Add support to decode TGS_REQ body

2014-12-09 16:51:34 -06:00 · 2014-12-09 16:51:34 -06:00 · b84840a596
parent f236438290
commit b84840a596
2 changed files with 50 additions and 3 deletions
--- a/lib/rex/proto/kerberos/model/field/kdc_request_body.rb
+++ b/lib/rex/proto/kerberos/model/field/kdc_request_body.rb
@ -32,7 +32,7 @@ module Rex
            #   @return [Array<Fixnum>] The desired encryption algorithm to be used in the response
            attr_accessor :etype
            # @!attribute enc_auth_data
-            #   @return [EncryptedData] An encoding of the desired authorization-data encrypted
+            #   @return [Rex::Proto::Kerberos::Type::EncryptedData] An encoding of the desired authorization-data encrypted
            attr_accessor :enc_auth_data

            def decode(input, type_req)
@ -137,7 +137,7 @@ module Rex
            end

            def decode_enc_auth_data(input)
-              ''
+              Rex::Proto::Kerberos::Model::Type::EncryptedData.decode(input.value[0])
            end
          end
        end
--- a/spec/lib/rex/proto/kerberos/model/field/kdc_request_body_spec.rb
+++ b/spec/lib/rex/proto/kerberos/model/field/kdc_request_body_spec.rb
@ -151,9 +151,56 @@ describe Rex::Proto::Kerberos::Model::Field::KdcRequestBody do
    context "when KdcRequestBody from a KRB_TGS_REQ message" do
      it "returns the KdcRequestBody instance" do
        expect(kdc_request_body.decode(sample_tgs_req, tgs_req)).to eq(kdc_request_body)
+      end

-        pp kdc_request_body
+      it "decodes options" do
+        kdc_request_body.decode(sample_tgs_req, tgs_req)
+        expect(kdc_request_body.options).to eq(0x50800000)
+      end

+      it "leaves cname as nil" do
+        kdc_request_body.decode(sample_tgs_req, tgs_req)
+        expect(kdc_request_body.cname).to be_nil
+      end
+
+      it "decodes realm" do
+        kdc_request_body.decode(sample_tgs_req, tgs_req)
+        expect(kdc_request_body.realm).to eq('DEMO.LOCAL')
+      end
+
+      it "decodes sname" do
+        kdc_request_body.decode(sample_tgs_req, tgs_req)
+        expect(kdc_request_body.sname.name_string).to eq(['krbtgt', 'DEMO.LOCAL'])
+      end
+
+      it "decodes from" do
+        kdc_request_body.decode(sample_tgs_req, tgs_req)
+        expect(kdc_request_body.from.to_s).to eq('1970-01-01 00:00:00 UTC')
+      end
+
+      it "decodes till" do
+        kdc_request_body.decode(sample_tgs_req, tgs_req)
+        expect(kdc_request_body.till.to_s).to eq('1970-01-01 00:00:00 UTC')
+      end
+
+      it "decodes rtime" do
+        kdc_request_body.decode(sample_tgs_req, tgs_req)
+        expect(kdc_request_body.rtime.to_s).to eq('1970-01-01 00:00:00 UTC')
+      end
+
+      it "decodes nonce" do
+        kdc_request_body.decode(sample_tgs_req, tgs_req)
+        expect(kdc_request_body.nonce).to eq(2053110444)
+      end
+
+      it "decodes etype" do
+        kdc_request_body.decode(sample_tgs_req, tgs_req)
+        expect(kdc_request_body.etype).to eq([23])
+      end
+
+      it "decodes enc_auth_data" do
+        kdc_request_body.decode(sample_tgs_req, tgs_req)
+        expect(kdc_request_body.enc_auth_data.cipher.length).to eq(643)
      end
    end
  end