def kerbsniff(interface, username, domain, realm): logging.info("kerbsniff: Looking for %s\%s on %s" % (domain, username, interface)) filtered_cap = pyshark.LiveCapture(interface, bpf_filter='tcp port 88') packet_iterator = filtered_cap.sniff_continuously # Loop infinitely over packets if in continuous mode for packet in packet_iterator(): # Is this packet kerberos? kp = None encTimestamp = None try: kp = packet['kerberos'] # Extract encrypted timestamp for Kerberos Preauthentication packets # that conatin honeytoken domain\username encTimestamp = kerb_handler(kp, domain, username) except KeyError as e: pass # Only attempt to decrypt a password or notify master if we find an encrypted timestamp if encTimestamp: if config.master_node: notifyMaster(username, domain, encTimestamp) else: cracker.enqueueJob(username, domain, encTimestamp, passwordHit)
def kerbsniff(interface, username, domain, realm): logging.info("kerbsniff: Looking for %s\%s on %s" % (domain,username,interface)) filtered_cap = pyshark.LiveCapture(interface, bpf_filter='tcp port 88') packet_iterator = filtered_cap.sniff_continuously # Loop infinitely over packets if in continuous mode for packet in packet_iterator(): # Is this packet kerberos? kp = None encTimestamp = None try: kp = packet['kerberos'] # Extract encrypted timestamp for Kerberos Preauthentication packets # that conatin honeytoken domain\username encTimestamp = kerb_handler(kp,domain,username) except KeyError as e: pass # Only attempt to decrypt a password or notify master if we find an encrypted timestamp if encTimestamp: if config.master_node: notifyMaster(username, domain, encTimestamp) else: cracker.enqueueJob(username, domain, encTimestamp, passwordHit)
def do_POST(s): length = int(s.headers['content-length']) postvars = cgi.parse_qs(s.rfile.read(length), keep_blank_values=1) logging.debug(postvars) try: username = postvars['u'][0] domain = postvars['d'][0] encTimestamp = postvars['t'][0] except: s.send_response(500) s.end_headers() return cracker.enqueueJob(username, domain, encTimestamp, dcept.passwordHit) s.send_response(200) s.end_headers()