swisskyrepo
/
NetExec
mirror of https://github.com/swisskyrepo/NetExec.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

mssql - Retrieve username when using Kerberos Auth 

This change allows the program to return the name of the user being authenticated when using Kerberos with the protocol mssql.
main
Julio Ureña 2022-11-16 16:39:44 -04:00 committed by GitHub
parent bd5a3fe91d
commit 4a12e437fa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cme/protocols/mssql.py
View File

@ -12,6 +12,7 @@ from cme.helpers.bloodhound import add_user_bh
from cme.helpers.powershell import create_ps_command from cme.helpers.powershell import create_ps_command
from impacket import tds from impacket import tds
import configparser import configparser
from impacket.krb5.ccache import CCache
from impacket.smbconnection import SMBConnection, SessionError from impacket.smbconnection import SMBConnection, SessionError
from impacket.tds import SQLErrorException, TDS_LOGINACK_TOKEN, TDS_ERROR_TOKEN, TDS_ENVCHANGE_TOKEN, TDS_INFO_TOKEN, \ from impacket.tds import SQLErrorException, TDS_LOGINACK_TOKEN, TDS_ERROR_TOKEN, TDS_ENVCHANGE_TOKEN, TDS_INFO_TOKEN, \
TDS_ENVCHANGE_VARCHAR, TDS_ENVCHANGE_DATABASE, TDS_ENVCHANGE_LANGUAGE, TDS_ENVCHANGE_CHARSET, TDS_ENVCHANGE_PACKETSIZE TDS_ENVCHANGE_VARCHAR, TDS_ENVCHANGE_DATABASE, TDS_ENVCHANGE_LANGUAGE, TDS_ENVCHANGE_CHARSET, TDS_ENVCHANGE_PACKETSIZE
@ -189,6 +190,12 @@ class mssql(connection):
return False return False
self.password = password self.password = password
if username == '' and useCache:
ccache = CCache.loadFile(os.getenv('KRB5CCNAME'))
principal = ccache.principal.toPrincipal()
self.username = principal.components[0]
username = principal.components[0]
else:
self.username = username self.username = username
self.domain = domain self.domain = domain
self.check_if_admin() self.check_if_admin()