubyid_clock_skew'>clock_skew</span>

  <span class='id identifier rubyid_credential'>credential</span> <span class='op'>=</span> <span class='kw'>nil</span>
  <span class='kw'>if</span> <span class='id identifier rubyid_cache_file'>cache_file</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>
    <span class='comment'># the cache file is only used for loading credentials, it is *not* written to
</span>    <span class='id identifier rubyid_load_sname_hostname_credential_result'>load_sname_hostname_credential_result</span> <span class='op'>=</span> <span class='id identifier rubyid_load_credential_from_file'>load_credential_from_file</span><span class='lparen'>(</span><span class='id identifier rubyid_cache_file'>cache_file</span><span class='comma'>,</span> <span class='label'>sname:</span> <span class='kw'>nil</span><span class='comma'>,</span> <span class='label'>sname_hostname:</span> <span class='ivar'>@hostname</span><span class='rparen'>)</span>
    <span class='id identifier rubyid_credential'>credential</span> <span class='op'>=</span> <span class='id identifier rubyid_load_sname_hostname_credential_result'>load_sname_hostname_credential_result</span><span class='op'>&amp;.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:credential</span><span class='comma'>,</span> <span class='kw'>nil</span><span class='rparen'>)</span>
    <span class='id identifier rubyid_serviceclass'>serviceclass</span> <span class='op'>=</span> <span class='id identifier rubyid_build_spn'>build_spn</span><span class='op'>&amp;.</span><span class='id identifier rubyid_name_string'>name_string</span><span class='op'>&amp;.</span><span class='id identifier rubyid_first'>first</span>
    <span class='kw'>if</span> <span class='id identifier rubyid_credential'>credential</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_server'>server</span><span class='period'>.</span><span class='id identifier rubyid_components'>components</span><span class='lbracket'>[</span><span class='int'>0</span><span class='rbracket'>]</span> <span class='op'>!=</span> <span class='id identifier rubyid_serviceclass'>serviceclass</span>
      <span class='id identifier rubyid_old_sname'>old_sname</span> <span class='op'>=</span> <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_server'>server</span><span class='period'>.</span><span class='id identifier rubyid_components'>components</span><span class='period'>.</span><span class='id identifier rubyid_snapshot'>snapshot</span><span class='period'>.</span><span class='id identifier rubyid_join'>join</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>/</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
      <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_server'>server</span><span class='period'>.</span><span class='id identifier rubyid_components'>components</span><span class='lbracket'>[</span><span class='int'>0</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_serviceclass'>serviceclass</span>
      <span class='id identifier rubyid_new_sname'>new_sname</span> <span class='op'>=</span> <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_server'>server</span><span class='period'>.</span><span class='id identifier rubyid_components'>components</span><span class='period'>.</span><span class='id identifier rubyid_snapshot'>snapshot</span><span class='period'>.</span><span class='id identifier rubyid_join'>join</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>/</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
      <span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Patching sname from </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_old_sname'>old_sname</span><span class='embexpr_end'>}</span><span class='tstring_content'> to </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_new_sname'>new_sname</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
      <span class='id identifier rubyid_ticket'>ticket</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Ticket.html" title="Rex::Proto::Kerberos::Model::Ticket (class)">Ticket</a></span></span><span class='period'>.</span><span class='id identifier rubyid_decode'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Ticket.html#decode-instance_method" title="Rex::Proto::Kerberos::Model::Ticket#decode (method)">decode</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_ticket'>ticket</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span><span class='rparen'>)</span>
      <span class='id identifier rubyid_ticket'>ticket</span><span class='period'>.</span><span class='id identifier rubyid_sname'>sname</span><span class='period'>.</span><span class='id identifier rubyid_name_string'>name_string</span><span class='lbracket'>[</span><span class='int'>0</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_serviceclass'>serviceclass</span>
      <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_ticket'>ticket</span> <span class='op'>=</span> <span class='id identifier rubyid_ticket'>ticket</span><span class='period'>.</span><span class='id identifier rubyid_encode'>encode</span>
    <span class='kw'>elsif</span> <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_hostname'>hostname</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>
      <span class='id identifier rubyid_load_sname_krbtgt_hostname_credential_result'>load_sname_krbtgt_hostname_credential_result</span> <span class='op'>=</span> <span class='id identifier rubyid_load_credential_from_file'>load_credential_from_file</span><span class='lparen'>(</span><span class='id identifier rubyid_cache_file'>cache_file</span><span class='comma'>,</span> <span class='label'>sname:</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>krbtgt/</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_hostname'>hostname</span><span class='period'>.</span><span class='id identifier rubyid_split'>split</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>.</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='int'>2</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_last'>last</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
      <span class='id identifier rubyid_credential'>credential</span> <span class='op'>=</span> <span class='id identifier rubyid_load_sname_krbtgt_hostname_credential_result'>load_sname_krbtgt_hostname_credential_result</span><span class='op'>&amp;.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:credential</span><span class='comma'>,</span> <span class='kw'>nil</span><span class='rparen'>)</span>
    <span class='kw'>end</span>
    <span class='kw'>if</span> <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
      <span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Failed to load a usable credential from ticket file: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_cache_file'>cache_file</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
      <span class='kw'>if</span> <span class='id identifier rubyid_load_sname_hostname_credential_result'>load_sname_hostname_credential_result</span>
        <span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Attempt failed to find a valid credential in </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_cache_file'>cache_file</span><span class='embexpr_end'>}</span><span class='tstring_content'> for </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_load_sname_hostname_credential_result'>load_sname_hostname_credential_result</span><span class='lbracket'>[</span><span class='symbol'>:filter</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_k'>k</span><span class='comma'>,</span> <span class='id identifier rubyid_v'>v</span><span class='op'>|</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_k'>k</span><span class='embexpr_end'>}</span><span class='tstring_content'>=</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_v'>v</span><span class='period'>.</span><span class='id identifier rubyid_inspect'>inspect</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span> <span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_join'><span class='object_link'><a href="../../../../../top-level-namespace.html#join-instance_method" title="#join (method)">join</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>, </span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span><span class='embexpr_end'>}</span><span class='tstring_content'>:</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
        <span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='id identifier rubyid_load_sname_hostname_credential_result'>load_sname_hostname_credential_result</span><span class='lbracket'>[</span><span class='symbol'>:filter_reasons</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_join'><span class='object_link'><a href="../../../../../top-level-namespace.html#join-instance_method" title="#join (method)">join</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>\n</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_indent'>indent</span><span class='lparen'>(</span><span class='int'>2</span><span class='rparen'>)</span><span class='rparen'>)</span>
      <span class='kw'>end</span>

      <span class='kw'>if</span> <span class='id identifier rubyid_load_sname_krbtgt_hostname_credential_result'>load_sname_krbtgt_hostname_credential_result</span>
        <span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Attempt failed to find a valid credential in </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_cache_file'>cache_file</span><span class='embexpr_end'>}</span><span class='tstring_content'> for </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_load_sname_krbtgt_hostname_credential_result'>load_sname_krbtgt_hostname_credential_result</span><span class='lbracket'>[</span><span class='symbol'>:filter</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_k'>k</span><span class='comma'>,</span> <span class='id identifier rubyid_v'>v</span><span class='op'>|</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_k'>k</span><span class='embexpr_end'>}</span><span class='tstring_content'>=</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_v'>v</span><span class='period'>.</span><span class='id identifier rubyid_inspect'>inspect</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span> <span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_join'><span class='object_link'><a href="../../../../../top-level-namespace.html#join-instance_method" title="#join (method)">join</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>, </span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
        <span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='id identifier rubyid_load_sname_krbtgt_hostname_credential_result'>load_sname_krbtgt_hostname_credential_result</span><span class='lbracket'>[</span><span class='symbol'>:filter_reasons</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_join'><span class='object_link'><a href="../../../../../top-level-namespace.html#join-instance_method" title="#join (method)">join</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>\n</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_indent'>indent</span><span class='lparen'>(</span><span class='int'>2</span><span class='rparen'>)</span><span class='rparen'>)</span>
      <span class='kw'>end</span>
      <span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Error::KerberosError#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Failed to load a usable credential from ticket file: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_cache_file'>cache_file</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
    <span class='kw'>end</span>
    <span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Loaded a credential from ticket file: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_cache_file'>cache_file</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
  <span class='kw'>end</span>
  <span class='ivar'>@credential</span> <span class='op'>=</span> <span class='id identifier rubyid_credential'>credential</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

</div>

  <div id="instance_attr_details" class="attr_details">
    <h2>Instance Attribute Details</h2>


      <span id=""></span>
      <div class="method_details first">
  <h3 class="signature first" id="dce_style-instance_method">

    #<strong>dce_style</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute dce_style.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


74
75
76</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 74</span>

<span class='kw'>def</span> <span class='id identifier rubyid_dce_style'>dce_style</span>
  <span class='ivar'>@dce_style</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="framework-instance_method">

    #<strong>framework</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute framework.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


50
51
52</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 50</span>

<span class='kw'>def</span> <span class='id identifier rubyid_framework'>framework</span>
  <span class='ivar'>@framework</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="framework_module-instance_method">

    #<strong>framework_module</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute framework_module.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


54
55
56</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 54</span>

<span class='kw'>def</span> <span class='id identifier rubyid_framework_module'>framework_module</span>
  <span class='ivar'>@framework_module</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="host-instance_method">

    #<strong>host</strong>  &#x21d2; <tt>String</tt><sup>?</sup>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns The proxy directive to use for the socket.</p>


  </div>
</div>
<div class="tags">

<p class="tag_title">Returns:</p>
<ul class="return">

    <li>


        <span class='type'>(<tt>String</tt>, <tt>nil</tt>)</span>


        &mdash;
        <div class='inline'>
<p>The proxy directive to use for the socket</p>
</div>

    </li>

</ul>

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


34
35
36</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 34</span>

<span class='kw'>def</span> <span class='id identifier rubyid_host'>host</span>
  <span class='ivar'>@host</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="hostname-instance_method">

    #<strong>hostname</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute hostname.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


30
31
32</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 30</span>

<span class='kw'>def</span> <span class='id identifier rubyid_hostname'>hostname</span>
  <span class='ivar'>@hostname</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="key-instance_method">

    #<strong>key</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute key.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


82
83
84</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 82</span>

<span class='kw'>def</span> <span class='id identifier rubyid_key'>key</span>
  <span class='ivar'>@key</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="mechanism-instance_method">

    #<strong>mechanism</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute mechanism.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


66
67
68</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 66</span>

<span class='kw'>def</span> <span class='id identifier rubyid_mechanism'>mechanism</span>
  <span class='ivar'>@mechanism</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="mutual_auth-instance_method">

    #<strong>mutual_auth</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute mutual_auth.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


58
59
60</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 58</span>

<span class='kw'>def</span> <span class='id identifier rubyid_mutual_auth'>mutual_auth</span>
  <span class='ivar'>@mutual_auth</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="offered_etypes-instance_method">

    #<strong>offered_etypes</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">


  </div>
</div>
<div class="tags">


  <p class="tag_title">See Also:</p>
  <ul class="see">

      <li><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html#DefaultOfferedEtypes-constant" title="Rex::Proto::Kerberos::Crypto::Encryption::DefaultOfferedEtypes (constant)">Rex::Proto::Kerberos::Crypto::Encryption::DefaultOfferedEtypes</a></span></li>

  </ul>

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


87
88
89</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 87</span>

<span class='kw'>def</span> <span class='id identifier rubyid_offered_etypes'>offered_etypes</span>
  <span class='ivar'>@offered_etypes</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="password-instance_method">

    #<strong>password</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute password.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


22
23
24</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 22</span>

<span class='kw'>def</span> <span class='id identifier rubyid_password'>password</span>
  <span class='ivar'>@password</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="pfx-instance_method">

    #<strong>pfx</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute pfx.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


26
27
28</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 26</span>

<span class='kw'>def</span> <span class='id identifier rubyid_pfx'>pfx</span>
  <span class='ivar'>@pfx</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="port-instance_method">

    #<strong>port</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute port.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


38
39
40</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 38</span>

<span class='kw'>def</span> <span class='id identifier rubyid_port'>port</span>
  <span class='ivar'>@port</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="proxies-instance_method">

    #<strong>proxies</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute proxies.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


42
43
44</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 42</span>

<span class='kw'>def</span> <span class='id identifier rubyid_proxies'>proxies</span>
  <span class='ivar'>@proxies</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="realm-instance_method">

    #<strong>realm</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute realm.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


14
15
16</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 14</span>

<span class='kw'>def</span> <span class='id identifier rubyid_realm'>realm</span>
  <span class='ivar'>@realm</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="send_delegated_creds-instance_method">

    #<strong>send_delegated_creds</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute send_delegated_creds.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


70
71
72</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 70</span>

<span class='kw'>def</span> <span class='id identifier rubyid_send_delegated_creds'>send_delegated_creds</span>
  <span class='ivar'>@send_delegated_creds</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="ticket_storage-instance_method">

    #<strong>ticket_storage</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute ticket_storage.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


78
79
80</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 78</span>

<span class='kw'>def</span> <span class='id identifier rubyid_ticket_storage'>ticket_storage</span>
  <span class='ivar'>@ticket_storage</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="timeout-instance_method">

    #<strong>timeout</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute timeout.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


46
47
48</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 46</span>

<span class='kw'>def</span> <span class='id identifier rubyid_timeout'>timeout</span>
  <span class='ivar'>@timeout</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="use_gss_checksum-instance_method">

    #<strong>use_gss_checksum</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute use_gss_checksum.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


62
63
64</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 62</span>

<span class='kw'>def</span> <span class='id identifier rubyid_use_gss_checksum'>use_gss_checksum</span>
  <span class='ivar'>@use_gss_checksum</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>


      <span id=""></span>
      <div class="method_details ">
  <h3 class="signature " id="username-instance_method">

    #<strong>username</strong>  &#x21d2; <tt>Object</tt>  <span class="extras">(readonly)</span>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the value of attribute username.</p>


  </div>
</div>
<div class="tags">


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


18
19
20</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 18</span>

<span class='kw'>def</span> <span class='id identifier rubyid_username'>username</span>
  <span class='ivar'>@username</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

  </div>


  <div id="instance_method_details" class="method_details_list">
    <h2>Instance Method Details</h2>


      <div class="method_details first">
  <h3 class="signature first" id="authenticate-instance_method">

    #<strong>authenticate</strong>(options = {})  &#x21d2; <tt>Hash</tt>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns The security_blob SPNEGO GSS and TGS session key.</p>


  </div>
</div>
<div class="tags">
  <p class="tag_title">Parameters:</p>
<ul class="param">

    <li>

        <span class='name'>options</span>


        <span class='type'>(<tt>Hash</tt>)</span>


        <em class="default">(defaults to: <tt>{}</tt>)</em>


    </li>

</ul>


    <p class="tag_title">Options Hash (<tt>options</tt>):</p>
    <ul class="option">

        <li>
          <span class="name">:credential</span>
          <span class="type">(<tt>String</tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>An explicit credential object to use for authentication.</p>
</div>

        </li>

        <li>
          <span class="name">:sname</span>
          <span class="type">(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PrincipalName.html" title="Rex::Proto::Kerberos::Model::PrincipalName (class)">Rex::Proto::Kerberos::Model::PrincipalName</a></span></tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>The target service principal name.</p>
</div>

        </li>

        <li>
          <span class="name">:sname</span>
          <span class="type">(<tt>String</tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>The target service principal name.</p>
</div>

        </li>

        <li>
          <span class="name">:mechanism</span>
          <span class="type">(<tt>String</tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>The authentication mechanism. One of the Rex::Proto::Gss::Mechanism constants.</p>
</div>

        </li>

    </ul>


<p class="tag_title">Returns:</p>
<ul class="return">

    <li>


        <span class='type'>(<tt>Hash</tt>)</span>


        &mdash;
        <div class='inline'>
<p>The security_blob SPNEGO GSS and TGS session key</p>
</div>

    </li>

</ul>

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 232</span>

<span class='kw'>def</span> <span class='id identifier rubyid_authenticate'>authenticate</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:sname</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:sname</span><span class='rparen'>)</span> <span class='lbrace'>{</span> <span class='id identifier rubyid_build_spn'>build_spn</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span> <span class='rbrace'>}</span>

  <span class='kw'>unless</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span>
    <span class='kw'>if</span> <span class='ivar'>@credential</span>
      <span class='comment'># use an explicit credential
</span>      <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='ivar'>@credential</span>
    <span class='kw'>else</span>
      <span class='comment'># load a cached TGS
</span>      <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_get_cached_credential'>get_cached_credential</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span>
      <span class='id identifier rubyid_tgt_sname'>tgt_sname</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PrincipalName.html" title="Rex::Proto::Kerberos::Model::PrincipalName (class)">PrincipalName</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Element.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Element#initialize (method)">new</a></span></span><span class='lparen'>(</span>
        <span class='label'>name_type:</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/NameType.html" title="Rex::Proto::Kerberos::Model::NameType (module)">NameType</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/NameType.html#NT_SRV_INST-constant" title="Rex::Proto::Kerberos::Model::NameType::NT_SRV_INST (constant)">NT_SRV_INST</a></span></span><span class='comma'>,</span>
        <span class='label'>name_string:</span> <span class='lbracket'>[</span>
          <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>krbtgt</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span>
          <span class='id identifier rubyid_realm'>realm</span>
        <span class='rbracket'>]</span>
      <span class='rparen'>)</span>
      <span class='kw'>unless</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span>
        <span class='comment'># load a cached TGT (specific host)
</span>        <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_get_cached_credential'>get_cached_credential</span><span class='lparen'>(</span>
          <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span><span class='label'>sname:</span> <span class='id identifier rubyid_tgt_sname'>tgt_sname</span><span class='rparen'>)</span>
        <span class='rparen'>)</span>
      <span class='kw'>end</span>
      <span class='kw'>unless</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span>
        <span class='comment'># load a cached TGT (any host)
</span>        <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_get_cached_credential'>get_cached_credential</span><span class='lparen'>(</span>
          <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span><span class='label'>sname:</span> <span class='id identifier rubyid_tgt_sname'>tgt_sname</span><span class='comma'>,</span> <span class='label'>host:</span> <span class='kw'>nil</span><span class='rparen'>)</span>
        <span class='rparen'>)</span>
      <span class='kw'>end</span>
      <span class='kw'>if</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span>
        <span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Using cached credential for </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_server'>server</span><span class='embexpr_end'>}</span><span class='tstring_content'> </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_client'>client</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
      <span class='kw'>end</span>
    <span class='kw'>end</span>
  <span class='kw'>end</span>

  <span class='kw'>if</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_server'>server</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='period'>.</span><span class='id identifier rubyid_start_with?'>start_with?</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>krbtgt/</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
    <span class='id identifier rubyid_auth_context'>auth_context</span> <span class='op'>=</span> <span class='id identifier rubyid_authenticate_via_krb5_ccache_credential_tgt'>authenticate_via_krb5_ccache_credential_tgt</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span><span class='comma'>,</span> <span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span>
  <span class='kw'>elsif</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span>
    <span class='id identifier rubyid_auth_context'>auth_context</span> <span class='op'>=</span> <span class='id identifier rubyid_authenticate_via_krb5_ccache_credential_tgs'>authenticate_via_krb5_ccache_credential_tgs</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span><span class='comma'>,</span> <span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span>
  <span class='kw'>else</span>
    <span class='id identifier rubyid_pkcs12_storage'>pkcs12_storage</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Pkcs12.html" title="Msf::Exploit::Remote::Pkcs12 (module)">Pkcs12</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Pkcs12/Storage.html" title="Msf::Exploit::Remote::Pkcs12::Storage (class)">Storage</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../Pkcs12/Storage.html#initialize-instance_method" title="Msf::Exploit::Remote::Pkcs12::Storage#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='label'>framework:</span> <span class='id identifier rubyid_framework'>framework</span><span class='comma'>,</span> <span class='label'>framework_module:</span> <span class='id identifier rubyid_framework_module'>framework_module</span><span class='rparen'>)</span>
    <span class='id identifier rubyid_pkcs12_results'>pkcs12_results</span> <span class='op'>=</span> <span class='id identifier rubyid_pkcs12_storage'>pkcs12_storage</span><span class='period'>.</span><span class='id identifier rubyid_pkcs12'>pkcs12</span><span class='lparen'>(</span>
      <span class='label'>workspace:</span> <span class='id identifier rubyid_workspace'>workspace</span><span class='comma'>,</span>
      <span class='label'>username:</span> <span class='ivar'>@username</span><span class='comma'>,</span>
      <span class='label'>realm:</span> <span class='ivar'>@realm</span><span class='comma'>,</span>
      <span class='label'>status:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>active</span><span class='tstring_end'>&#39;</span></span>
    <span class='rparen'>)</span>
    <span class='kw'>if</span> <span class='id identifier rubyid_pkcs12_results'>pkcs12_results</span><span class='period'>.</span><span class='id identifier rubyid_any?'>any?</span>
      <span class='id identifier rubyid_stored_pkcs12'>stored_pkcs12</span> <span class='op'>=</span> <span class='id identifier rubyid_pkcs12_results'>pkcs12_results</span><span class='period'>.</span><span class='id identifier rubyid_first'>first</span>
      <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:pfx</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_stored_pkcs12'>stored_pkcs12</span><span class='period'>.</span><span class='id identifier rubyid_openssl_pkcs12'>openssl_pkcs12</span>
      <span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Using stored certificate for </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_stored_pkcs12'>stored_pkcs12</span><span class='period'>.</span><span class='id identifier rubyid_username'>username</span><span class='embexpr_end'>}</span><span class='tstring_content'>@</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_stored_pkcs12'>stored_pkcs12</span><span class='period'>.</span><span class='id identifier rubyid_realm'>realm</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
    <span class='kw'>end</span>
    <span class='id identifier rubyid_auth_context'>auth_context</span> <span class='op'>=</span> <span class='id identifier rubyid_authenticate_via_kdc'>authenticate_via_kdc</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span>
    <span class='id identifier rubyid_auth_context'>auth_context</span> <span class='op'>=</span> <span class='id identifier rubyid_authenticate_via_krb5_ccache_credential_tgt'>authenticate_via_krb5_ccache_credential_tgt</span><span class='lparen'>(</span><span class='id identifier rubyid_auth_context'>auth_context</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span><span class='comma'>,</span> <span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span>
  <span class='kw'>end</span>

  <span class='id identifier rubyid_ap_request_asn1'>ap_request_asn1</span> <span class='op'>=</span> <span class='id identifier rubyid_auth_context'>auth_context</span><span class='period'>.</span><span class='id identifier rubyid_delete'>delete</span><span class='lparen'>(</span><span class='symbol'>:service_ap_request</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_to_asn1'>to_asn1</span>

  <span class='id identifier rubyid_mechanism'>mechanism</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:mechanism</span><span class='rparen'>)</span> <span class='lbrace'>{</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_mechanism'>mechanism</span> <span class='rbrace'>}</span>
  <span class='kw'>if</span> <span class='id identifier rubyid_mechanism'>mechanism</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss.html" title="Rex::Proto::Gss (module)">Gss</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss/Mechanism.html" title="Rex::Proto::Gss::Mechanism (module)">Mechanism</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss/Mechanism.html#SPNEGO-constant" title="Rex::Proto::Gss::Mechanism::SPNEGO (constant)">SPNEGO</a></span></span>
    <span class='id identifier rubyid_security_blob'>security_blob</span> <span class='op'>=</span> <span class='id identifier rubyid_encode_gss_spnego_ap_request'>encode_gss_spnego_ap_request</span><span class='lparen'>(</span><span class='id identifier rubyid_ap_request_asn1'>ap_request_asn1</span><span class='rparen'>)</span>
  <span class='kw'>elsif</span> <span class='id identifier rubyid_mechanism'>mechanism</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss.html" title="Rex::Proto::Gss (module)">Gss</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss/Mechanism.html" title="Rex::Proto::Gss::Mechanism (module)">Mechanism</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss/Mechanism.html#KERBEROS-constant" title="Rex::Proto::Gss::Mechanism::KERBEROS (constant)">KERBEROS</a></span></span>
    <span class='id identifier rubyid_security_blob'>security_blob</span> <span class='op'>=</span> <span class='id identifier rubyid_encode_gss_kerberos_ap_request'>encode_gss_kerberos_ap_request</span><span class='lparen'>(</span><span class='id identifier rubyid_ap_request_asn1'>ap_request_asn1</span><span class='rparen'>)</span>
  <span class='kw'>else</span>
    <span class='id identifier rubyid_raise'>raise</span> <span class='const'>RuntimeError</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Unknown GSS mechanism: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_mechanism'>mechanism</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
  <span class='kw'>end</span>

  <span class='id identifier rubyid_auth_context'>auth_context</span><span class='lbracket'>[</span><span class='symbol'>:security_blob</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_security_blob'>security_blob</span>
  <span class='id identifier rubyid_auth_context'>auth_context</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

      <div class="method_details ">
  <h3 class="signature " id="authenticate_via_kdc-instance_method">

    #<strong>authenticate_via_kdc</strong>(options = {})  &#x21d2; <tt>Object</tt>


</h3><div class="docstring">
  <div class="discussion">

<p>Authenticate with credentials to the key distribution center (KDC). This will request a TGT only.</p>


  </div>
</div>
<div class="tags">
  <p class="tag_title">Parameters:</p>
<ul class="param">

    <li>

        <span class='name'>options</span>


        <span class='type'>(<tt>Hash</tt>)</span>


        <em class="default">(defaults to: <tt>{}</tt>)</em>


    </li>

</ul>


</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 609</span>

<span class='kw'>def</span> <span class='id identifier rubyid_authenticate_via_kdc'>authenticate_via_kdc</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_realm'>realm</span> <span class='op'>=</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_realm'>realm</span><span class='period'>.</span><span class='id identifier rubyid_upcase'>upcase</span>
  <span class='id identifier rubyid_client_name'>client_name</span> <span class='op'>=</span> <span class='id identifier rubyid_username'>username</span>
  <span class='id identifier rubyid_server_name'>server_name</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>krbtgt/</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_realm'>realm</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>

  <span class='id identifier rubyid_ticket_options'>ticket_options</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html" title="Rex::Proto::Kerberos::Model::KdcOptionFlags (class)">KdcOptionFlags</a></span></span><span class='period'>.</span><span class='id identifier rubyid_from_flags'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KerberosFlags.html#from_flags-class_method" title="Rex::Proto::Kerberos::Model::KerberosFlags.from_flags (method)">from_flags</a></span></span><span class='lparen'>(</span>
    <span class='lbracket'>[</span>
      <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html" title="Rex::Proto::Kerberos::Model::KdcOptionFlags (class)">KdcOptionFlags</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html#FORWARDABLE-constant" title="Rex::Proto::Kerberos::Model::KdcOptionFlags::FORWARDABLE (constant)">FORWARDABLE</a></span></span><span class='comma'>,</span>
      <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html" title="Rex::Proto::Kerberos::Model::KdcOptionFlags (class)">KdcOptionFlags</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html#RENEWABLE-constant" title="Rex::Proto::Kerberos::Model::KdcOptionFlags::RENEWABLE (constant)">RENEWABLE</a></span></span><span class='comma'>,</span>
      <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html" title="Rex::Proto::Kerberos::Model::KdcOptionFlags (class)">KdcOptionFlags</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html#CANONICALIZE-constant" title="Rex::Proto::Kerberos::Model::KdcOptionFlags::CANONICALIZE (constant)">CANONICALIZE</a></span></span><span class='comma'>,</span>
      <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html" title="Rex::Proto::Kerberos::Model::KdcOptionFlags (class)">KdcOptionFlags</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html#RENEWABLE_OK-constant" title="Rex::Proto::Kerberos::Model::KdcOptionFlags::RENEWABLE_OK (constant)">RENEWABLE_OK</a></span></span>
    <span class='rbracket'>]</span>
  <span class='rparen'>)</span>

  <span class='kw'>if</span> <span class='lparen'>(</span><span class='id identifier rubyid_pfx'>pfx</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:pfx</span><span class='rparen'>)</span> <span class='lbrace'>{</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_pfx'>pfx</span> <span class='rbrace'>}</span><span class='rparen'>)</span>
    <span class='id identifier rubyid_offered_etypes'>offered_etypes</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:offered_etypes</span><span class='rparen'>)</span> <span class='kw'>do</span>
      <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_offered_etypes'>offered_etypes</span> <span class='op'>||</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto.html" title="Rex::Proto::Kerberos::Crypto (module)">Crypto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html" title="Rex::Proto::Kerberos::Crypto::Encryption (module)">Encryption</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html#PkinitEtypes-constant" title="Rex::Proto::Kerberos::Crypto::Encryption::PkinitEtypes (constant)">PkinitEtypes</a></span></span>
    <span class='kw'>end</span>

    <span class='id identifier rubyid_tgt_result'>tgt_result</span> <span class='op'>=</span> <span class='id identifier rubyid_send_request_tgt_pkinit'>send_request_tgt_pkinit</span><span class='lparen'>(</span>
      <span class='label'>server_name:</span> <span class='id identifier rubyid_server_name'>server_name</span><span class='comma'>,</span>
      <span class='label'>client_name:</span> <span class='id identifier rubyid_client_name'>client_name</span><span class='comma'>,</span>
      <span class='label'>pfx:</span> <span class='id identifier rubyid_pfx'>pfx</span><span class='comma'>,</span>
      <span class='label'>realm:</span> <span class='id identifier rubyid_realm'>realm</span><span class='comma'>,</span>
      <span class='label'>options:</span> <span class='id identifier rubyid_ticket_options'>ticket_options</span><span class='comma'>,</span>
      <span class='label'>offered_etypes:</span> <span class='id identifier rubyid_offered_etypes'>offered_etypes</span>
    <span class='rparen'>)</span>
  <span class='kw'>else</span>
    <span class='id identifier rubyid_offered_etypes'>offered_etypes</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:offered_etypes</span><span class='rparen'>)</span> <span class='kw'>do</span>
      <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_offered_etypes'>offered_etypes</span> <span class='op'>||</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto.html" title="Rex::Proto::Kerberos::Crypto (module)">Crypto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html" title="Rex::Proto::Kerberos::Crypto::Encryption (module)">Encryption</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html#DefaultOfferedEtypes-constant" title="Rex::Proto::Kerberos::Crypto::Encryption::DefaultOfferedEtypes (constant)">DefaultOfferedEtypes</a></span></span>
    <span class='kw'>end</span>

    <span class='id identifier rubyid_tgt_result'>tgt_result</span> <span class='op'>=</span> <span class='id identifier rubyid_send_request_tgt'>send_request_tgt</span><span class='lparen'>(</span>
      <span class='label'>server_name:</span> <span class='id identifier rubyid_server_name'>server_name</span><span class='comma'>,</span>
      <span class='label'>client_name:</span> <span class='id identifier rubyid_client_name'>client_name</span><span class='comma'>,</span>
      <span class='label'>password:</span> <span class='id identifier rubyid_password'>password</span><span class='comma'>,</span>
      <span class='label'>key:</span> <span class='id identifier rubyid_key'>key</span><span class='comma'>,</span>
      <span class='label'>realm:</span> <span class='id identifier rubyid_realm'>realm</span><span class='comma'>,</span>
      <span class='label'>options:</span> <span class='id identifier rubyid_ticket_options'>ticket_options</span><span class='comma'>,</span>
      <span class='label'>offered_etypes:</span> <span class='id identifier rubyid_offered_etypes'>offered_etypes</span>
    <span class='rparen'>)</span>
  <span class='kw'>end</span>

  <span class='kw'>if</span> <span class='id identifier rubyid_tgt_result'>tgt_result</span><span class='period'>.</span><span class='id identifier rubyid_decrypted_part'>decrypted_part</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span> <span class='op'>&amp;&amp;</span> <span class='op'>!</span><span class='id identifier rubyid_tgt_result'>tgt_result</span><span class='period'>.</span><span class='id identifier rubyid_preauth_required'>preauth_required</span>
    <span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Error::KerberosError#initialize (method)">new</a></span></span><span class='lparen'>(</span>
      <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Kerberos ticket does not require preauthentication. It is not possible to decrypt the encrypted message to request further TGS tickets. Try cracking the password via AS-REP Roasting techniques.</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
    <span class='rparen'>)</span>
  <span class='kw'>end</span>

  <span class='id identifier rubyid_print_good'>print_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_peer'>peer</span><span class='embexpr_end'>}</span><span class='tstring_content'> - Received a valid TGT-Response</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>

  <span class='id identifier rubyid_ccache'>ccache</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/CredentialCache.html" title="Rex::Proto::Kerberos::CredentialCache (module)">CredentialCache</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/CredentialCache/Krb5Ccache.html" title="Rex::Proto::Kerberos::CredentialCache::Krb5Ccache (class)">Krb5Ccache</a></span></span><span class='period'>.</span><span class='id identifier rubyid_from_responses'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/CredentialCache/Krb5Ccache.html#from_responses-class_method" title="Rex::Proto::Kerberos::CredentialCache::Krb5Ccache.from_responses (method)">from_responses</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_tgt_result'>tgt_result</span><span class='period'>.</span><span class='id identifier rubyid_as_rep'>as_rep</span><span class='comma'>,</span> <span class='id identifier rubyid_tgt_result'>tgt_result</span><span class='period'>.</span><span class='id identifier rubyid_decrypted_part'>decrypted_part</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:ticket_storage</span><span class='comma'>,</span> <span class='ivar'>@ticket_storage</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_store_ccache'>store_ccache</span><span class='lparen'>(</span><span class='id identifier rubyid_ccache'>ccache</span><span class='comma'>,</span> <span class='label'>host:</span> <span class='id identifier rubyid_rhost'>rhost</span><span class='rparen'>)</span>

  <span class='id identifier rubyid_credential'>credential</span> <span class='op'>=</span> <span class='id identifier rubyid_ccache'>ccache</span><span class='period'>.</span><span class='id identifier rubyid_credentials'>credentials</span><span class='period'>.</span><span class='id identifier rubyid_first'>first</span>
  <span class='id identifier rubyid_session_key'>session_key</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/EncryptionKey.html" title="Rex::Proto::Kerberos::Model::EncryptionKey (class)">EncryptionKey</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Element.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Element#initialize (method)">new</a></span></span><span class='lparen'>(</span>
    <span class='label'>type:</span> <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_keyblock'>keyblock</span><span class='period'>.</span><span class='id identifier rubyid_enctype'>enctype</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span><span class='comma'>,</span>
    <span class='label'>value:</span> <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_keyblock'>keyblock</span><span class='period'>.</span><span class='id identifier rubyid_data'>data</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span>
  <span class='rparen'>)</span>

  <span class='lbrace'>{</span> <span class='label'>credential:</span> <span class='id identifier rubyid_credential'>credential</span><span class='comma'>,</span> <span class='label'>session_key:</span> <span class='id identifier rubyid_session_key'>session_key</span><span class='comma'>,</span> <span class='label'>krb_enc_key:</span> <span class='id identifier rubyid_tgt_result'>tgt_result</span><span class='period'>.</span><span class='id identifier rubyid_krb_enc_key'>krb_enc_key</span> <span class='rbrace'>}</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

      <div class="method_details ">
  <h3 class="signature " id="build_spn-instance_method">

    #<strong>build_spn</strong>(options = {})  &#x21d2; <tt>Object</tt>


</h3><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


368
369
370</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 368</span>

<span class='kw'>def</span> <span class='id identifier rubyid_build_spn'>build_spn</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
  <span class='kw'>nil</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

      <div class="method_details ">
  <h3 class="signature " id="connect-instance_method">

    #<strong>connect</strong>(options = {})  &#x21d2; <tt>Object</tt>


</h3><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 209</span>

<span class='kw'>def</span> <span class='id identifier rubyid_connect'>connect</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
  <span class='kw'>unless</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:rhost</span><span class='rbracket'>]</span>
    <span class='kw'>unless</span> <span class='lparen'>(</span><span class='id identifier rubyid_host'>host</span> <span class='op'>=</span> <span class='ivar'>@host</span><span class='rparen'>)</span>
      <span class='id identifier rubyid_vprint_status'>vprint_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Using DNS to lookup the KDC for </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_realm'>realm</span><span class='embexpr_end'>}</span><span class='tstring_content'>...</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
      <span class='id identifier rubyid_host'>host</span> <span class='op'>=</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Socket</span><span class='period'>.</span><span class='id identifier rubyid_getresources'>getresources</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>_kerberos._tcp.</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_realm'>realm</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='symbol'>:SRV</span><span class='rparen'>)</span><span class='op'>&amp;.</span><span class='id identifier rubyid_sample'>sample</span>
      <span class='kw'>if</span> <span class='id identifier rubyid_host'>host</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
        <span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Error::KerberosError#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Failed to lookup the KDC</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
      <span class='kw'>end</span>
      <span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Using KDC </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_host'>host</span><span class='embexpr_end'>}</span><span class='tstring_content'> for realm </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_realm'>realm</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
      <span class='ivar'>@host</span> <span class='op'>=</span> <span class='id identifier rubyid_host'>host</span>
    <span class='kw'>end</span>
    <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:rhost</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_host'>host</span>
  <span class='kw'>end</span>

  <span class='kw'>super</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

      <div class="method_details ">
  <h3 class="signature " id="get_message_encryptor-instance_method">

    #<strong>get_message_encryptor</strong>(key, client_sequence_number, server_sequence_number, use_acceptor_subkey: true, rc4_pad_style: :single_byte)  &#x21d2; <tt>Object</tt>


</h3><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


303
304
305
306
307
308
309
310
311</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 303</span>

<span class='kw'>def</span> <span class='id identifier rubyid_get_message_encryptor'>get_message_encryptor</span><span class='lparen'>(</span><span class='id identifier rubyid_key'>key</span><span class='comma'>,</span> <span class='id identifier rubyid_client_sequence_number'>client_sequence_number</span><span class='comma'>,</span> <span class='id identifier rubyid_server_sequence_number'>server_sequence_number</span><span class='comma'>,</span> <span class='label'>use_acceptor_subkey:</span> <span class='kw'>true</span><span class='comma'>,</span> <span class='label'>rc4_pad_style:</span> <span class='symbol'>:single_byte</span><span class='rparen'>)</span>
  <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss.html" title="Rex::Proto::Gss (module)">Gss</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss/Kerberos.html" title="Rex::Proto::Gss::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss/Kerberos/MessageEncryptor.html" title="Rex::Proto::Gss::Kerberos::MessageEncryptor (class)">MessageEncryptor</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Gss/Kerberos/MessageEncryptor.html#initialize-instance_method" title="Rex::Proto::Gss::Kerberos::MessageEncryptor#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_key'>key</span><span class='comma'>,</span>
                                          <span class='id identifier rubyid_client_sequence_number'>client_sequence_number</span><span class='comma'>,</span>
                                          <span class='id identifier rubyid_server_sequence_number'>server_sequence_number</span><span class='comma'>,</span>
                                          <span class='label'>is_initiator:</span> <span class='kw'>true</span><span class='comma'>,</span>
                                          <span class='label'>use_acceptor_subkey:</span> <span class='id identifier rubyid_use_acceptor_subkey'>use_acceptor_subkey</span><span class='comma'>,</span>
                                          <span class='label'>dce_style:</span> <span class='ivar'>@dce_style</span><span class='comma'>,</span>
                                          <span class='label'>rc4_pad_style:</span> <span class='id identifier rubyid_rc4_pad_style'>rc4_pad_style</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

      <div class="method_details ">
  <h3 class="signature " id="parse_gss_init_response-instance_method">

    #<strong>parse_gss_init_response</strong>(token, session_key)  &#x21d2; <tt>Object</tt>


</h3><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 313</span>

<span class='kw'>def</span> <span class='id identifier rubyid_parse_gss_init_response'>parse_gss_init_response</span><span class='lparen'>(</span><span class='id identifier rubyid_token'>token</span><span class='comma'>,</span> <span class='id identifier rubyid_session_key'>session_key</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_mech_id'>mech_id</span><span class='comma'>,</span> <span class='id identifier rubyid_encapsulated_token'>encapsulated_token</span> <span class='op'>=</span> <span class='id identifier rubyid_unwrap_pseudo_asn1'>unwrap_pseudo_asn1</span><span class='lparen'>(</span><span class='id identifier rubyid_token'>token</span><span class='rparen'>)</span>

  <span class='kw'>if</span> <span class='id identifier rubyid_mech_id'>mech_id</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss.html" title="Rex::Proto::Gss (module)">Gss</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss.html#OID_KERBEROS_5-constant" title="Rex::Proto::Gss::OID_KERBEROS_5 (constant)">OID_KERBEROS_5</a></span></span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span>
    <span class='id identifier rubyid_tok_id'>tok_id</span> <span class='op'>=</span> <span class='id identifier rubyid_encapsulated_token'>encapsulated_token</span><span class='lbracket'>[</span><span class='int'>0</span><span class='comma'>,</span><span class='int'>2</span><span class='rbracket'>]</span>
    <span class='id identifier rubyid_data'>data</span> <span class='op'>=</span> <span class='id identifier rubyid_encapsulated_token'>encapsulated_token</span><span class='lbracket'>[</span><span class='int'>2</span><span class='comma'>,</span> <span class='id identifier rubyid_encapsulated_token'>encapsulated_token</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span><span class='rbracket'>]</span>
    <span class='kw'>case</span> <span class='id identifier rubyid_tok_id'>tok_id</span>
    <span class='kw'>when</span> <span class='const'><span class='object_link'><a href="../Client.html#TOK_ID_KRB_AP_REP-constant" title="Msf::Exploit::Remote::Kerberos::Client::TOK_ID_KRB_AP_REP (constant)">TOK_ID_KRB_AP_REP</a></span></span>
      <span class='id identifier rubyid_ap_rep'>ap_rep</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/ApRep.html" title="Rex::Proto::Kerberos::Model::ApRep (class)">ApRep</a></span></span><span class='period'>.</span><span class='id identifier rubyid_decode'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/ApRep.html#decode-instance_method" title="Rex::Proto::Kerberos::Model::ApRep#decode (method)">decode</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_data'>data</span><span class='rparen'>)</span>
      <span class='id identifier rubyid_print_good'>print_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_peer'>peer</span><span class='embexpr_end'>}</span><span class='tstring_content'> - Received AP-REQ. Extracting session key...</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>

      <span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Mismatching etypes</span><span class='tstring_end'>&#39;</span></span> <span class='kw'>if</span> <span class='id identifier rubyid_session_key'>session_key</span><span class='period'>.</span><span class='id identifier rubyid_type'>type</span> <span class='op'>!=</span> <span class='id identifier rubyid_ap_rep'>ap_rep</span><span class='period'>.</span><span class='id identifier rubyid_enc_part'>enc_part</span><span class='period'>.</span><span class='id identifier rubyid_etype'>etype</span>

      <span class='id identifier rubyid_decrypted'>decrypted</span> <span class='op'>=</span> <span class='id identifier rubyid_ap_rep'>ap_rep</span><span class='period'>.</span><span class='id identifier rubyid_decrypt_enc_part'>decrypt_enc_part</span><span class='lparen'>(</span><span class='id identifier rubyid_session_key'>session_key</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span><span class='rparen'>)</span>

      <span class='id identifier rubyid_result'>result</span> <span class='op'>=</span> <span class='lbrace'>{</span>
        <span class='label'>ap_rep_subkey:</span> <span class='id identifier rubyid_decrypted'>decrypted</span><span class='period'>.</span><span class='id identifier rubyid_subkey'>subkey</span><span class='comma'>,</span>
        <span class='label'>server_sequence_number:</span> <span class='id identifier rubyid_decrypted'>decrypted</span><span class='period'>.</span><span class='id identifier rubyid_sequence_number'>sequence_number</span><span class='comma'>,</span>
        <span class='label'>etype:</span> <span class='id identifier rubyid_ap_rep'>ap_rep</span><span class='period'>.</span><span class='id identifier rubyid_enc_part'>enc_part</span><span class='period'>.</span><span class='id identifier rubyid_etype'>etype</span>
      <span class='rbrace'>}</span>
    <span class='kw'>when</span> <span class='const'><span class='object_link'><a href="../Client.html#TOK_ID_KRB_ERROR-constant" title="Msf::Exploit::Remote::Kerberos::Client::TOK_ID_KRB_ERROR (constant)">TOK_ID_KRB_ERROR</a></span></span>
      <span class='id identifier rubyid_krb_err'>krb_err</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KrbError.html" title="Rex::Proto::Kerberos::Model::KrbError (class)">KrbError</a></span></span><span class='period'>.</span><span class='id identifier rubyid_decode'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KrbError.html#decode-instance_method" title="Rex::Proto::Kerberos::Model::KrbError#decode (method)">decode</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_data'>data</span><span class='rparen'>)</span>
      <span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_peer'>peer</span><span class='embexpr_end'>}</span><span class='tstring_content'> - Received KRB-ERR.</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>

      <span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Error::KerberosError#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='label'>res:</span> <span class='id identifier rubyid_krb_err'>krb_err</span><span class='rparen'>)</span>
    <span class='kw'>else</span>
      <span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Unknown token id: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_tok_id'>tok_id</span><span class='period'>.</span><span class='id identifier rubyid_inspect'>inspect</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
    <span class='kw'>end</span>
  <span class='kw'>else</span>
    <span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'>NotImplementedError</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Parsing mechtype </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_mech_id'>mech_id</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span><span class='embexpr_end'>}</span><span class='tstring_content'> not supported</span><span class='tstring_end'>&quot;</span></span>
  <span class='kw'>end</span>

<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

      <div class="method_details ">
  <h3 class="signature " id="request_service_ticket-instance_method">

    #<strong>request_service_ticket</strong>(session_key, tgt_ticket, realm, client_name, etypes, expiry_time, now, sname, options = {})  &#x21d2; <tt>Array</tt>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns The TGS ticket and the decrypted TGS credentials as a MIT Cache Credential.</p>


  </div>
</div>
<div class="tags">
  <p class="tag_title">Parameters:</p>
<ul class="param">

    <li>

        <span class='name'>session_key</span>


        <span class='type'>(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/EncryptionKey.html" title="Rex::Proto::Kerberos::Model::EncryptionKey (class)">Rex::Proto::Kerberos::Model::EncryptionKey</a></span></tt>)</span>


    </li>

    <li>

        <span class='name'>tgt_ticket</span>


        <span class='type'>(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Ticket.html" title="Rex::Proto::Kerberos::Model::Ticket (class)">Rex::Proto::Kerberos::Model::Ticket</a></span></tt>)</span>


    </li>

    <li>

        <span class='name'>realm</span>


        <span class='type'>(<tt>String</tt>)</span>


    </li>

    <li>

        <span class='name'>client_name</span>


        <span class='type'>(<tt>String</tt>)</span>


    </li>

    <li>

        <span class='name'>etypes</span>


        <span class='type'>(<tt>Integer</tt>)</span>


    </li>

    <li>

        <span class='name'>expiry_time</span>


        <span class='type'>(<tt>Time</tt>)</span>


    </li>

    <li>

        <span class='name'>now</span>


        <span class='type'>(<tt>Time</tt>)</span>


    </li>

    <li>

        <span class='name'>sname</span>


        <span class='type'>(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PrincipalName.html" title="Rex::Proto::Kerberos::Model::PrincipalName (class)">Rex::Proto::Kerberos::Model::PrincipalName</a></span></tt>)</span>


    </li>

    <li>

        <span class='name'>options</span>


        <span class='type'>(<tt>Hash</tt>)</span>


        <em class="default">(defaults to: <tt>{}</tt>)</em>


    </li>

</ul>


    <p class="tag_title">Options Hash (<tt>options</tt>):</p>
    <ul class="option">

        <li>
          <span class="name">:additional_flags</span>
          <span class="type">(<tt>Array&lt;<span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html" title="Rex::Proto::Kerberos::Model::KdcOptionFlags (class)">Rex::Proto::Kerberos::Model::KdcOptionFlags</a></span>&gt;</tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>Any additional flags to add to the TGS request option flags. The FORWARDABLE, RENEWABLE and CANONICALIZE flags are set by default.</p>
</div>

        </li>

        <li>
          <span class="name">:additional_tickets</span>
          <span class="type">(<tt>Array&lt;<span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Ticket.html" title="Rex::Proto::Kerberos::Model::Ticket (class)">Rex::Proto::Kerberos::Model::Ticket</a></span>&gt;</tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>Any additional tickets to add to the request</p>
</div>

        </li>

        <li>
          <span class="name">:pa_data</span>
          <span class="type">(<tt>Array&lt;<span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PreAuthDataEntry.html" title="Rex::Proto::Kerberos::Model::PreAuthDataEntry (class)">Rex::Proto::Kerberos::Model::PreAuthDataEntry</a></span>&gt;</tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>Any additional pre-auth data entries to add to the request</p>
</div>

        </li>

        <li>
          <span class="name">:ticket_storage</span>
          <span class="type">(<tt><span class='object_link'><a href="../Ticket/Storage/Base.html" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage::Base (class)">Msf::Exploit::Remote::Kerberos::Ticket::Storage::Base</a></span></tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>Override the @ticket_storage attribute</p>
</div>

        </li>

        <li>
          <span class="name">:credential_cache_username</span>
          <span class="type">(<tt>String</tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>The name of user corresponding to the requested TGS ticket. This name will be used in the info field when the tickets is stored in the database. This can be used to override the original username in case of impersonation.</p>
</div>

        </li>

    </ul>


<p class="tag_title">Returns:</p>
<ul class="return">

    <li>


        <span class='type'>(<tt>Array</tt>)</span>


        &mdash;
        <div class='inline'>
<p>The TGS ticket and the decrypted TGS credentials as a MIT Cache Credential</p>
</div>

    </li>

</ul>
<p class="tag_title">Raises:</p>
<ul class="raise">

    <li>


        <span class='type'>(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">Rex::Proto::Kerberos::Model::Error::KerberosError</a></span></tt>)</span>


    </li>

</ul>

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 695</span>

<span class='kw'>def</span> <span class='id identifier rubyid_request_service_ticket'>request_service_ticket</span><span class='lparen'>(</span><span class='id identifier rubyid_session_key'>session_key</span><span class='comma'>,</span> <span class='id identifier rubyid_tgt_ticket'>tgt_ticket</span><span class='comma'>,</span> <span class='id identifier rubyid_realm'>realm</span><span class='comma'>,</span> <span class='id identifier rubyid_client_name'>client_name</span><span class='comma'>,</span> <span class='id identifier rubyid_etypes'>etypes</span><span class='comma'>,</span> <span class='id identifier rubyid_expiry_time'>expiry_time</span><span class='comma'>,</span> <span class='id identifier rubyid_now'>now</span><span class='comma'>,</span> <span class='id identifier rubyid_sname'>sname</span><span class='comma'>,</span> <span class='id identifier rubyid_options'>options</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_etypes'>etypes</span> <span class='op'>=</span> <span class='id identifier rubyid_etypes'>etypes</span><span class='period'>.</span><span class='id identifier rubyid_is_a?'>is_a?</span><span class='lparen'>(</span><span class='op'>::</span><span class='const'>Enumerable</span><span class='rparen'>)</span> <span class='op'>?</span> <span class='id identifier rubyid_etypes'>etypes</span> <span class='op'>:</span> <span class='lbracket'>[</span><span class='id identifier rubyid_etypes'>etypes</span><span class='rbracket'>]</span>

  <span class='id identifier rubyid_flags'>flags</span> <span class='op'>=</span> <span class='const'>Set</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='lbracket'>[</span>
    <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html" title="Rex::Proto::Kerberos::Model::KdcOptionFlags (class)">KdcOptionFlags</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html#FORWARDABLE-constant" title="Rex::Proto::Kerberos::Model::KdcOptionFlags::FORWARDABLE (constant)">FORWARDABLE</a></span></span><span class='comma'>,</span>
    <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html" title="Rex::Proto::Kerberos::Model::KdcOptionFlags (class)">KdcOptionFlags</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html#RENEWABLE-constant" title="Rex::Proto::Kerberos::Model::KdcOptionFlags::RENEWABLE (constant)">RENEWABLE</a></span></span><span class='comma'>,</span>
    <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html" title="Rex::Proto::Kerberos::Model::KdcOptionFlags (class)">KdcOptionFlags</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html#CANONICALIZE-constant" title="Rex::Proto::Kerberos::Model::KdcOptionFlags::CANONICALIZE (constant)">CANONICALIZE</a></span></span><span class='comma'>,</span>
  <span class='rbracket'>]</span><span class='rparen'>)</span>
  <span class='kw'>if</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:additional_flags</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>
    <span class='id identifier rubyid_additional_flags'>additional_flags</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:additional_flags</span><span class='rbracket'>]</span>
    <span class='id identifier rubyid_additional_flags'>additional_flags</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='id identifier rubyid_additional_flags'>additional_flags</span><span class='rbracket'>]</span> <span class='kw'>unless</span> <span class='id identifier rubyid_additional_flags'>additional_flags</span><span class='period'>.</span><span class='id identifier rubyid_is_a?'>is_a?</span><span class='lparen'>(</span><span class='op'>::</span><span class='const'>Enumerable</span><span class='rparen'>)</span>
    <span class='id identifier rubyid_flags'>flags</span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span><span class='id identifier rubyid_additional_flags'>additional_flags</span><span class='rparen'>)</span>
  <span class='kw'>end</span>
  <span class='id identifier rubyid_ticket_options'>ticket_options</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html" title="Rex::Proto::Kerberos::Model::KdcOptionFlags (class)">KdcOptionFlags</a></span></span><span class='period'>.</span><span class='id identifier rubyid_from_flags'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KerberosFlags.html#from_flags-class_method" title="Rex::Proto::Kerberos::Model::KerberosFlags.from_flags (method)">from_flags</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_flags'>flags</span><span class='rparen'>)</span>

  <span class='id identifier rubyid_tgs_body_options'>tgs_body_options</span> <span class='op'>=</span> <span class='lbrace'>{</span>
    <span class='label'>cname:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>sname:</span> <span class='id identifier rubyid_sname'>sname</span><span class='comma'>,</span>
    <span class='label'>realm:</span> <span class='id identifier rubyid_realm'>realm</span><span class='comma'>,</span>
    <span class='label'>etype:</span> <span class='id identifier rubyid_etypes'>etypes</span><span class='comma'>,</span>
    <span class='label'>options:</span> <span class='id identifier rubyid_ticket_options'>ticket_options</span><span class='comma'>,</span>

    <span class='comment'># Specify nil to ensure the KDC uses the current time for the desired starttime of the requested ticket
</span>    <span class='label'>from:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>till:</span> <span class='id identifier rubyid_expiry_time'>expiry_time</span><span class='comma'>,</span>
    <span class='label'>rtime:</span> <span class='kw'>nil</span><span class='comma'>,</span>

    <span class='comment'># certificate time
</span>    <span class='label'>ctime:</span> <span class='id identifier rubyid_now'>now</span>
  <span class='rbrace'>}</span>
  <span class='id identifier rubyid_tgs_body_options'>tgs_body_options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>
  <span class='id identifier rubyid_tgs_body_options'>tgs_body_options</span><span class='lbracket'>[</span><span class='symbol'>:nonce</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:nonce</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:nonce</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>

  <span class='kw'>if</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:additional_tickets</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>
    <span class='id identifier rubyid_additional_tickets'>additional_tickets</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:additional_tickets</span><span class='rbracket'>]</span>
    <span class='id identifier rubyid_additional_tickets'>additional_tickets</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='id identifier rubyid_additional_tickets'>additional_tickets</span><span class='rbracket'>]</span> <span class='kw'>unless</span> <span class='id identifier rubyid_additional_tickets'>additional_tickets</span><span class='period'>.</span><span class='id identifier rubyid_is_a?'>is_a?</span><span class='lparen'>(</span><span class='op'>::</span><span class='const'>Enumerable</span><span class='rparen'>)</span>
    <span class='id identifier rubyid_tgs_body_options'>tgs_body_options</span><span class='lbracket'>[</span><span class='symbol'>:additional_tickets</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_additional_tickets'>additional_tickets</span>
  <span class='kw'>end</span>

  <span class='id identifier rubyid_tgs_options'>tgs_options</span> <span class='op'>=</span> <span class='lbrace'>{</span>
    <span class='label'>session_key:</span> <span class='id identifier rubyid_session_key'>session_key</span><span class='comma'>,</span>
    <span class='label'>subkey:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>checksum:</span> <span class='kw'>nil</span><span class='comma'>,</span>
    <span class='label'>ticket:</span> <span class='id identifier rubyid_tgt_ticket'>tgt_ticket</span><span class='comma'>,</span>
    <span class='label'>realm:</span> <span class='id identifier rubyid_realm'>realm</span><span class='comma'>,</span>
    <span class='label'>client_name:</span> <span class='id identifier rubyid_client_name'>client_name</span><span class='comma'>,</span>
    <span class='label'>options:</span> <span class='id identifier rubyid_ticket_options'>ticket_options</span><span class='comma'>,</span>

    <span class='label'>body:</span> <span class='id identifier rubyid_build_tgs_request_body'>build_tgs_request_body</span><span class='lparen'>(</span><span class='op'>**</span><span class='id identifier rubyid_tgs_body_options'>tgs_body_options</span><span class='rparen'>)</span>
  <span class='rbrace'>}</span>

  <span class='id identifier rubyid_tgs_options'>tgs_options</span><span class='lbracket'>[</span><span class='symbol'>:nonce</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:nonce</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:nonce</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>
  <span class='id identifier rubyid_tgs_options'>tgs_options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>
  <span class='id identifier rubyid_tgs_options'>tgs_options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate_type</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate_type</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate_type</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>

  <span class='kw'>if</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:pa_data</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>
    <span class='id identifier rubyid_pa_data'>pa_data</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:pa_data</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_is_a?'>is_a?</span><span class='lparen'>(</span><span class='op'>::</span><span class='const'>Enumerable</span><span class='rparen'>)</span> <span class='op'>?</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:pa_data</span><span class='rbracket'>]</span> <span class='op'>:</span> <span class='lbracket'>[</span><span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:pa_data</span><span class='rbracket'>]</span><span class='rbracket'>]</span>
    <span class='id identifier rubyid_tgs_options'>tgs_options</span><span class='lbracket'>[</span><span class='symbol'>:pa_data</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_pa_data'>pa_data</span>
  <span class='kw'>end</span>

  <span class='id identifier rubyid_tgs_res'>tgs_res</span> <span class='op'>=</span> <span class='id identifier rubyid_send_request_tgs'>send_request_tgs</span><span class='lparen'>(</span>
      <span class='label'>req:</span> <span class='id identifier rubyid_build_tgs_request'>build_tgs_request</span><span class='lparen'>(</span><span class='id identifier rubyid_tgs_options'>tgs_options</span><span class='rparen'>)</span>
  <span class='rparen'>)</span>

  <span class='comment'># Verify error codes
</span>  <span class='kw'>if</span> <span class='id identifier rubyid_tgs_res'>tgs_res</span><span class='period'>.</span><span class='id identifier rubyid_msg_type'>msg_type</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html#KRB_ERROR-constant" title="Rex::Proto::Kerberos::Model::KRB_ERROR (constant)">KRB_ERROR</a></span></span>
    <span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Error::KerberosError#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='label'>res:</span> <span class='id identifier rubyid_tgs_res'>tgs_res</span><span class='rparen'>)</span>
  <span class='kw'>end</span>

  <span class='id identifier rubyid_print_good'>print_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_peer'>peer</span><span class='embexpr_end'>}</span><span class='tstring_content'> - Received a valid TGS-Response</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>

  <span class='id identifier rubyid_ccache'>ccache</span> <span class='op'>=</span> <span class='id identifier rubyid_extract_kerb_creds'>extract_kerb_creds</span><span class='lparen'>(</span>
    <span class='id identifier rubyid_tgs_res'>tgs_res</span><span class='comma'>,</span>
    <span class='id identifier rubyid_session_key'>session_key</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span><span class='comma'>,</span>
    <span class='label'>msg_type:</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto.html" title="Rex::Proto::Kerberos::Crypto (module)">Crypto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/KeyUsage.html" title="Rex::Proto::Kerberos::Crypto::KeyUsage (module)">KeyUsage</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/KeyUsage.html#TGS_REP_ENCPART_SESSION_KEY-constant" title="Rex::Proto::Kerberos::Crypto::KeyUsage::TGS_REP_ENCPART_SESSION_KEY (constant)">TGS_REP_ENCPART_SESSION_KEY</a></span></span>
  <span class='rparen'>)</span>
  <span class='kw'>if</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential_cache_username</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>
    <span class='id identifier rubyid_client'>client</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:credential_cache_username</span><span class='rbracket'>]</span>
  <span class='kw'>else</span>
    <span class='id identifier rubyid_client'>client</span> <span class='op'>=</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_username'>username</span>
  <span class='kw'>end</span>
  <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:ticket_storage</span><span class='comma'>,</span> <span class='ivar'>@ticket_storage</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_store_ccache'>store_ccache</span><span class='lparen'>(</span>
    <span class='id identifier rubyid_ccache'>ccache</span><span class='comma'>,</span>
    <span class='label'>host:</span> <span class='id identifier rubyid_rhost'>rhost</span><span class='comma'>,</span>
    <span class='label'>client:</span> <span class='id identifier rubyid_client'>client</span><span class='comma'>,</span>
    <span class='label'>server:</span> <span class='id identifier rubyid_sname'>sname</span>
  <span class='rparen'>)</span>

  <span class='id identifier rubyid_tgs_ticket'>tgs_ticket</span> <span class='op'>=</span> <span class='id identifier rubyid_tgs_res'>tgs_res</span><span class='period'>.</span><span class='id identifier rubyid_ticket'>ticket</span>
  <span class='id identifier rubyid_tgs_auth'>tgs_auth</span> <span class='op'>=</span> <span class='id identifier rubyid_decrypt_kdc_tgs_rep_enc_part'>decrypt_kdc_tgs_rep_enc_part</span><span class='lparen'>(</span>
    <span class='id identifier rubyid_tgs_res'>tgs_res</span><span class='comma'>,</span>
    <span class='id identifier rubyid_session_key'>session_key</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span><span class='comma'>,</span>
    <span class='label'>msg_type:</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto.html" title="Rex::Proto::Kerberos::Crypto (module)">Crypto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/KeyUsage.html" title="Rex::Proto::Kerberos::Crypto::KeyUsage (module)">KeyUsage</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/KeyUsage.html#TGS_REP_ENCPART_SESSION_KEY-constant" title="Rex::Proto::Kerberos::Crypto::KeyUsage::TGS_REP_ENCPART_SESSION_KEY (constant)">TGS_REP_ENCPART_SESSION_KEY</a></span></span>
  <span class='rparen'>)</span>

  <span class='lbracket'>[</span><span class='id identifier rubyid_tgs_ticket'>tgs_ticket</span><span class='comma'>,</span> <span class='id identifier rubyid_tgs_auth'>tgs_auth</span><span class='comma'>,</span> <span class='id identifier rubyid_ccache'>ccache</span><span class='period'>.</span><span class='id identifier rubyid_credentials'>credentials</span><span class='period'>.</span><span class='id identifier rubyid_first'>first</span><span class='rbracket'>]</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

      <div class="method_details ">
  <h3 class="signature " id="request_tgs_only-instance_method">

    #<strong>request_tgs_only</strong>(credential, options = {})  &#x21d2; <tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/CredentialCache/Krb5CcacheCredential.html" title="Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential (class)">Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential</a></span></tt>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns The ccache credential.</p>


  </div>
</div>
<div class="tags">
  <p class="tag_title">Parameters:</p>
<ul class="param">

    <li>

        <span class='name'>options</span>


        <span class='type'>(<tt>Hash</tt>)</span>


        <em class="default">(defaults to: <tt>{}</tt>)</em>


    </li>

    <li>

        <span class='name'>:credential</span>


        <span class='type'>(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/CredentialCache/Krb5CcacheCredential.html" title="Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential (class)">Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential</a></span></tt>)</span>


        &mdash;
        <div class='inline'>
<p>The ccache credential from the TGT</p>
</div>

    </li>

</ul>


    <p class="tag_title">Options Hash (<tt>options</tt>):</p>
    <ul class="option">

        <li>
          <span class="name">:ticket_storage</span>
          <span class="type">(<tt><span class='object_link'><a href="../Ticket/Storage/Base.html" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage::Base (class)">Msf::Exploit::Remote::Kerberos::Ticket::Storage::Base</a></span></tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>Override the @ticket_storage attribute</p>
</div>

        </li>

    </ul>


<p class="tag_title">Returns:</p>
<ul class="return">

    <li>


        <span class='type'>(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/CredentialCache/Krb5CcacheCredential.html" title="Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential (class)">Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential</a></span></tt>)</span>


        &mdash;
        <div class='inline'>
<p>The ccache credential</p>
</div>

    </li>

</ul>

  <p class="tag_title">See Also:</p>
  <ul class="see">

      <li><span class='object_link'>Options documentation</span></li>

      <li><span class='object_link'>Other options documentation</span></li>

  </ul>

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


410
411
412
413
414
415
416
417
418
419</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 410</span>

<span class='kw'>def</span> <span class='id identifier rubyid_request_tgs_only'>request_tgs_only</span><span class='lparen'>(</span><span class='id identifier rubyid_credential'>credential</span><span class='comma'>,</span> <span class='id identifier rubyid_options'>options</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
  <span class='comment'># load a cached TGS
</span>  <span class='kw'>if</span> <span class='lparen'>(</span><span class='id identifier rubyid_ccache'>ccache</span> <span class='op'>=</span> <span class='id identifier rubyid_get_cached_credential'>get_cached_credential</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span><span class='rparen'>)</span>
    <span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Using cached credential for </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_ccache'>ccache</span><span class='period'>.</span><span class='id identifier rubyid_server'>server</span><span class='embexpr_end'>}</span><span class='tstring_content'> </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_ccache'>ccache</span><span class='period'>.</span><span class='id identifier rubyid_client'>client</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
    <span class='kw'>return</span> <span class='id identifier rubyid_ccache'>ccache</span>
  <span class='kw'>end</span>

  <span class='id identifier rubyid_auth_context'>auth_context</span> <span class='op'>=</span> <span class='id identifier rubyid_authenticate_via_krb5_ccache_credential_tgt'>authenticate_via_krb5_ccache_credential_tgt</span><span class='lparen'>(</span><span class='id identifier rubyid_credential'>credential</span><span class='comma'>,</span> <span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_auth_context'>auth_context</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

      <div class="method_details ">
  <h3 class="signature " id="request_tgt_only-instance_method">

    #<strong>request_tgt_only</strong>(options = {})  &#x21d2; <tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/CredentialCache/Krb5CcacheCredential.html" title="Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential (class)">Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential</a></span></tt>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns The ccache credential.</p>


  </div>
</div>
<div class="tags">
  <p class="tag_title">Parameters:</p>
<ul class="param">

    <li>

        <span class='name'>options</span>


        <span class='type'>(<tt>Hash</tt>)</span>


        <em class="default">(defaults to: <tt>{}</tt>)</em>


    </li>

</ul>


    <p class="tag_title">Options Hash (<tt>options</tt>):</p>
    <ul class="option">

        <li>
          <span class="name">:ticket_storage</span>
          <span class="type">(<tt><span class='object_link'><a href="../Ticket/Storage/Base.html" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage::Base (class)">Msf::Exploit::Remote::Kerberos::Ticket::Storage::Base</a></span></tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>Override the @ticket_storage attribute</p>
</div>

        </li>

    </ul>


<p class="tag_title">Returns:</p>
<ul class="return">

    <li>


        <span class='type'>(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/CredentialCache/Krb5CcacheCredential.html" title="Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential (class)">Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential</a></span></tt>)</span>


        &mdash;
        <div class='inline'>
<p>The ccache credential</p>
</div>

    </li>

</ul>

  <p class="tag_title">See Also:</p>
  <ul class="see">

      <li><span class='object_link'><a href="#authenticate_via_kdc-instance_method" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Base#authenticate_via_kdc (method)">Options documentation</a></span></li>

      <li><span class='object_link'>Other options documentation</span></li>

  </ul>

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 377</span>

<span class='kw'>def</span> <span class='id identifier rubyid_request_tgt_only'>request_tgt_only</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
  <span class='kw'>if</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:cache_file</span><span class='rbracket'>]</span>
    <span class='id identifier rubyid_credential'>credential</span> <span class='op'>=</span> <span class='id identifier rubyid_load_credential_from_file'>load_credential_from_file</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:cache_file</span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='op'>&amp;.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:credential</span><span class='comma'>,</span> <span class='kw'>nil</span><span class='rparen'>)</span>
  <span class='kw'>else</span>
    <span class='id identifier rubyid_credential'>credential</span> <span class='op'>=</span> <span class='id identifier rubyid_get_cached_credential'>get_cached_credential</span><span class='lparen'>(</span>
      <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span>
        <span class='label'>sname:</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PrincipalName.html" title="Rex::Proto::Kerberos::Model::PrincipalName (class)">PrincipalName</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Element.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Element#initialize (method)">new</a></span></span><span class='lparen'>(</span>
          <span class='label'>name_type:</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/NameType.html" title="Rex::Proto::Kerberos::Model::NameType (module)">NameType</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/NameType.html#NT_SRV_INST-constant" title="Rex::Proto::Kerberos::Model::NameType::NT_SRV_INST (constant)">NT_SRV_INST</a></span></span><span class='comma'>,</span>
          <span class='label'>name_string:</span> <span class='lbracket'>[</span>
            <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>krbtgt</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span>
            <span class='id identifier rubyid_realm'>realm</span>
          <span class='rbracket'>]</span>
        <span class='rparen'>)</span>
      <span class='rparen'>)</span>
    <span class='rparen'>)</span>
  <span class='kw'>end</span>

  <span class='kw'>if</span> <span class='id identifier rubyid_credential'>credential</span>
    <span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Using cached credential for </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_server'>server</span><span class='embexpr_end'>}</span><span class='tstring_content'> </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_client'>client</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
    <span class='kw'>return</span> <span class='id identifier rubyid_credential'>credential</span>
  <span class='kw'>end</span>

  <span class='id identifier rubyid_auth_context'>auth_context</span> <span class='op'>=</span> <span class='id identifier rubyid_authenticate_via_kdc'>authenticate_via_kdc</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span>
  <span class='kw'>return</span> <span class='id identifier rubyid_auth_context'>auth_context</span><span class='lbracket'>[</span><span class='symbol'>:credential</span><span class='rbracket'>]</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

      <div class="method_details ">
  <h3 class="signature " id="rhost-instance_method">

    #<strong>rhost</strong>  &#x21d2; <tt>String</tt>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the target host</p>


  </div>
</div>
<div class="tags">

<p class="tag_title">Returns:</p>
<ul class="return">

    <li>


        <span class='type'>(<tt>String</tt>)</span>


    </li>

</ul>

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


198
199
200</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 198</span>

<span class='kw'>def</span> <span class='id identifier rubyid_rhost'>rhost</span>
  <span class='id identifier rubyid_host'>host</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

      <div class="method_details ">
  <h3 class="signature " id="rport-instance_method">

    #<strong>rport</strong>  &#x21d2; <tt>Integer</tt>


</h3><div class="docstring">
  <div class="discussion">

<p>Returns the remote port</p>


  </div>
</div>
<div class="tags">

<p class="tag_title">Returns:</p>
<ul class="return">

    <li>


        <span class='type'>(<tt>Integer</tt>)</span>


    </li>

</ul>

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


205
206
207</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 205</span>

<span class='kw'>def</span> <span class='id identifier rubyid_rport'>rport</span>
  <span class='id identifier rubyid_port'>port</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

      <div class="method_details ">
  <h3 class="signature " id="s4u2proxy-instance_method">

    #<strong>s4u2proxy</strong>(credential, options = {})  &#x21d2; <tt>Array</tt>


</h3><div class="docstring">
  <div class="discussion">

<p>Request a service ticket to another service on behalf of a user</p>


  </div>
</div>
<div class="tags">
  <p class="tag_title">Parameters:</p>
<ul class="param">

    <li>

        <span class='name'>credential</span>


        <span class='type'>(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/CredentialCache/Krb5CcacheCredential.html" title="Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential (class)">Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential</a></span></tt>)</span>


        &mdash;
        <div class='inline'>
<p>The ccache credential from the TGT</p>
</div>

    </li>

    <li>

        <span class='name'>options</span>


        <span class='type'>(<tt>Hash</tt>)</span>


        <em class="default">(defaults to: <tt>{}</tt>)</em>


    </li>

</ul>


    <p class="tag_title">Options Hash (<tt>options</tt>):</p>
    <ul class="option">

        <li>
          <span class="name">:sname</span>
          <span class="type">(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PrincipalName.html" title="Rex::Proto::Kerberos::Model::PrincipalName (class)">Rex::Proto::Kerberos::Model::PrincipalName</a></span></tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>The target service principal name.</p>
</div>

        </li>

        <li>
          <span class="name">:tgs_ticket</span>
          <span class="type">(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Ticket.html" title="Rex::Proto::Kerberos::Model::Ticket (class)">Rex::Proto::Kerberos::Model::Ticket</a></span></tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>The service ticket to the first service. It must have the forwardable flag set. This ticket can be obtained with #s4u2self.</p>
</div>

        </li>

        <li>
          <span class="name">:ticket_storage</span>
          <span class="type">(<tt><span class='object_link'><a href="../Ticket/Storage/Base.html" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage::Base (class)">Msf::Exploit::Remote::Kerberos::Ticket::Storage::Base</a></span></tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>Override the @ticket_storage attribute</p>
</div>

        </li>

        <li>
          <span class="name">:impersonate</span>
          <span class="type">(<tt>String</tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>The name of the user to request a ticket on behalf of</p>
</div>

        </li>

    </ul>


<p class="tag_title">Returns:</p>
<ul class="return">

    <li>


        <span class='type'>(<tt>Array</tt>)</span>


        &mdash;
        <div class='inline'>
<p>The new TGS ticket and the decrypted TGS credentials as a MIT Cache Credential</p>
</div>

    </li>

</ul>

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 489</span>

<span class='kw'>def</span> <span class='id identifier rubyid_s4u2proxy'>s4u2proxy</span><span class='lparen'>(</span><span class='id identifier rubyid_credential'>credential</span><span class='comma'>,</span> <span class='id identifier rubyid_options'>options</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_realm'>realm</span> <span class='op'>=</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_realm'>realm</span><span class='period'>.</span><span class='id identifier rubyid_upcase'>upcase</span>
  <span class='id identifier rubyid_sname'>sname</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:sname</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_client_name'>client_name</span> <span class='op'>=</span> <span class='id identifier rubyid_username'>username</span>

  <span class='id identifier rubyid_now'>now</span> <span class='op'>=</span> <span class='id identifier rubyid_kerberos_time'>kerberos_time</span>
  <span class='id identifier rubyid_expiry_time'>expiry_time</span> <span class='op'>=</span> <span class='id identifier rubyid_now'>now</span> <span class='op'>+</span> <span class='int'>1</span><span class='period'>.</span><span class='id identifier rubyid_day'>day</span>

  <span class='id identifier rubyid_ticket'>ticket</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Ticket.html" title="Rex::Proto::Kerberos::Model::Ticket (class)">Ticket</a></span></span><span class='period'>.</span><span class='id identifier rubyid_decode'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Ticket.html#decode-instance_method" title="Rex::Proto::Kerberos::Model::Ticket#decode (method)">decode</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_ticket'>ticket</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_session_key'>session_key</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/EncryptionKey.html" title="Rex::Proto::Kerberos::Model::EncryptionKey (class)">EncryptionKey</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Element.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Element#initialize (method)">new</a></span></span><span class='lparen'>(</span>
    <span class='label'>type:</span> <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_keyblock'>keyblock</span><span class='period'>.</span><span class='id identifier rubyid_enctype'>enctype</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span><span class='comma'>,</span>
    <span class='label'>value:</span> <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_keyblock'>keyblock</span><span class='period'>.</span><span class='id identifier rubyid_data'>data</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span>
  <span class='rparen'>)</span>

  <span class='id identifier rubyid_pa_pac_options_flags'>pa_pac_options_flags</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PreAuthPacOptionsFlags.html" title="Rex::Proto::Kerberos::Model::PreAuthPacOptionsFlags (class)">PreAuthPacOptionsFlags</a></span></span><span class='period'>.</span><span class='id identifier rubyid_from_flags'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KerberosFlags.html#from_flags-class_method" title="Rex::Proto::Kerberos::Model::KerberosFlags.from_flags (method)">from_flags</a></span></span><span class='lparen'>(</span>
    <span class='lbracket'>[</span>
      <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PreAuthPacOptionsFlags.html" title="Rex::Proto::Kerberos::Model::PreAuthPacOptionsFlags (class)">PreAuthPacOptionsFlags</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PreAuthPacOptionsFlags.html#RESOURCE_BASED_CONSTRAINED_DELEGATION-constant" title="Rex::Proto::Kerberos::Model::PreAuthPacOptionsFlags::RESOURCE_BASED_CONSTRAINED_DELEGATION (constant)">RESOURCE_BASED_CONSTRAINED_DELEGATION</a></span></span>
    <span class='rbracket'>]</span>
  <span class='rparen'>)</span>
  <span class='id identifier rubyid_pa_pac_options'>pa_pac_options</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PreAuthPacOptions.html" title="Rex::Proto::Kerberos::Model::PreAuthPacOptions (class)">PreAuthPacOptions</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Element.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Element#initialize (method)">new</a></span></span><span class='lparen'>(</span>
    <span class='label'>flags:</span> <span class='id identifier rubyid_pa_pac_options_flags'>pa_pac_options_flags</span>
  <span class='rparen'>)</span>
  <span class='id identifier rubyid_pa_data_entry'>pa_data_entry</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PreAuthDataEntry.html" title="Rex::Proto::Kerberos::Model::PreAuthDataEntry (class)">PreAuthDataEntry</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Element.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Element#initialize (method)">new</a></span></span><span class='lparen'>(</span>
    <span class='label'>type:</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PreAuthType.html" title="Rex::Proto::Kerberos::Model::PreAuthType (module)">PreAuthType</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PreAuthType.html#PA_PAC_OPTIONS-constant" title="Rex::Proto::Kerberos::Model::PreAuthType::PA_PAC_OPTIONS (constant)">PA_PAC_OPTIONS</a></span></span><span class='comma'>,</span>
    <span class='label'>value:</span> <span class='id identifier rubyid_pa_pac_options'>pa_pac_options</span><span class='period'>.</span><span class='id identifier rubyid_encode'>encode</span>
  <span class='rparen'>)</span>

  <span class='id identifier rubyid_etypes'>etypes</span> <span class='op'>=</span> <span class='const'>Set</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='lbracket'>[</span><span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_keyblock'>keyblock</span><span class='period'>.</span><span class='id identifier rubyid_enctype'>enctype</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span><span class='rbracket'>]</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_etypes'>etypes</span> <span class='op'>&lt;&lt;</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto.html" title="Rex::Proto::Kerberos::Crypto (module)">Crypto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html" title="Rex::Proto::Kerberos::Crypto::Encryption (module)">Encryption</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html#RC4_HMAC-constant" title="Rex::Proto::Kerberos::Crypto::Encryption::RC4_HMAC (constant)">RC4_HMAC</a></span></span>
  <span class='id identifier rubyid_etypes'>etypes</span> <span class='op'>&lt;&lt;</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto.html" title="Rex::Proto::Kerberos::Crypto (module)">Crypto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html" title="Rex::Proto::Kerberos::Crypto::Encryption (module)">Encryption</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html#DES_CBC_MD5-constant" title="Rex::Proto::Kerberos::Crypto::Encryption::DES_CBC_MD5 (constant)">DES_CBC_MD5</a></span></span>
  <span class='id identifier rubyid_etypes'>etypes</span> <span class='op'>&lt;&lt;</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto.html" title="Rex::Proto::Kerberos::Crypto (module)">Crypto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html" title="Rex::Proto::Kerberos::Crypto::Encryption (module)">Encryption</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html#DES3_CBC_SHA1-constant" title="Rex::Proto::Kerberos::Crypto::Encryption::DES3_CBC_SHA1 (constant)">DES3_CBC_SHA1</a></span></span>

  <span class='id identifier rubyid_tgs_options'>tgs_options</span> <span class='op'>=</span> <span class='lbrace'>{</span>
    <span class='label'>pa_data:</span> <span class='id identifier rubyid_pa_data_entry'>pa_data_entry</span><span class='comma'>,</span>
    <span class='label'>additional_flags:</span> <span class='lbracket'>[</span><span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html" title="Rex::Proto::Kerberos::Model::KdcOptionFlags (class)">KdcOptionFlags</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html#CNAME_IN_ADDL_TKT-constant" title="Rex::Proto::Kerberos::Model::KdcOptionFlags::CNAME_IN_ADDL_TKT (constant)">CNAME_IN_ADDL_TKT</a></span></span><span class='rbracket'>]</span><span class='comma'>,</span>
    <span class='label'>additional_tickets:</span> <span class='lbracket'>[</span><span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:tgs_ticket</span><span class='rbracket'>]</span><span class='rbracket'>]</span><span class='comma'>,</span>
    <span class='label'>ticket_storage:</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:ticket_storage</span><span class='comma'>,</span> <span class='ivar'>@ticket_storage</span><span class='rparen'>)</span><span class='comma'>,</span>
    <span class='label'>credential_cache_username:</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate</span><span class='rbracket'>]</span>
  <span class='rbrace'>}</span>

  <span class='id identifier rubyid_request_service_ticket'>request_service_ticket</span><span class='lparen'>(</span>
    <span class='id identifier rubyid_session_key'>session_key</span><span class='comma'>,</span>
    <span class='id identifier rubyid_ticket'>ticket</span><span class='comma'>,</span>
    <span class='id identifier rubyid_realm'>realm</span><span class='comma'>,</span>
    <span class='id identifier rubyid_client_name'>client_name</span><span class='comma'>,</span>
    <span class='id identifier rubyid_etypes'>etypes</span><span class='comma'>,</span>
    <span class='id identifier rubyid_expiry_time'>expiry_time</span><span class='comma'>,</span>
    <span class='id identifier rubyid_now'>now</span><span class='comma'>,</span>
    <span class='id identifier rubyid_sname'>sname</span><span class='comma'>,</span>
    <span class='id identifier rubyid_tgs_options'>tgs_options</span>
  <span class='rparen'>)</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

      <div class="method_details ">
  <h3 class="signature " id="s4u2self-instance_method">

    #<strong>s4u2self</strong>(credential, options = {})  &#x21d2; <tt>Array</tt>


</h3><div class="docstring">
  <div class="discussion">

<p>Request a service ticket to itself on behalf of a user</p>


  </div>
</div>
<div class="tags">
  <p class="tag_title">Parameters:</p>
<ul class="param">

    <li>

        <span class='name'>:credential</span>


        <span class='type'>(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/CredentialCache/Krb5CcacheCredential.html" title="Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential (class)">Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential</a></span></tt>)</span>


        &mdash;
        <div class='inline'>
<p>The ccache credential from the TGT</p>
</div>

    </li>

    <li>

        <span class='name'>options</span>


        <span class='type'>(<tt>Hash</tt>)</span>


        <em class="default">(defaults to: <tt>{}</tt>)</em>


    </li>

</ul>


    <p class="tag_title">Options Hash (<tt>options</tt>):</p>
    <ul class="option">

        <li>
          <span class="name">:sname</span>
          <span class="type">(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PrincipalName.html" title="Rex::Proto::Kerberos::Model::PrincipalName (class)">Rex::Proto::Kerberos::Model::PrincipalName</a></span></tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>The target service principal name.</p>
</div>

        </li>

        <li>
          <span class="name">:ticket_storage</span>
          <span class="type">(<tt><span class='object_link'><a href="../Ticket/Storage/Base.html" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage::Base (class)">Msf::Exploit::Remote::Kerberos::Ticket::Storage::Base</a></span></tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>Override the @ticket_storage attribute</p>
</div>

        </li>

        <li>
          <span class="name">:impersonate</span>
          <span class="type">(<tt>String</tt>)</span>
          <span class="default">

          </span>

            &mdash; <div class='inline'>
<p>The name of the user to request a ticket on behalf of</p>
</div>

        </li>

    </ul>


<p class="tag_title">Returns:</p>
<ul class="return">

    <li>


        <span class='type'>(<tt>Array</tt>)</span>


        &mdash;
        <div class='inline'>
<p>The TGS ticket and the decrypted TGS credentials as a MIT Cache Credential</p>
</div>

    </li>

</ul>

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 430</span>

<span class='kw'>def</span> <span class='id identifier rubyid_s4u2self'>s4u2self</span><span class='lparen'>(</span><span class='id identifier rubyid_credential'>credential</span><span class='comma'>,</span> <span class='id identifier rubyid_options'>options</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_realm'>realm</span> <span class='op'>=</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_realm'>realm</span><span class='period'>.</span><span class='id identifier rubyid_upcase'>upcase</span>
  <span class='id identifier rubyid_sname'>sname</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:sname</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_impersonate_type'>impersonate_type</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:impersonate_type</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>none</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
  <span class='id identifier rubyid_client_name'>client_name</span> <span class='op'>=</span> <span class='id identifier rubyid_username'>username</span>

  <span class='id identifier rubyid_now'>now</span> <span class='op'>=</span> <span class='id identifier rubyid_kerberos_time'>kerberos_time</span>
  <span class='id identifier rubyid_expiry_time'>expiry_time</span> <span class='op'>=</span> <span class='id identifier rubyid_now'>now</span> <span class='op'>+</span> <span class='int'>1</span><span class='period'>.</span><span class='id identifier rubyid_day'>day</span>

  <span class='id identifier rubyid_ticket'>ticket</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Ticket.html" title="Rex::Proto::Kerberos::Model::Ticket (class)">Ticket</a></span></span><span class='period'>.</span><span class='id identifier rubyid_decode'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Ticket.html#decode-instance_method" title="Rex::Proto::Kerberos::Model::Ticket#decode (method)">decode</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_ticket'>ticket</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_session_key'>session_key</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/EncryptionKey.html" title="Rex::Proto::Kerberos::Model::EncryptionKey (class)">EncryptionKey</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Element.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Element#initialize (method)">new</a></span></span><span class='lparen'>(</span>
    <span class='label'>type:</span> <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_keyblock'>keyblock</span><span class='period'>.</span><span class='id identifier rubyid_enctype'>enctype</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span><span class='comma'>,</span>
    <span class='label'>value:</span> <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_keyblock'>keyblock</span><span class='period'>.</span><span class='id identifier rubyid_data'>data</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span>
  <span class='rparen'>)</span>

  <span class='id identifier rubyid_etypes'>etypes</span> <span class='op'>=</span> <span class='const'>Set</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='lbracket'>[</span><span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_keyblock'>keyblock</span><span class='period'>.</span><span class='id identifier rubyid_enctype'>enctype</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span><span class='rbracket'>]</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_etypes'>etypes</span> <span class='op'>&lt;&lt;</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto.html" title="Rex::Proto::Kerberos::Crypto (module)">Crypto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html" title="Rex::Proto::Kerberos::Crypto::Encryption (module)">Encryption</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html#RC4_HMAC-constant" title="Rex::Proto::Kerberos::Crypto::Encryption::RC4_HMAC (constant)">RC4_HMAC</a></span></span>

  <span class='kw'>unless</span> <span class='id identifier rubyid_impersonate_type'>impersonate_type</span> <span class='op'>==</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>dmsa</span><span class='tstring_end'>&#39;</span></span>
    <span class='id identifier rubyid_pa_data'>pa_data</span> <span class='op'>=</span> <span class='id identifier rubyid_build_pa_for_user'>build_pa_for_user</span><span class='lparen'>(</span>   <span class='lbrace'>{</span>
                                     <span class='label'>username:</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate</span><span class='rbracket'>]</span><span class='comma'>,</span>
                                     <span class='label'>session_key:</span> <span class='id identifier rubyid_session_key'>session_key</span><span class='comma'>,</span>
                                     <span class='label'>realm:</span> <span class='id identifier rubyid_realm'>realm</span>
                                   <span class='rbrace'>}</span>
    <span class='rparen'>)</span>
  <span class='kw'>end</span>

  <span class='id identifier rubyid_tgs_options'>tgs_options</span> <span class='op'>=</span> <span class='lbrace'>{</span>
    <span class='label'>ticket_storage:</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:ticket_storage</span><span class='comma'>,</span> <span class='ivar'>@ticket_storage</span><span class='rparen'>)</span><span class='comma'>,</span>
    <span class='label'>credential_cache_username:</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate</span><span class='rbracket'>]</span><span class='comma'>,</span>
    <span class='label'>pa_data:</span> <span class='id identifier rubyid_pa_data'>pa_data</span><span class='comma'>,</span>
    <span class='label'>nonce:</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:nonce</span><span class='rbracket'>]</span><span class='comma'>,</span>
    <span class='label'>impersonate:</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate</span><span class='rbracket'>]</span><span class='comma'>,</span>
    <span class='label'>impersonate_type:</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate_type</span><span class='rbracket'>]</span><span class='comma'>,</span>
  <span class='rbrace'>}</span>

  <span class='id identifier rubyid_request_service_ticket'>request_service_ticket</span><span class='lparen'>(</span>
    <span class='id identifier rubyid_session_key'>session_key</span><span class='comma'>,</span>
    <span class='id identifier rubyid_ticket'>ticket</span><span class='comma'>,</span>
    <span class='id identifier rubyid_realm'>realm</span><span class='comma'>,</span>
    <span class='id identifier rubyid_client_name'>client_name</span><span class='comma'>,</span>
    <span class='id identifier rubyid_etypes'>etypes</span><span class='comma'>,</span>
    <span class='id identifier rubyid_expiry_time'>expiry_time</span><span class='comma'>,</span>
    <span class='id identifier rubyid_now'>now</span><span class='comma'>,</span>
    <span class='id identifier rubyid_sname'>sname</span><span class='comma'>,</span>
    <span class='id identifier rubyid_tgs_options'>tgs_options</span>
  <span class='rparen'>)</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

      <div class="method_details ">
  <h3 class="signature " id="u2uself-instance_method">

    #<strong>u2uself</strong>(credential, options = {})  &#x21d2; <tt>Object</tt>


</h3><div class="docstring">
  <div class="discussion">

<p>Request a service ticket to a user on behalf of themselves This is mostly useful for PKINIT to recover the NT hash Can combine this with S4U2Self by providing an :impersonate option to retrieve a PAC for any account, i.e. Sapphire Ticket attack</p>


  </div>
</div>
<div class="tags">
  <p class="tag_title">Parameters:</p>
<ul class="param">

    <li>

        <span class='name'>credential</span>


        <span class='type'>(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/CredentialCache/Krb5CcacheCredential.html" title="Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential (class)">Rex::Proto::Kerberos::CredentialCache::Krb5CcacheCredential</a></span></tt>)</span>


        &mdash;
        <div class='inline'>
<p>The ccache credential from the TGT</p>
</div>

    </li>

    <li>

        <span class='name'>options</span>


        <span class='type'>(<tt>Hash</tt>)</span>


        <em class="default">(defaults to: <tt>{}</tt>)</em>


    </li>

</ul>


  <p class="tag_title">See Also:</p>
  <ul class="see">

      <li><a href="https://learn.microsoft.com/en-us/archive/blogs/openspecification/how-kerberos-user-to-user-authentication-works" target="_parent" title="https://learn.microsoft.com/en-us/archive/blogs/openspecification/how-kerberos-user-to-user-authentication-works">https://learn.microsoft.com/en-us/archive/blogs/openspecification/how-kerberos-user-to-user-authentication-works</a></li>

  </ul>

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 551</span>

<span class='kw'>def</span> <span class='id identifier rubyid_u2uself'>u2uself</span><span class='lparen'>(</span><span class='id identifier rubyid_credential'>credential</span><span class='comma'>,</span> <span class='id identifier rubyid_options'>options</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_realm'>realm</span> <span class='op'>=</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_realm'>realm</span><span class='period'>.</span><span class='id identifier rubyid_upcase'>upcase</span>
  <span class='id identifier rubyid_client_name'>client_name</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:username</span><span class='rparen'>)</span> <span class='lbrace'>{</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_username'>username</span> <span class='rbrace'>}</span>
  <span class='id identifier rubyid_sname'>sname</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:sname</span><span class='rparen'>)</span> <span class='lbrace'>{</span>
    <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/PrincipalName.html" title="Rex::Proto::Kerberos::Model::PrincipalName (class)">PrincipalName</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Element.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Element#initialize (method)">new</a></span></span><span class='lparen'>(</span>
      <span class='label'>name_type:</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/NameType.html" title="Rex::Proto::Kerberos::Model::NameType (module)">NameType</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/NameType.html#NT_UNKNOWN-constant" title="Rex::Proto::Kerberos::Model::NameType::NT_UNKNOWN (constant)">NT_UNKNOWN</a></span></span><span class='comma'>,</span>
      <span class='label'>name_string:</span> <span class='lbracket'>[</span> <span class='id identifier rubyid_client_name'>client_name</span> <span class='rbracket'>]</span>
    <span class='rparen'>)</span>
  <span class='rbrace'>}</span>

  <span class='id identifier rubyid_now'>now</span> <span class='op'>=</span> <span class='id identifier rubyid_kerberos_time'>kerberos_time</span>
  <span class='id identifier rubyid_expiry_time'>expiry_time</span> <span class='op'>=</span> <span class='id identifier rubyid_now'>now</span> <span class='op'>+</span> <span class='int'>1</span><span class='period'>.</span><span class='id identifier rubyid_day'>day</span>

  <span class='id identifier rubyid_ticket'>ticket</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Ticket.html" title="Rex::Proto::Kerberos::Model::Ticket (class)">Ticket</a></span></span><span class='period'>.</span><span class='id identifier rubyid_decode'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Ticket.html#decode-instance_method" title="Rex::Proto::Kerberos::Model::Ticket#decode (method)">decode</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_ticket'>ticket</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_session_key'>session_key</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/EncryptionKey.html" title="Rex::Proto::Kerberos::Model::EncryptionKey (class)">EncryptionKey</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Element.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Element#initialize (method)">new</a></span></span><span class='lparen'>(</span>
    <span class='label'>type:</span> <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_keyblock'>keyblock</span><span class='period'>.</span><span class='id identifier rubyid_enctype'>enctype</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span><span class='comma'>,</span>
    <span class='label'>value:</span> <span class='id identifier rubyid_credential'>credential</span><span class='period'>.</span><span class='id identifier rubyid_keyblock'>keyblock</span><span class='period'>.</span><span class='id identifier rubyid_data'>data</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span>
  <span class='rparen'>)</span>

  <span class='id identifier rubyid_etypes'>etypes</span> <span class='op'>=</span> <span class='const'>Set</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='lbracket'>[</span><span class='id identifier rubyid_ticket'>ticket</span><span class='period'>.</span><span class='id identifier rubyid_enc_part'>enc_part</span><span class='period'>.</span><span class='id identifier rubyid_etype'>etype</span><span class='rbracket'>]</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_etypes'>etypes</span> <span class='op'>&lt;&lt;</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto.html" title="Rex::Proto::Kerberos::Crypto (module)">Crypto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html" title="Rex::Proto::Kerberos::Crypto::Encryption (module)">Encryption</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Crypto/Encryption.html#RC4_HMAC-constant" title="Rex::Proto::Kerberos::Crypto::Encryption::RC4_HMAC (constant)">RC4_HMAC</a></span></span>

  <span class='id identifier rubyid_tgs_options'>tgs_options</span> <span class='op'>=</span> <span class='lbrace'>{</span>
    <span class='label'>ticket_storage:</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:ticket_storage</span><span class='comma'>,</span> <span class='ivar'>@ticket_storage</span><span class='rparen'>)</span><span class='comma'>,</span>
    <span class='label'>credential_cache_username:</span> <span class='id identifier rubyid_client_name'>client_name</span><span class='comma'>,</span>
    <span class='label'>additional_flags:</span> <span class='lbracket'>[</span>
      <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html" title="Rex::Proto::Kerberos::Model::KdcOptionFlags (class)">KdcOptionFlags</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html#ENC_TKT_IN_SKEY-constant" title="Rex::Proto::Kerberos::Model::KdcOptionFlags::ENC_TKT_IN_SKEY (constant)">ENC_TKT_IN_SKEY</a></span></span><span class='comma'>,</span>
      <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html" title="Rex::Proto::Kerberos::Model::KdcOptionFlags (class)">KdcOptionFlags</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/KdcOptionFlags.html#RENEWABLE_OK-constant" title="Rex::Proto::Kerberos::Model::KdcOptionFlags::RENEWABLE_OK (constant)">RENEWABLE_OK</a></span></span>
    <span class='rbracket'>]</span><span class='comma'>,</span>
    <span class='label'>additional_tickets:</span> <span class='lbracket'>[</span><span class='id identifier rubyid_ticket'>ticket</span><span class='rbracket'>]</span>
  <span class='rbrace'>}</span>

  <span class='kw'>if</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate</span><span class='rbracket'>]</span>
    <span class='id identifier rubyid_tgs_options'>tgs_options</span><span class='lbracket'>[</span><span class='symbol'>:pa_data</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_build_pa_for_user'>build_pa_for_user</span><span class='lparen'>(</span>
      <span class='lbrace'>{</span>
        <span class='label'>username:</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:impersonate</span><span class='rbracket'>]</span><span class='comma'>,</span>
        <span class='label'>session_key:</span> <span class='id identifier rubyid_session_key'>session_key</span><span class='comma'>,</span>
        <span class='label'>realm:</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_realm'>realm</span>
      <span class='rbrace'>}</span>
    <span class='rparen'>)</span>
  <span class='kw'>end</span>

  <span class='id identifier rubyid_request_service_ticket'>request_service_ticket</span><span class='lparen'>(</span>
    <span class='id identifier rubyid_session_key'>session_key</span><span class='comma'>,</span>
    <span class='id identifier rubyid_ticket'>ticket</span><span class='comma'>,</span>
    <span class='id identifier rubyid_realm'>realm</span><span class='comma'>,</span>
    <span class='id identifier rubyid_client_name'>client_name</span><span class='comma'>,</span>
    <span class='id identifier rubyid_etypes'>etypes</span><span class='comma'>,</span>
    <span class='id identifier rubyid_expiry_time'>expiry_time</span><span class='comma'>,</span>
    <span class='id identifier rubyid_now'>now</span><span class='comma'>,</span>
    <span class='id identifier rubyid_sname'>sname</span><span class='comma'>,</span>
    <span class='id identifier rubyid_tgs_options'>tgs_options</span>
  <span class='rparen'>)</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

      <div class="method_details ">
  <h3 class="signature " id="validate_response!-instance_method">

    #<strong>validate_response!</strong>(security_blob, accept_incomplete: false)  &#x21d2; <tt>Object</tt>


</h3><div class="docstring">
  <div class="discussion">


  </div>
</div>
<div class="tags">
  <p class="tag_title">Parameters:</p>
<ul class="param">

    <li>

        <span class='name'>security_blob</span>


        <span class='type'>(<tt>String</tt>)</span>


        &mdash;
        <div class='inline'>
<p>SPNEGO GSS Blob</p>
</div>

    </li>

    <li>

        <span class='name'>accept_incomplete</span>


        <span class='type'>(<tt>Boolean</tt>)</span>


        <em class="default">(defaults to: <tt>false</tt>)</em>


        &mdash;
        <div class='inline'>
<p>Whether an Incomplete value is an acceptable response</p>
</div>

    </li>

</ul>

<p class="tag_title">Raises:</p>
<ul class="raise">

    <li>


        <span class='type'>(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">Rex::Proto::Kerberos::Model::Error::KerberosError</a></span></tt>)</span>


        &mdash;
        <div class='inline'>
<p>if the response was not successful</p>
</div>

    </li>

    <li>


        <span class='type'>(<tt><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosDecodingError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosDecodingError (class)">Rex::Proto::Kerberos::Model::Error::KerberosDecodingError</a></span></tt>)</span>


        &mdash;
        <div class='inline'>
<p>if the response was invalid per the Kerberos/GSS protocol</p>
</div>

    </li>

</ul>

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb', line 351</span>

<span class='kw'>def</span> <span class='id identifier rubyid_validate_response!'>validate_response!</span><span class='lparen'>(</span><span class='id identifier rubyid_security_blob'>security_blob</span><span class='comma'>,</span> <span class='label'>accept_incomplete:</span> <span class='kw'>false</span><span class='rparen'>)</span>
  <span class='kw'>begin</span>
    <span class='id identifier rubyid_gss_api'>gss_api</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>ASN1</span><span class='period'>.</span><span class='id identifier rubyid_decode'>decode</span><span class='lparen'>(</span><span class='id identifier rubyid_security_blob'>security_blob</span><span class='rparen'>)</span>
    <span class='id identifier rubyid_neg_result'>neg_result</span> <span class='op'>=</span> <span class='op'>::</span><span class='const'>RubySMB</span><span class='op'>::</span><span class='const'>Gss</span><span class='period'>.</span><span class='id identifier rubyid_asn1dig'>asn1dig</span><span class='lparen'>(</span><span class='id identifier rubyid_gss_api'>gss_api</span><span class='comma'>,</span> <span class='int'>0</span><span class='comma'>,</span> <span class='int'>0</span><span class='comma'>,</span> <span class='int'>0</span><span class='rparen'>)</span><span class='op'>&amp;.</span><span class='id identifier rubyid_value'>value</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
    <span class='id identifier rubyid_supported_neg'>supported_neg</span> <span class='op'>=</span> <span class='op'>::</span><span class='const'>RubySMB</span><span class='op'>::</span><span class='const'>Gss</span><span class='period'>.</span><span class='id identifier rubyid_asn1dig'>asn1dig</span><span class='lparen'>(</span><span class='id identifier rubyid_gss_api'>gss_api</span><span class='comma'>,</span> <span class='int'>0</span><span class='comma'>,</span> <span class='int'>1</span><span class='comma'>,</span> <span class='int'>0</span><span class='rparen'>)</span><span class='op'>&amp;.</span><span class='id identifier rubyid_value'>value</span>
  <span class='kw'>rescue</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>ASN1</span><span class='op'>::</span><span class='const'>ASN1Error</span>
    <span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosDecodingError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosDecodingError (class)">KerberosDecodingError</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosDecodingError.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Error::KerberosDecodingError#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Invalid GSS Response</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
  <span class='kw'>end</span>

  <span class='id identifier rubyid_is_success'>is_success</span> <span class='op'>=</span> <span class='lparen'>(</span><span class='id identifier rubyid_neg_result'>neg_result</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../Client.html#NEG_TOKEN_ACCEPT_COMPLETED-constant" title="Msf::Exploit::Remote::Kerberos::Client::NEG_TOKEN_ACCEPT_COMPLETED (constant)">NEG_TOKEN_ACCEPT_COMPLETED</a></span></span> <span class='op'>||</span> <span class='lparen'>(</span><span class='id identifier rubyid_accept_incomplete'>accept_incomplete</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_neg_result'>neg_result</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../Client.html#NEG_TOKEN_ACCEPT_INCOMPLETE-constant" title="Msf::Exploit::Remote::Kerberos::Client::NEG_TOKEN_ACCEPT_INCOMPLETE (constant)">NEG_TOKEN_ACCEPT_INCOMPLETE</a></span></span><span class='rparen'>)</span><span class='rparen'>)</span> <span class='op'>&amp;&amp;</span>
    <span class='id identifier rubyid_supported_neg'>supported_neg</span> <span class='op'>==</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss.html" title="Rex::Proto::Gss (module)">Gss</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Gss.html#OID_MICROSOFT_KERBEROS_5-constant" title="Rex::Proto::Gss::OID_MICROSOFT_KERBEROS_5 (constant)">OID_MICROSOFT_KERBEROS_5</a></span></span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span>

  <span class='id identifier rubyid_raise'>raise</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos.html" title="Rex::Proto::Kerberos (module)">Kerberos</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model.html" title="Rex::Proto::Kerberos::Model (module)">Model</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error.html" title="Rex::Proto::Kerberos::Model::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html" title="Rex::Proto::Kerberos::Model::Error::KerberosError (class)">KerberosError</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../../Rex/Proto/Kerberos/Model/Error/KerberosError.html#initialize-instance_method" title="Rex::Proto::Kerberos::Model::Error::KerberosError#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Failed to negotiate Kerberos GSS</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='kw'>unless</span> <span class='id identifier rubyid_is_success'>is_success</span>

  <span class='id identifier rubyid_is_success'>is_success</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>

  </div>

</div>

      <div id="footer">
  Generated on Fri May  8 17:03:54 2026 by
  <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.37 (ruby-3.1.5).
</div>

    </div>
  </body>
</html>