Add initial specs for Msf::Kerberos::Client::TgsResponse

lib/msf/kerberos/client.rb

@@ -3,134 +3,132 @@ require 'rex/proto/kerberos'
 
 module Msf
   module Kerberos
-    module Microsoft
-      module Client
-        require 'msf/kerberos/client/base'
-        require 'msf/kerberos/client/as_request'
-        require 'msf/kerberos/client/as_response'
-        require 'msf/kerberos/client/tgs_request'
-        require 'msf/kerberos/client/tgs_response'
-        require 'msf/kerberos/client/pac'
-        require 'msf/kerberos/client/cache_credential'
+    module Client
+      require 'msf/kerberos/client/base'
+      require 'msf/kerberos/client/as_request'
+      require 'msf/kerberos/client/as_response'
+      require 'msf/kerberos/client/tgs_request'
+      require 'msf/kerberos/client/tgs_response'
+      require 'msf/kerberos/client/pac'
+      require 'msf/kerberos/client/cache_credential'
 
-        include Msf::Kerberos::Client::Base
-        include Msf::Kerberos::Client::AsRequest
-        include Msf::Kerberos::Client::AsResponse
-        include Msf::Kerberos::Client::TgsRequest
-        include Msf::Kerberos::Client::TgsResponse
-        include Msf::Kerberos::Client::Pac
-        include Msf::Kerberos::Client::CacheCredential
+      include Msf::Kerberos::Client::Base
+      include Msf::Kerberos::Client::AsRequest
+      include Msf::Kerberos::Client::AsResponse
+      include Msf::Kerberos::Client::TgsRequest
+      include Msf::Kerberos::Client::TgsResponse
+      include Msf::Kerberos::Client::Pac
+      include Msf::Kerberos::Client::CacheCredential
 
-        # @!attribute client
-        #   @return [Rex::Proto::Kerberos::Client] The kerberos client
-        attr_accessor :client
+      # @!attribute client
+      #   @return [Rex::Proto::Kerberos::Client] The kerberos client
+      attr_accessor :client
 
-        def initialize(info = {})
-          super
+      def initialize(info = {})
+        super
 
-          register_options(
-            [
-              Opt::RHOST,
-              Opt::RPORT(88),
-              OptInt.new('Timeout', [true, 'The TCP timeout to establish connection and read data', 10])
-            ], self.class
-          )
+        register_options(
+          [
+            Opt::RHOST,
+            Opt::RPORT(88),
+            OptInt.new('Timeout', [true, 'The TCP timeout to establish connection and read data', 10])
+          ], self.class
+        )
+      end
+
+      # Returns the target host
+      #
+      # @return [String]
+      def rhost
+        datastore['RHOST']
+      end
+
+      # Returns the remote port
+      #
+      # @return [Fixnum]
+      def rport
+        datastore['RPORT']
+      end
+
+      # Returns the TCP timeout
+      #
+      # @return [Fixnum]
+      def timeout
+        datastore['Timeout']
+      end
+
+      # Returns the kdc peer
+      #
+      # @return [String]
+      def peer
+        "#{rhost}:#{rport}"
+      end
+
+      # Creates a kerberos connection
+      #
+      # @param opts [Hash{Symbol => <String, Fixnum>}]
+      # @option opts [String] :rhost
+      # @option opts [<String, Fixnum>] :rport
+      # @return [Rex::Proto::Kerberos::Client]
+      def connect(opts={})
+        kerb_client = Rex::Proto::Kerberos::Client.new(
+          host: opts[:rhost] || rhost,
+          port: (opts[:rport] || rport).to_i,
+          timeout: (opts[:timeout] || timeout).to_i,
+          context:
+            {
+              'Msf'        => framework,
+              'MsfExploit' => self,
+            },
+          protocol: 'tcp'
+        )
+
+        disconnect if client
+        self.client = kerb_client
+
+        kerb_client
+      end
+
+      # Disconnects the Kerberos client
+      #
+      # @param kerb_client [Rex::Proto::Kerberos::Client] the client to disconnect
+      def disconnect(kerb_client = client)
+        kerb_client.close if kerb_client
+
+        if kerb_client == client
+          self.client = nil
         end
+      end
 
-        # Returns the target host
-        #
-        # @return [String]
-        def rhost
-          datastore['RHOST']
-        end
+      # Performs cleanup as necessary, disconnecting the Kerberos client
+      # if it's still established.
+      def cleanup
+        super
+        disconnect
+      end
 
-        # Returns the remote port
-        #
-        # @return [Fixnum]
-        def rport
-          datastore['RPORT']
-        end
+      # Sends a kerberos AS request and reads the response
+      #
+      # @param opts [Hash]
+      # @return [Rex::Proto::Kerberos::Model::KdcResponse]
+      def send_request_as(opts = {})
+        connect(opts)
+        req = build_as_request(opts)
+        res = client.send_recv(req)
+        disconnect
+        res
+      end
 
-        # Returns the TCP timeout
-        #
-        # @return [Fixnum]
-        def timeout
-          datastore['Timeout']
-        end
-
-        # Returns the kdc peer
-        #
-        # @return [String]
-        def peer
-          "#{rhost}:#{rport}"
-        end
-
-        # Creates a kerberos connection
-        #
-        # @param opts [Hash{Symbol => <String, Fixnum>}]
-        # @option opts [String] :rhost
-        # @option opts [<String, Fixnum>] :rport
-        # @return [Rex::Proto::Kerberos::Client]
-        def connect(opts={})
-          kerb_client = Rex::Proto::Kerberos::Client.new(
-            host: opts[:rhost] || rhost,
-            port: (opts[:rport] || rport).to_i,
-            timeout: (opts[:timeout] || timeout).to_i,
-            context:
-              {
-                'Msf'        => framework,
-                'MsfExploit' => self,
-              },
-            protocol: 'tcp'
-          )
-
-          disconnect if client
-          self.client = kerb_client
-
-          kerb_client
-        end
-
-        # Disconnects the Kerberos client
-        #
-        # @param kerb_client [Rex::Proto::Kerberos::Client] the client to disconnect
-        def disconnect(kerb_client = client)
-          kerb_client.close if kerb_client
-
-          if kerb_client == client
-            self.client = nil
-          end
-        end
-
-        # Performs cleanup as necessary, disconnecting the Kerberos client
-        # if it's still established.
-        def cleanup
-          super
-          disconnect
-        end
-
-        # Sends a kerberos AS request and reads the response
-        #
-        # @param opts [Hash]
-        # @return [Rex::Proto::Kerberos::Model::KdcResponse]
-        def send_request_as(opts = {})
-          connect(opts)
-          req = build_as_request(opts)
-          res = client.send_recv(req)
-          disconnect
-          res
-        end
-
-        # Sends a kerberos AS request and reads the response
-        #
-        # @param opts [Hash]
-        # @return [Rex::Proto::Kerberos::Model::KdcResponse]
-        def send_request_tgs(opts = {})
-          connect(opts)
-          req = build_tgs_request(opts)
-          res = client.send_recv(req)
-          disconnect
-          res
-        end
+      # Sends a kerberos AS request and reads the response
+      #
+      # @param opts [Hash]
+      # @return [Rex::Proto::Kerberos::Model::KdcResponse]
+      def send_request_tgs(opts = {})
+        connect(opts)
+        req = build_tgs_request(opts)
+        res = client.send_recv(req)
+        disconnect
+        res
       end
     end
   end

lib/msf/kerberos/client/tgs_response.rb

@@ -12,6 +12,10 @@ module Msf
         # @param res [Rex::Proto::Kerberos::Model::KdcResponse]
         # @param key [String]
         # @return [Rex::Proto::Kerberos::CredentialCache::Cache]
+        # @see Rex::Proto::Kerberos::Model::EncKdcResponse
+        # @see Rex::Proto::Kerberos::Model::EncKdcResponse.decode
+        # @see Msf::Kerberos::Client::CacheCredential
+        # @see Rex::Proto::Kerberos::CredentialCache::Cache
         def extract_kerb_creds(res, key)
           decrypt_res = res.enc_part.decrypt(key, 9)
           enc_res = Rex::Proto::Kerberos::Model::EncKdcResponse.decode(decrypt_res)

lib/rex/proto/kerberos/client.rb

@@ -168,6 +168,7 @@ module Rex
             raise ::RuntimeError, 'Kerberos Client: failed to read response'
           end
 
+          puts Rex::Text.to_hex(data)
           res = decode_kerb_response(data)
 
           res

modules/auxiliary/admin/kerberos/kerberos_test.rb

@@ -8,7 +8,7 @@ require 'rex'
 
 class Metasploit4 < Msf::Auxiliary
 
-  include Msf::Kerberos::Microsoft::Client
+  include Msf::Kerberos::Client
 
   def initialize(info = {})
     super(update_info(info,