Replicate Logon domain name and extra sids from sapphire ticket

lib/msf/core/exploit/remote/kerberos/client/pac.rb

@@ -52,6 +52,7 @@ module Msf
               group_ids = opts[:group_ids] || [Rex::Proto::Kerberos::Pac::DOMAIN_USERS]
               extra_sids = opts[:extra_sids] || []
               domain_name = opts[:realm] || ''
+              logon_domain_name = opts[:logon_domain_name] || opts[:realm] || ''
               domain_id = opts[:domain_id] || Rex::Proto::Kerberos::Pac::NT_AUTHORITY_SID
               auth_time = opts[:auth_time] || Time.now
               checksum_type = opts[:checksum_type] || Rex::Proto::Kerberos::Crypto::Checksum::RSA_MD5
@@ -64,7 +65,7 @@ module Msf
                 effective_name: user_name,
                 user_id: user_id,
                 primary_group_id: primary_group_id,
-                logon_domain_name: domain_name,
+                logon_domain_name: logon_domain_name,
                 logon_domain_id: domain_id,
                 full_name: base_vi.full_name,
                 logon_script: base_vi.logon_script,

lib/msf/core/exploit/remote/kerberos/ticket.rb

@@ -150,8 +150,12 @@ module Msf
               when Rex::Proto::Kerberos::Pac::Krb5PacElementType::LOGON_INFORMATION
                 opts[:group_id] = element.data.primary_group_id.value
                 opts[:domain_id] = element.data.logon_domain_id
+                opts[:logon_domain_name] = element.data.logon_domain_name
                 if copy_entire_pac
                   opts[:base_verification_info] = element.data
+                  element.data.extra_sids.each do |sid|
+                    opts[:extra_sids].append(sid.sid.to_s)
+                  end
                 end
               when Rex::Proto::Kerberos::Pac::Krb5PacElementType::TICKET_CHECKSUM
                 # We want to be stealthy and match whatever the KDC is doing, so we should do it too