infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add support to decode the encryption part of as responses

bug/bundler_fix
jvazquez-r7 2014-12-15 11:47:08 -06:00
parent 643279b54b
commit 147ff13080
3 changed files with 370 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

212
lib/rex/proto/kerberos/model/enc_kdc_response.rb Normal file
View File

@ -0,0 +1,212 @@
# -*- coding: binary -*-
module Rex
module Proto
module Kerberos
module Model
class EncKdcResponse < Element
# @!attribute key
# @return [Rex::Proto::Kerberos::Model::EncryptionKey] The session key
attr_accessor :key
# @!attribute last_req
# @return [Array<Rex::Proto::Kerberos::Model::LastRequest>] This field is returned by the KDC and specifies the time(s)
# of the last request by a principal
attr_accessor :last_req
# @!attribute nonce
# @return [Fixnum] random number
attr_accessor :nonce
# @!attribute key_expiration
# @return [Time] The key-expiration field is part of the response from the
# KDC and specifies the time that the client's secret key is due to expire
attr_accessor :key_expiration
# @!attribute flags
# @return [Fixnum] This field indicates which of various options were used or
# requested when the ticket was issued
attr_accessor :flags
# @!attribute auth_time
# @return [Time] the time of initial authentication for the named principal
attr_accessor :auth_time
# @!attribute start_time
# @return [Time] Specifies the time after which the ticket is valid
attr_accessor :start_time
# @!attribute end_time
# @return [Time] This field contains the time after which the ticket will
# not be honored (its expiration time)
attr_accessor :end_time
# @!attribute renew_till
# @return [Time] This field is only present in tickets that have the
# RENEWABLE flag set in the flags field. It indicates the maximum
# endtime that may be included in a renewal
attr_accessor :renew_till
# @!attribute srealm
# @return [String] The realm part of the server's principal identifier
attr_accessor :srealm
# @!attribute sname
# @return [Rex::Proto::Kerberos::Model::PrincipalName] The name part of the server's identity
attr_accessor :sname
# Decodes the Rex::Proto::Kerberos::Model::EncKdcResponse from an input
#
# @param input [String, OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [self] if decoding succeeds
# @raise [RuntimeError] if decoding doesn't succeed
def decode(input)
case input
when String
decode_string(input)
when OpenSSL::ASN1::ASN1Data
decode_asn1(input)
else
raise ::RuntimeError, 'Failed to decode EncKdcResponse, invalid input'
end
self
end
def encode
raise ::RuntimeError, 'EncKdcResponse encoding not supported'
end
private
# Decodes a Rex::Proto::Kerberos::Model::EncKdcResponse from an String
#
# @param input [String] the input to decode from
def decode_string(input)
asn1 = OpenSSL::ASN1.decode(input)
decode_asn1(asn1)
end
# Decodes a Rex::Proto::Kerberos::Model::EncKdcResponse
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @raise [RuntimeError] if decoding doesn't succeed
def decode_asn1(input)
input.value[0].value.each do |val|
case val.tag
when 0
self.key = decode_key(val)
when 1
self.last_req = decode_last_req(val)
when 2
self.nonce = decode_nonce(val)
when 3
self.key_expiration = decode_key_expiration(val)
when 4
self.flags = decode_flags(val)
when 5
self.auth_time = decode_auth_time(val)
when 6
self.start_time = decode_start_time(val)
when 7
self.end_time = decode_end_time(val)
when 8
self.renew_till = decode_renew_till(val)
when 9
self.srealm = decode_srealm(val)
when 10
self.sname = decode_sname(val)
else
raise ::RuntimeError, 'Failed to decode ENC-KDC-RESPONSE SEQUENCE'
end
end
end
# Decodes the key from an OpenSSL::ASN1::ASN1Data
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [EncryptionKey]
def decode_key(input)
Rex::Proto::Kerberos::Model::EncryptionKey.decode(input.value[0])
end
# Decodes the last_req from an OpenSSL::ASN1::ASN1Data
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Array<Rex::Proto::Kerberos::Model::LastRequest>]
def decode_last_req(input)
last_requests = []
input.value[0].value.each do |last_request|
last_requests << Rex::Proto::Kerberos::Model::LastRequest.decode(last_request)
end
last_requests
end
# Decodes the nonce field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Fixnum]
def decode_nonce(input)
input.value[0].value.to_i
end
# Decodes the key_expiration field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Time]
def decode_key_expiration(input)
input.value[0].value
end
# Decodes the flags field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Fixnum]
def decode_flags(input)
input.value[0].value.to_i
end
# Decodes the auth_time field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Time]
def decode_auth_time(input)
input.value[0].value
end
# Decodes the start_time field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Time]
def decode_start_time(input)
input.value[0].value
end
# Decodes the end_time field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Time]
def decode_end_time(input)
input.value[0].value
end
# Decodes the renew_till field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Time]
def decode_renew_till(input)
input.value[0].value
end
# Decodes the srealm field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [String]
def decode_srealm(input)
input.value[0].value
end
# Decodes the sname field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Rex::Proto::Kerberos::Type::PrincipalName]
def decode_sname(input)
Rex::Proto::Kerberos::Model::PrincipalName.decode(input.value[0])
end
end
end
end
end
end

79
lib/rex/proto/kerberos/model/encryption_key.rb Normal file
View File

@ -0,0 +1,79 @@
# -*- coding: binary -*-
module Rex
module Proto
module Kerberos
module Model
# This class provides a representation of an Encryption Key
class EncryptionKey < Element
# @!attribute key
# @return [Fixnum] The type of encryption key
attr_accessor :type
# @!attribute value
# @return [String] the key itself
attr_accessor :value
# Decodes a Rex::Proto::Kerberos::Model::EncryptionKey
#
# @param input [String, OpenSSL::ASN1::Sequence] the input to decode from
# @return [self] if decoding succeeds
# @raise [RuntimeError] if decoding doesn't succeed
def decode(input)
case input
when String
decode_string(input)
when OpenSSL::ASN1::Sequence
decode_asn1(input)
else
raise ::RuntimeError, 'Failed to decode Encryption Key, invalid input'
end
self
end
def encode
raise ::RuntimeError, 'EncryptionKey encoding not supported'
end
private
# Decodes a Rex::Proto::Kerberos::Model::EncryptionKey from an String
#
# @param input [String] the input to decode from
def decode_string(input)
asn1 = OpenSSL::ASN1.decode(input)
decode_asn1(asn1)
end
# Decodes a Rex::Proto::Kerberos::Model::EncryptionKey from an
# OpenSSL::ASN1::Sequence
#
# @param input [OpenSSL::ASN1::Sequence] the input to decode from
def decode_asn1(input)
seq_values = input.value
self.type = decode_type(seq_values[0])
self.value = decode_value(seq_values[1])
end
# Decodes the type from an OpenSSL::ASN1::ASN1Data
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Fixnum]
def decode_type(input)
input.value[0].value.to_i
end
# Decodes the value from an OpenSSL::ASN1::ASN1Data
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [String]
def decode_value(input)
input.value[0].value
end
end
end
end
end
end

79
lib/rex/proto/kerberos/model/last_request.rb Normal file
View File

@ -0,0 +1,79 @@
# -*- coding: binary -*-
module Rex
module Proto
module Kerberos
module Model
# This class provides a representation of request time
class LastRequest < Element
# @!attribute type
# @return [Fixnum] The type of value
attr_accessor :type
# @!attribute value
# @return [Time] the time of the last request
attr_accessor :value
# Decodes a Rex::Proto::Kerberos::Model::LastRequest
#
# @param input [String, OpenSSL::ASN1::Sequence] the input to decode from
# @return [self] if decoding succeeds
# @raise [RuntimeError] if decoding doesn't succeed
def decode(input)
case input
when String
decode_string(input)
when OpenSSL::ASN1::Sequence
decode_asn1(input)
else
raise ::RuntimeError, 'Failed to decode LastRequest, invalid input'
end
self
end
def encode
raise ::RuntimeError, 'LastRequest encoding not supported'
end
private
# Decodes a Rex::Proto::Kerberos::Model::LastReque from an String
#
# @param input [String] the input to decode from
def decode_string(input)
asn1 = OpenSSL::ASN1.decode(input)
decode_asn1(asn1)
end
# Decodes a Rex::Proto::Kerberos::Model::EncryptionKey from an
# OpenSSL::ASN1::Sequence
#
# @param input [OpenSSL::ASN1::Sequence] the input to decode from
def decode_asn1(input)
seq_values = input.value
self.type = decode_type(seq_values[0])
self.value = decode_value(seq_values[1])
end
# Decodes the key_type from an OpenSSL::ASN1::ASN1Data
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Fixnum]
def decode_type(input)
input.value[0].value.to_i
end
# Decodes the value from an OpenSSL::ASN1::ASN1Data
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Time]
def decode_value(input)
input.value[0].value
end
end
end
end
end
end