def __init__(self, reader): self.Flink = PKIWI_KERBEROS_INTERNAL_TICKET_60(reader) self.Blink = PKIWI_KERBEROS_INTERNAL_TICKET_60(reader) self.unk0 = PVOID(reader).value self.unk1 = PVOID(reader).value self.ServiceName = PKERB_EXTERNAL_NAME(reader) self.TargetName = PKERB_EXTERNAL_NAME(reader) self.DomainName = LSA_UNICODE_STRING(reader) self.TargetDomainName = LSA_UNICODE_STRING(reader) self.Description = LSA_UNICODE_STRING(reader) self.AltTargetDomainName = LSA_UNICODE_STRING(reader) #//LSA_UNICODE_STRING KDCServer = //?(reader).value self.ClientName = PKERB_EXTERNAL_NAME(reader) self.name0 = PVOID(reader).value self.TicketFlags = int.from_bytes(reader.read(4), byteorder = 'big', signed = False) self.unk2 = ULONG(reader).value self.KeyType = ULONG(reader).value self.Key = KIWI_KERBEROS_BUFFER(reader) self.unk3 = PVOID(reader).value self.unk4 = PVOID(reader).value self.unk5 = PVOID(reader).value self.StartTime = FILETIME(reader).value self.EndTime = FILETIME(reader).value self.RenewUntil = FILETIME(reader).value self.unk6 = ULONG(reader).value self.unk7 = ULONG(reader).value self.domain = PCWSTR(reader).value self.unk8 = ULONG(reader).value self.strangeNames = PVOID(reader).value self.unk9 = ULONG(reader).value self.TicketEncType = ULONG(reader).value self.TicketKvno = ULONG(reader).value self.Ticket = KIWI_KERBEROS_BUFFER(reader)
def __init__(self, reader):
self.UserName = LSA_UNICODE_STRING(reader)
self.Domaine = LSA_UNICODE_STRING(reader)
self.unkFunction = PVOID(reader).value
self.type = DWORD(reader).value # // or flags 2 = normal, 1 = ISO(reader).value
reader.align()
self.Password = LSA_UNICODE_STRING(reader) # union {
self.IsoPassword = KIWI_KERBEROS_10_PRIMARY_CREDENTIAL_1607_ISO(reader)
def __init__(self, reader): self.PinCode = LSA_UNICODE_STRING(reader) self.unk0 = PVOID(reader) self.unk1 = PVOID(reader) self.CertificateInfos = PVOID(reader) self.unkData = PVOID(reader) # // 0 = CspData self.Flags = DWORD(reader).value # // 1 = CspData (not 0x21)(reader).value self.CspDataLength = DWORD(reader).value self.CspData = KERB_SMARTCARD_CSP_INFO_5(reader, size = self.CspDataLength)
def __init__(self, reader):
#input('KIWI_KERBEROS_INTERNAL_TICKET_10_1607\n' + hexdump(reader.peek(0x300)))
self.Flink = PKIWI_KERBEROS_INTERNAL_TICKET_10_1607(reader)
self.Blink = PKIWI_KERBEROS_INTERNAL_TICKET_10_1607(reader)
self.unk0 = PVOID(reader).value
self.unk1 = PVOID(reader).value
self.ServiceName = PKERB_EXTERNAL_NAME(reader)
self.TargetName = PKERB_EXTERNAL_NAME(reader)
self.DomainName = LSA_UNICODE_STRING(reader)
self.TargetDomainName = LSA_UNICODE_STRING(reader)
self.Description = LSA_UNICODE_STRING(reader)
self.AltTargetDomainName = LSA_UNICODE_STRING(reader)
self.KDCServer = LSA_UNICODE_STRING(reader) # //?(reader).value
self.unk10586_d = LSA_UNICODE_STRING(reader) #//?(reader).value
self.ClientName = PKERB_EXTERNAL_NAME(reader)
self.name0 = PVOID(reader).value
self.TicketFlags = int.from_bytes(reader.read(4), byteorder = 'big', signed = False)
self.unk2 = ULONG(reader).value
self.unk14393_0 = PVOID(reader).value
self.KeyType = ULONG(reader).value
reader.align()
self.Key = KIWI_KERBEROS_BUFFER(reader)
self.unk14393_1 = PVOID(reader).value
self.unk3 = PVOID(reader).value # // ULONG KeyType2 = (reader).value
self.unk4 = PVOID(reader).value # // KIWI_KERBEROS_BUFFER Key2 = (reader).value
self.unk5 = PVOID(reader).value # // up(reader).value
self.StartTime = FILETIME(reader).value
self.EndTime = FILETIME(reader).value
self.RenewUntil = FILETIME(reader).value
self.unk6 = ULONG(reader).value
self.unk7 = ULONG(reader).value
self.domain = PCWSTR(reader).value
self.unk8 = ULONG(reader).value
reader.align()
self.strangeNames = PVOID(reader).value
self.unk9 = ULONG(reader).value
self.TicketEncType = ULONG(reader).value
self.TicketKvno = ULONG(reader).value
reader.align()
self.Ticket = KIWI_KERBEROS_BUFFER(reader)
def __init__(self, reader): self.salt = LSA_UNICODE_STRING(reader) # // http://tools.ietf.org/html/rfc3962(reader).value self.stringToKey = PVOID(reader).value # // AES Iterations (dword ?)(reader).value self.unk0 = PVOID(reader).value self.generic = KERB_HASHPASSWORD_GENERIC(reader)
def __init__(self, reader):
#print('KERB_HASHPASSWORD_6')
#input(hexdump(reader.peek(0x100), start = reader.tell()))
self.salt = LSA_UNICODE_STRING(reader) #// http://tools.ietf.org/html/rfc3962
self.stringToKey = PVOID(reader) # // AES Iterations (dword ?)
self.generic = KERB_HASHPASSWORD_GENERIC(reader)
def __init__(self, reader): self.salt = LSA_UNICODE_STRING(reader) # // http://tools.ietf.org/html/rfc3962 self.generic = KERB_HASHPASSWORD_GENERIC(reader)
def __init__(self, reader): self.UserName = LSA_UNICODE_STRING(reader) self.Domaine = LSA_UNICODE_STRING(reader) self.unk0 = PVOID(reader).value self.Password = LSA_UNICODE_STRING(reader)