daffainfo
/
nuclei
mirror of https://github.com/daffainfo/nuclei.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

make protocolstate.IsHostAllowed check the domaincontroller, not the domain

dev
5amu 2024-01-16 10:24:26 +01:00
parent 77e2430788
commit 3b5ce39e86
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/js/libs/kerberos/kerberos.go
View File

@ -89,9 +89,9 @@ func (c *KerberosClient) EnumerateUser(domain, controller string, username strin
resp := EnumerateUserResponse{}
if !protocolstate.IsHostAllowed(domain) {
if !protocolstate.IsHostAllowed(controller) {
// host is not valid according to network policy
return resp, protocolstate.ErrHostDenied.Msgf(domain)
return resp, protocolstate.ErrHostDenied.Msgf(controller)
}
opts, err := newKerbrosEnumUserOpts(domain, controller)
@ -156,9 +156,9 @@ type TGS struct {
func (c *KerberosClient) GetServiceTicket(domain, controller string, username, password string, target, spn string) (TGS, error) {
var tgs TGS
if !protocolstate.IsHostAllowed(domain) {
if !protocolstate.IsHostAllowed(controller) {
// host is not valid according to network policy
return tgs, protocolstate.ErrHostDenied.Msgf(domain)
return tgs, protocolstate.ErrHostDenied.Msgf(controller)
}
opts, err := newKerbrosEnumUserOpts(domain, controller)