def to_kirbi(self): filename = '%s@%s_%s' % (self.client.to_string() , self.server.to_string(), hashlib.sha1(self.ticket.to_asn1()).hexdigest()[:8]) krbcredinfo = {} krbcredinfo['key'] = EncryptionKey(self.key.to_asn1()) krbcredinfo['prealm'] = self.client.realm.to_string() krbcredinfo['pname'] = self.client.to_asn1()[0] krbcredinfo['flags'] = core.IntegerBitString(self.tktflags).cast(TicketFlags) if self.time.authtime != 0: #this parameter is not mandatory, and most of the time not present krbcredinfo['authtime'] = datetime.datetime.fromtimestamp(self.time.authtime) krbcredinfo['starttime'] = datetime.datetime.fromtimestamp(self.time.starttime) krbcredinfo['endtime'] = datetime.datetime.fromtimestamp(self.time.endtime) if self.time.renew_till != 0: #this parameter is not mandatory, and sometimes it's not present krbcredinfo['renew-till'] = datetime.datetime.fromtimestamp(self.time.authtime) krbcredinfo['srealm'] = self.server.realm.to_string() krbcredinfo['sname'] = self.server.to_asn1()[0] enc_krbcred = {} enc_krbcred['ticket-info'] = [KrbCredInfo(krbcredinfo)] krbcred = {} krbcred['pvno'] = krb5_pvno krbcred['msg-type'] = MESSAGE_TYPE.KRB_CRED.value krbcred['tickets'] = [Ticket.load(self.ticket.to_asn1())] krbcred['enc-part'] = EncryptedData({'etype': EncryptionType.NULL.value, 'cipher': EncKrbCredPart(enc_krbcred).dump()}) kirbi = KRBCRED(krbcred) return kirbi, filename
def to_asn1(self): krbcredinfo = {} krbcredinfo['key'] = EncryptionKey({ 'keytype': self.KeyType, 'keyvalue': self.Key }) krbcredinfo['prealm'] = self.AltTargetDomainName krbcredinfo['pname'] = PrincipalName({ 'name-type': self.EClientName_type, 'name-string': self.EClientName }) krbcredinfo['flags'] = core.IntegerBitString( self.TicketFlags).cast(TicketFlags) krbcredinfo['starttime'] = self.StartTime krbcredinfo['endtime'] = self.EndTime krbcredinfo['renew-till'] = self.RenewUntil krbcredinfo['srealm'] = self.DomainName krbcredinfo['sname'] = PrincipalName({ 'name-type': self.ServiceName_type, 'name-string': self.ServiceName }) enc_krbcred = {} enc_krbcred['ticket-info'] = [KrbCredInfo(krbcredinfo)] ticket = {} ticket['tkt-vno'] = krb5_pvno ticket['realm'] = self.DomainName ticket['sname'] = PrincipalName({ 'name-type': NAME_TYPE.SRV_INST.value, 'name-string': self.ServiceName }) ticket['enc-part'] = EncryptedData({ 'etype': self.TicketEncType, 'kvno': self.TicketKvno, 'cipher': self.Ticket }) krbcred = {} krbcred['pvno'] = krb5_pvno krbcred['msg-type'] = MESSAGE_TYPE.KRB_CRED.value krbcred['tickets'] = [Ticket(ticket)] krbcred['enc-part'] = EncryptedData({ 'etype': EncryptionType.NULL.value, 'cipher': EncKrbCredPart(enc_krbcred).dump() }) return KRBCRED(krbcred)
def to_tgt(self): """ Returns the native format of an AS_REP message and the sessionkey in EncryptionKey native format """ enc_part = EncryptedData({'etype': 1, 'cipher': b''}) tgt_rep = {} tgt_rep['pvno'] = krb5_pvno tgt_rep['msg-type'] = MESSAGE_TYPE.KRB_AS_REP.value tgt_rep['crealm'] = self.server.realm.to_string() tgt_rep['cname'] = self.client.to_asn1()[0] tgt_rep['ticket'] = Ticket.load(self.ticket.to_asn1()).native tgt_rep['enc-part'] = enc_part.native t = EncryptionKey(self.key.to_asn1()).native return tgt_rep, t
def build_apreq(self, asrep, session_key, cipher, subkey_data, krb_finished_data, flags=GSSAPIFlags.GSS_C_MUTUAL_FLAG | GSSAPIFlags.GSS_C_INTEG_FLAG | GSSAPIFlags.GSS_C_EXTENDED_ERROR_FLAG): # TODO: https://www.ietf.org/rfc/rfc4757.txt #subkey_data = {} #subkey_data['keytype'] = Enctype.AES256 #subkey_data['keyvalue'] = os.urandom(32) subkey_cipher = _enctype_table[subkey_data['keytype']] subkey_key = Key(subkey_cipher.enctype, subkey_data['keyvalue']) subkey_checksum = _checksum_table[ 16] # ChecksumTypes.hmac_sha1_96_aes256 krb_finished_checksum_data = {} krb_finished_checksum_data['cksumtype'] = 16 krb_finished_checksum_data['checksum'] = subkey_checksum.checksum( subkey_key, 41, krb_finished_data) krb_finished_data = {} krb_finished_data['gss-mic'] = Checksum(krb_finished_checksum_data) krb_finished = KRB_FINISHED(krb_finished_data).dump() a = 2 extensions_data = a.to_bytes( 4, byteorder='big', signed=True) + len(krb_finished).to_bytes( 4, byteorder='big', signed=True) + krb_finished ac = AuthenticatorChecksum() ac.flags = flags ac.channel_binding = b'\x00' * 16 chksum = {} chksum['cksumtype'] = 0x8003 chksum['checksum'] = ac.to_bytes() + extensions_data tii = LSAP_TOKEN_INFO_INTEGRITY() tii.Flags = 1 tii.TokenIL = 0x00002000 # Medium integrity tii.MachineID = bytes.fromhex( '7e303fffe6bff25146addca4fbddf1b94f1634178eb4528fb2731c669ca23cde') restriction_data = {} restriction_data['restriction-type'] = 0 restriction_data['restriction'] = tii.to_bytes() restriction_data = KERB_AD_RESTRICTION_ENTRY(restriction_data) x = KERB_AD_RESTRICTION_ENTRYS([restriction_data]).dump() restrictions = AuthorizationData([{ 'ad-type': 141, 'ad-data': x }]).dump() now = datetime.datetime.now(datetime.timezone.utc) authenticator_data = {} authenticator_data['authenticator-vno'] = krb5_pvno authenticator_data['crealm'] = Realm(asrep['crealm']) authenticator_data['cname'] = asrep['cname'] authenticator_data['cusec'] = now.microsecond authenticator_data['ctime'] = now.replace(microsecond=0) authenticator_data['subkey'] = EncryptionKey(subkey_data) authenticator_data['seq-number'] = 682437742 #??? TODO: check this! authenticator_data['authorization-data'] = AuthorizationData([{ 'ad-type': 1, 'ad-data': restrictions }]) authenticator_data['cksum'] = Checksum(chksum) #print('Authenticator(authenticator_data).dump()') #print(Authenticator(authenticator_data).dump().hex()) authenticator_data_enc = cipher.encrypt( session_key, 11, Authenticator(authenticator_data).dump(), None) ap_opts = ['mutual-required'] ap_req = {} ap_req['pvno'] = krb5_pvno ap_req['msg-type'] = MESSAGE_TYPE.KRB_AP_REQ.value ap_req['ticket'] = Ticket(asrep['ticket']) ap_req['ap-options'] = APOptions(set(ap_opts)) ap_req['authenticator'] = EncryptedData({ 'etype': session_key.enctype, 'cipher': authenticator_data_enc }) #pprint('AP_REQ \r\n%s' % AP_REQ(ap_req).native) #print(AP_REQ(ap_req).dump().hex()) #input() return AP_REQ(ap_req).dump()