0ade721bf1
|
||
|---|---|---|
| .. | ||
| credential_cache | ||
| crypto | ||
| keytab | ||
| model | ||
| pac | ||
| README.md | ||
| client.rb | ||
| credential_cache.rb | ||
| crypto.rb | ||
| keytab.rb | ||
| model.rb | ||
| pac.rb | ||
README.md
Rex Kerberos Protocol
Useful resources
- MS-KILE - Microsoft's Kerberos Extensions
- Microsoft's Principal Name Canonicalization, with Realms and EncKDCRepPart changes to include encrypted-pa-data
- Newer Kerberos V5 spec
- Older Kerberos V5 spec - contains useful implementation details
- The RC4-HMAC Kerberos Encryption Types Used by Microsoft Windows
- IANA - Kerberos Parameters
- Kerberos Version 5 GSS-API Mechanism
- Using Kerberos with a service, such as SMB
API Gotchas
The API fields cname and client_name, as well as sname and server_name are not interchangeable.
The cname and sname values are objects to be encoded into a Kerberos packet, but can be generated by specifying
simpler client_name or server_name strings.
Development
Decrypting encrypted Kerberos blobs
The Kerberos protocol makes use of encrypted values which will show as an opaque blob of hex characters in Wireshark.
Look at the module documentation in modules/auxiliary/admin/kerberos/keytab.md for ways to decrypt wireshark traffic using keytab files.