Ejemplo n.º 1
0
	def to_kirbi(self):
		filename = '%s@%s_%s' % (self.client.to_string() , self.server.to_string(), hashlib.sha1(self.ticket.to_asn1()).hexdigest()[:8])
		krbcredinfo = {}
		krbcredinfo['key'] = EncryptionKey(self.key.to_asn1())
		krbcredinfo['prealm'] = self.client.realm.to_string()
		krbcredinfo['pname'] = self.client.to_asn1()[0]
		krbcredinfo['flags'] = core.IntegerBitString(self.tktflags).cast(TicketFlags)
		if self.time.authtime != 0: #this parameter is not mandatory, and most of the time not present
			krbcredinfo['authtime'] = datetime.datetime.fromtimestamp(self.time.authtime)
		krbcredinfo['starttime'] = datetime.datetime.fromtimestamp(self.time.starttime)
		krbcredinfo['endtime'] = datetime.datetime.fromtimestamp(self.time.endtime)
		if self.time.renew_till != 0: #this parameter is not mandatory, and sometimes it's not present
			krbcredinfo['renew-till'] = datetime.datetime.fromtimestamp(self.time.authtime)
		krbcredinfo['srealm'] = self.server.realm.to_string()
		krbcredinfo['sname'] = self.server.to_asn1()[0]
		
		enc_krbcred = {}
		enc_krbcred['ticket-info'] = [KrbCredInfo(krbcredinfo)]
		
		krbcred = {}
		krbcred['pvno'] = krb5_pvno
		krbcred['msg-type'] = MESSAGE_TYPE.KRB_CRED.value
		krbcred['tickets'] = [Ticket.load(self.ticket.to_asn1())]
		krbcred['enc-part'] = EncryptedData({'etype': EncryptionType.NULL.value, 'cipher': EncKrbCredPart(enc_krbcred).dump()})
	
	
	
		kirbi = KRBCRED(krbcred)
		return kirbi, filename
Ejemplo n.º 2
0
def tgt_to_kirbi(tgs, encTGSRepPart):
	#encTGSRepPart is already decrypted at this point
	ci = {}
	ci['key'] = encTGSRepPart['key']
	ci['prealm'] = tgs['crealm']
	ci['pname'] = tgs['cname']
	ci['flags'] = encTGSRepPart['flags']
	ci['authtime'] = encTGSRepPart['authtime']
	ci['starttime'] = encTGSRepPart['starttime']
	ci['endtime'] = encTGSRepPart['endtime']
	ci['renew-till'] = encTGSRepPart['renew-till']
	ci['srealm'] = encTGSRepPart['srealm']
	ci['sname'] = encTGSRepPart['sname']

	ti = {}
	ti['ticket-info'] = [KrbCredInfo(ci)]

	te = {}
	te['etype']  = 0
	te['cipher'] = EncKrbCredPart(ti).dump()

	t = {}
	t['pvno'] = 5
	t['msg-type'] = 22
	t['enc-part'] = EncryptedData(te)
	t['tickets'] = [tgs['ticket']]

	return KRB_CRED(t)
Ejemplo n.º 3
0
    def to_asn1(self):
        krbcredinfo = {}
        krbcredinfo['key'] = EncryptionKey({
            'keytype': self.KeyType,
            'keyvalue': self.Key
        })
        krbcredinfo['prealm'] = self.AltTargetDomainName
        krbcredinfo['pname'] = PrincipalName({
            'name-type': self.EClientName_type,
            'name-string': self.EClientName
        })
        krbcredinfo['flags'] = core.IntegerBitString(
            self.TicketFlags).cast(TicketFlags)
        krbcredinfo['starttime'] = self.StartTime
        krbcredinfo['endtime'] = self.EndTime
        krbcredinfo['renew-till'] = self.RenewUntil
        krbcredinfo['srealm'] = self.DomainName
        krbcredinfo['sname'] = PrincipalName({
            'name-type': self.ServiceName_type,
            'name-string': self.ServiceName
        })

        enc_krbcred = {}
        enc_krbcred['ticket-info'] = [KrbCredInfo(krbcredinfo)]

        ticket = {}
        ticket['tkt-vno'] = krb5_pvno
        ticket['realm'] = self.DomainName
        ticket['sname'] = PrincipalName({
            'name-type': NAME_TYPE.SRV_INST.value,
            'name-string': self.ServiceName
        })
        ticket['enc-part'] = EncryptedData({
            'etype': self.TicketEncType,
            'kvno': self.TicketKvno,
            'cipher': self.Ticket
        })

        krbcred = {}
        krbcred['pvno'] = krb5_pvno
        krbcred['msg-type'] = MESSAGE_TYPE.KRB_CRED.value
        krbcred['tickets'] = [Ticket(ticket)]
        krbcred['enc-part'] = EncryptedData({
            'etype':
            EncryptionType.NULL.value,
            'cipher':
            EncKrbCredPart(enc_krbcred).dump()
        })

        return KRBCRED(krbcred)
Ejemplo n.º 4
0
    def add_kirbi(self, krbcred, override_pp=True, include_expired=False):
        c = Credential()
        enc_credinfo = EncKrbCredPart.load(
            krbcred['enc-part']['cipher']).native
        ticket_info = enc_credinfo['ticket-info'][0]
        """
		if ticket_info['endtime'] < datetime.datetime.now(datetime.timezone.utc):
			if include_expired == True:
				logging.debug('This ticket has most likely expired, but include_expired is forcing me to add it to cache! This can cause problems!')
			else:
				logging.debug('This ticket has most likely expired, skipping')
				return
		"""

        c.client = CCACHEPrincipal.from_asn1(ticket_info['pname'],
                                             ticket_info['prealm'])
        if override_pp == True:
            self.primary_principal = c.client

        #yaaaaay 4 additional weirdness!!!!
        #if sname name-string contains a realm as well htne impacket will crash miserably :(
        if len(ticket_info['sname']['name-string']
               ) > 2 and ticket_info['sname']['name-string'][-1].upper(
               ) == ticket_info['srealm'].upper():
            logger.debug('SNAME contains the realm as well, trimming it')
            t = ticket_info['sname']
            t['name-string'] = t['name-string'][:-1]
            c.server = CCACHEPrincipal.from_asn1(t, ticket_info['srealm'])
        else:
            c.server = CCACHEPrincipal.from_asn1(ticket_info['sname'],
                                                 ticket_info['srealm'])

        c.time = Times.from_asn1(ticket_info)
        c.key = Keyblock.from_asn1(ticket_info['key'])
        c.is_skey = 0  #not sure!

        c.tktflags = TicketFlags(ticket_info['flags']).cast(
            core.IntegerBitString).native
        c.num_address = 0
        c.num_authdata = 0
        c.ticket = CCACHEOctetString.from_asn1(
            Ticket(krbcred['tickets']
                   [0]).dump())  #kirbi only stores one ticket per file
        c.second_ticket = CCACHEOctetString.empty()

        self.credentials.append(c)
Ejemplo n.º 5
0
def describe_kirbi_data(data):
	if isinstance(data, bytes):
		kirbi = KRB_CRED.load(data).native
	elif isinstance(data, dict):
		kirbi = data
	elif isinstance(data, KRB_CRED):
		kirbi = data.native
	elif isinstance(data, KRBCRED):
		kirbi = data.native
	else:
		raise Exception('Unknown data type! %s' % type(data))
	
	t = '\r\n'
	for ticket in kirbi['tickets']:
		t += 'Realm        : %s\r\n' % ticket['realm']
		t += 'Sname        : %s\r\n' % '/'.join(ticket['sname']['name-string'])

	if kirbi['enc-part']['etype'] == 0:
		cred = EncKrbCredPart.load(kirbi['enc-part']['cipher']).native
		cred = cred['ticket-info'][0]
		username = cred.get('pname')
		if username is not None:
			username = '******'.join(username['name-string'])
		flags = cred.get('flags')
		if flags is not None:
			flags = ', '.join(flags)

		t += 'UserName     : %s\r\n' % username
		t += 'UserRealm    : %s\r\n' % cred.get('prealm')
		t += 'StartTime    : %s\r\n' % cred.get('starttime')
		t += 'EndTime      : %s\r\n' % cred.get('endtime')
		t += 'RenewTill    : %s\r\n' % cred.get('renew-till')
		t += 'Flags        : %s\r\n' % flags
		t += 'Keytype      : %s\r\n' % cred['key']['keytype']
		t += 'Key          : %s\r\n' % base64.b64encode(cred['key']['keyvalue']).decode()

	t += 'EncodedKirbi : \r\n\r\n'
	t += format_kirbi(KRB_CRED(kirbi).dump())
	return t