rex 2.0.5 → 2.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/rex/exploitation/egghunter.rb +4 -6
- data/lib/rex/exploitation/powershell/psh_methods.rb +9 -0
- data/lib/rex/java/serialization.rb +2 -1
- data/lib/rex/java/serialization/builder.rb +94 -0
- data/lib/rex/java/serialization/model.rb +29 -18
- data/lib/rex/java/serialization/model/annotation.rb +2 -2
- data/lib/rex/java/serialization/model/field.rb +2 -2
- data/lib/rex/java/serialization/model/new_array.rb +8 -3
- data/lib/rex/java/serialization/model/new_class_desc.rb +3 -3
- data/lib/rex/java/serialization/model/new_enum.rb +4 -4
- data/lib/rex/java/serialization/model/new_object.rb +17 -10
- data/lib/rex/ole/direntry.rb +1 -1
- data/lib/rex/ole/samples/create_ole.rb +0 -0
- data/lib/rex/ole/samples/dir.rb +0 -0
- data/lib/rex/ole/samples/dump_stream.rb +0 -0
- data/lib/rex/ole/samples/ole_info.rb +0 -0
- data/lib/rex/parser/foundstone_nokogiri.rb +1 -1
- data/lib/rex/parser/fs/ntfs.rb +252 -0
- data/lib/rex/parser/openvas_nokogiri.rb +2 -0
- data/lib/rex/payloads/win32/kernel.rb +3 -3
- data/lib/rex/post/meterpreter/client_core.rb +172 -64
- data/lib/rex/post/meterpreter/extensions/priv/priv.rb +3 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +12 -10
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +64 -37
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +8 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +15 -3
- data/lib/rex/post/meterpreter/packet.rb +41 -38
- data/lib/rex/post/meterpreter/packet_dispatcher.rb +7 -1
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +17 -4
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +11 -4
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +1 -1
- data/lib/rex/proto.rb +2 -0
- data/lib/rex/proto/acpp.rb +17 -0
- data/lib/rex/proto/acpp/client.rb +29 -0
- data/lib/rex/proto/acpp/message.rb +183 -0
- data/lib/rex/proto/http/client.rb +1 -2
- data/lib/rex/proto/iax2/call.rb +22 -3
- data/lib/rex/proto/iax2/client.rb +1 -0
- data/lib/rex/proto/kerberos.rb +13 -0
- data/lib/rex/proto/kerberos/client.rb +213 -0
- data/lib/rex/proto/kerberos/credential_cache.rb +19 -0
- data/lib/rex/proto/kerberos/credential_cache/cache.rb +81 -0
- data/lib/rex/proto/kerberos/credential_cache/credential.rb +151 -0
- data/lib/rex/proto/kerberos/credential_cache/element.rb +49 -0
- data/lib/rex/proto/kerberos/credential_cache/key_block.rb +62 -0
- data/lib/rex/proto/kerberos/credential_cache/principal.rb +70 -0
- data/lib/rex/proto/kerberos/credential_cache/time.rb +69 -0
- data/lib/rex/proto/kerberos/crypto.rb +21 -0
- data/lib/rex/proto/kerberos/crypto/rc4_hmac.rb +65 -0
- data/lib/rex/proto/kerberos/crypto/rsa_md5.rb +15 -0
- data/lib/rex/proto/kerberos/model.rb +133 -0
- data/lib/rex/proto/kerberos/model/ap_req.rb +98 -0
- data/lib/rex/proto/kerberos/model/authenticator.rb +143 -0
- data/lib/rex/proto/kerberos/model/authorization_data.rb +85 -0
- data/lib/rex/proto/kerberos/model/checksum.rb +59 -0
- data/lib/rex/proto/kerberos/model/element.rb +67 -0
- data/lib/rex/proto/kerberos/model/enc_kdc_response.rb +215 -0
- data/lib/rex/proto/kerberos/model/encrypted_data.rb +171 -0
- data/lib/rex/proto/kerberos/model/encryption_key.rb +106 -0
- data/lib/rex/proto/kerberos/model/kdc_request.rb +166 -0
- data/lib/rex/proto/kerberos/model/kdc_request_body.rb +315 -0
- data/lib/rex/proto/kerberos/model/kdc_response.rb +141 -0
- data/lib/rex/proto/kerberos/model/krb_error.rb +219 -0
- data/lib/rex/proto/kerberos/model/last_request.rb +82 -0
- data/lib/rex/proto/kerberos/model/pre_auth_data.rb +104 -0
- data/lib/rex/proto/kerberos/model/pre_auth_enc_time_stamp.rb +126 -0
- data/lib/rex/proto/kerberos/model/pre_auth_pac_request.rb +81 -0
- data/lib/rex/proto/kerberos/model/principal_name.rb +116 -0
- data/lib/rex/proto/kerberos/model/ticket.rb +151 -0
- data/lib/rex/proto/kerberos/pac.rb +36 -0
- data/lib/rex/proto/kerberos/pac/client_info.rb +53 -0
- data/lib/rex/proto/kerberos/pac/element.rb +52 -0
- data/lib/rex/proto/kerberos/pac/logon_info.rb +566 -0
- data/lib/rex/proto/kerberos/pac/priv_svr_checksum.rb +29 -0
- data/lib/rex/proto/kerberos/pac/server_checksum.rb +30 -0
- data/lib/rex/proto/kerberos/pac/type.rb +121 -0
- data/lib/rex/proto/rmi.rb +7 -0
- data/lib/rex/proto/rmi/model.rb +31 -0
- data/lib/rex/proto/rmi/model/call.rb +60 -0
- data/lib/rex/proto/rmi/model/continuation.rb +76 -0
- data/lib/rex/proto/rmi/model/dgc_ack.rb +62 -0
- data/lib/rex/proto/rmi/model/element.rb +143 -0
- data/lib/rex/proto/rmi/model/output_header.rb +86 -0
- data/lib/rex/proto/rmi/model/ping.rb +41 -0
- data/lib/rex/proto/rmi/model/ping_ack.rb +41 -0
- data/lib/rex/proto/rmi/model/protocol_ack.rb +100 -0
- data/lib/rex/proto/rmi/model/return_data.rb +60 -0
- data/lib/rex/socket.rb +9 -1
- data/lib/rex/socket/tcp_server.rb +3 -0
- data/lib/rex/ui/text/dispatcher_shell.rb +4 -4
- data/lib/rex/ui/text/output/tee.rb +2 -0
- data/lib/rex/zip/samples/comment.rb +0 -0
- data/lib/rex/zip/samples/mkwar.rb +0 -0
- data/lib/rex/zip/samples/mkzip.rb +0 -0
- data/lib/rex/zip/samples/recursive.rb +0 -0
- data/rex.gemspec +1 -1
- metadata +56 -2
|
@@ -0,0 +1,106 @@
|
|
|
1
|
+
# -*- coding: binary -*-
|
|
2
|
+
|
|
3
|
+
module Rex
|
|
4
|
+
module Proto
|
|
5
|
+
module Kerberos
|
|
6
|
+
module Model
|
|
7
|
+
# This class provides a representation of a Kerberos EncryptionKey data
|
|
8
|
+
# definition
|
|
9
|
+
class EncryptionKey < Element
|
|
10
|
+
|
|
11
|
+
# @!attribute key
|
|
12
|
+
# @return [Fixnum] The type of encryption key
|
|
13
|
+
attr_accessor :type
|
|
14
|
+
# @!attribute value
|
|
15
|
+
# @return [String] the key itself
|
|
16
|
+
attr_accessor :value
|
|
17
|
+
|
|
18
|
+
# Decodes a Rex::Proto::Kerberos::Model::EncryptionKey
|
|
19
|
+
#
|
|
20
|
+
# @param input [String, OpenSSL::ASN1::Sequence] the input to decode from
|
|
21
|
+
# @return [self] if decoding succeeds
|
|
22
|
+
# @raise [RuntimeError] if decoding doesn't succeed
|
|
23
|
+
def decode(input)
|
|
24
|
+
case input
|
|
25
|
+
when String
|
|
26
|
+
decode_string(input)
|
|
27
|
+
when OpenSSL::ASN1::Sequence
|
|
28
|
+
decode_asn1(input)
|
|
29
|
+
else
|
|
30
|
+
raise ::RuntimeError, 'Failed to decode EncryptionKey, invalid input'
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
self
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
# Encodes a Rex::Proto::Kerberos::Model::EncryptionKey into an
|
|
37
|
+
# ASN.1 String
|
|
38
|
+
#
|
|
39
|
+
# @return [String]
|
|
40
|
+
def encode
|
|
41
|
+
elems = []
|
|
42
|
+
elems << OpenSSL::ASN1::ASN1Data.new([encode_type], 0, :CONTEXT_SPECIFIC)
|
|
43
|
+
elems << OpenSSL::ASN1::ASN1Data.new([encode_value], 1, :CONTEXT_SPECIFIC)
|
|
44
|
+
seq = OpenSSL::ASN1::Sequence.new(elems)
|
|
45
|
+
|
|
46
|
+
seq.to_der
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
private
|
|
50
|
+
|
|
51
|
+
# Decodes a Rex::Proto::Kerberos::Model::EncryptionKey from an String
|
|
52
|
+
#
|
|
53
|
+
# @param input [String] the input to decode from
|
|
54
|
+
def decode_string(input)
|
|
55
|
+
asn1 = OpenSSL::ASN1.decode(input)
|
|
56
|
+
|
|
57
|
+
decode_asn1(asn1)
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
# Decodes a Rex::Proto::Kerberos::Model::EncryptionKey from an
|
|
61
|
+
# OpenSSL::ASN1::Sequence
|
|
62
|
+
#
|
|
63
|
+
# @param input [OpenSSL::ASN1::Sequence] the input to decode from
|
|
64
|
+
def decode_asn1(input)
|
|
65
|
+
seq_values = input.value
|
|
66
|
+
self.type = decode_type(seq_values[0])
|
|
67
|
+
self.value = decode_value(seq_values[1])
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
# Decodes the type from an OpenSSL::ASN1::ASN1Data
|
|
71
|
+
#
|
|
72
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
73
|
+
# @return [Fixnum]
|
|
74
|
+
def decode_type(input)
|
|
75
|
+
input.value[0].value.to_i
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
# Decodes the value from an OpenSSL::ASN1::ASN1Data
|
|
79
|
+
#
|
|
80
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
81
|
+
# @return [String]
|
|
82
|
+
def decode_value(input)
|
|
83
|
+
input.value[0].value
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
# Encodes the type field
|
|
87
|
+
#
|
|
88
|
+
# @return [OpenSSL::ASN1::Integer]
|
|
89
|
+
def encode_type
|
|
90
|
+
bn = OpenSSL::BN.new(type.to_s)
|
|
91
|
+
int = OpenSSL::ASN1::Integer.new(bn)
|
|
92
|
+
|
|
93
|
+
int
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
# Encodes the value field
|
|
97
|
+
#
|
|
98
|
+
# @return [OpenSSL::ASN1::OctetString]
|
|
99
|
+
def encode_value
|
|
100
|
+
OpenSSL::ASN1::OctetString.new(value)
|
|
101
|
+
end
|
|
102
|
+
end
|
|
103
|
+
end
|
|
104
|
+
end
|
|
105
|
+
end
|
|
106
|
+
end
|
|
@@ -0,0 +1,166 @@
|
|
|
1
|
+
# -*- coding: binary -*-
|
|
2
|
+
|
|
3
|
+
module Rex
|
|
4
|
+
module Proto
|
|
5
|
+
module Kerberos
|
|
6
|
+
module Model
|
|
7
|
+
# This class provides a representation of a Kerberos KDC-REQ (request) data
|
|
8
|
+
# definition
|
|
9
|
+
class KdcRequest < Element
|
|
10
|
+
# @!attribute pvno
|
|
11
|
+
# @return [Fixnum] The protocol version number
|
|
12
|
+
attr_accessor :pvno
|
|
13
|
+
# @!attribute msg_type
|
|
14
|
+
# @return [Fixnum] The type of a protocol message
|
|
15
|
+
attr_accessor :msg_type
|
|
16
|
+
# @!attribute pa_data
|
|
17
|
+
# @return [Array<Rex::Proto::Kerberos::Model::PreAuthData>] Authentication information which may
|
|
18
|
+
# be needed before credentials can be issued or decrypted
|
|
19
|
+
attr_accessor :pa_data
|
|
20
|
+
# @!attribute req_body
|
|
21
|
+
# @return [Rex::Proto::Kerberos::Model:::KdcRequestBody] The request body
|
|
22
|
+
attr_accessor :req_body
|
|
23
|
+
|
|
24
|
+
# Decodes the Rex::Proto::Kerberos::Model::KdcRequest from an input
|
|
25
|
+
#
|
|
26
|
+
# @param input [String, OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
27
|
+
# @return [self] if decoding succeeds
|
|
28
|
+
# @raise [RuntimeError] if decoding doesn't succeed
|
|
29
|
+
def decode(input)
|
|
30
|
+
case input
|
|
31
|
+
when String
|
|
32
|
+
decode_string(input)
|
|
33
|
+
when OpenSSL::ASN1::ASN1Data
|
|
34
|
+
decode_asn1(input)
|
|
35
|
+
else
|
|
36
|
+
raise ::RuntimeError, 'Failed to decode KdcRequest, invalid input'
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
self
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
# Encodes the Rex::Proto::Kerberos::Model::KdcRequest into an ASN.1 String
|
|
43
|
+
#
|
|
44
|
+
# @return [String]
|
|
45
|
+
def encode
|
|
46
|
+
pvno_asn1 = OpenSSL::ASN1::ASN1Data.new([encode_pvno], 1, :CONTEXT_SPECIFIC)
|
|
47
|
+
msg_type_asn1 = OpenSSL::ASN1::ASN1Data.new([encode_msg_type], 2, :CONTEXT_SPECIFIC)
|
|
48
|
+
pa_data_asn1 = OpenSSL::ASN1::ASN1Data.new([encode_pa_data], 3, :CONTEXT_SPECIFIC)
|
|
49
|
+
req_body_asn1 = OpenSSL::ASN1::ASN1Data.new([encode_req_body], 4, :CONTEXT_SPECIFIC)
|
|
50
|
+
seq = OpenSSL::ASN1::Sequence.new([pvno_asn1, msg_type_asn1, pa_data_asn1, req_body_asn1])
|
|
51
|
+
seq_asn1 = OpenSSL::ASN1::ASN1Data.new([seq], msg_type, :APPLICATION)
|
|
52
|
+
seq_asn1.to_der
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
private
|
|
56
|
+
|
|
57
|
+
# Encodes the pvno field
|
|
58
|
+
#
|
|
59
|
+
# @return [OpenSSL::ASN1::Integer]
|
|
60
|
+
def encode_pvno
|
|
61
|
+
bn = OpenSSL::BN.new(pvno.to_s)
|
|
62
|
+
int = OpenSSL::ASN1::Integer.new(bn)
|
|
63
|
+
|
|
64
|
+
int
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
# Encodes the msg_type field
|
|
68
|
+
#
|
|
69
|
+
# @return [OpenSSL::ASN1::Integer]
|
|
70
|
+
def encode_msg_type
|
|
71
|
+
bn = OpenSSL::BN.new(msg_type.to_s)
|
|
72
|
+
int = OpenSSL::ASN1::Integer.new(bn)
|
|
73
|
+
|
|
74
|
+
int
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
# Encodes the pa_data field
|
|
78
|
+
#
|
|
79
|
+
# @return [String]
|
|
80
|
+
def encode_pa_data
|
|
81
|
+
elems = []
|
|
82
|
+
pa_data.each do |data|
|
|
83
|
+
elems << data.encode
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
OpenSSL::ASN1::Sequence.new(elems)
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
# Encodes the req_body field
|
|
90
|
+
#
|
|
91
|
+
# @return [String]
|
|
92
|
+
def encode_req_body
|
|
93
|
+
req_body.encode
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
# Decodes a Rex::Proto::Kerberos::Model::KdcRequest from an String
|
|
97
|
+
#
|
|
98
|
+
# @param input [String] the input to decode from
|
|
99
|
+
def decode_string(input)
|
|
100
|
+
asn1 = OpenSSL::ASN1.decode(input)
|
|
101
|
+
|
|
102
|
+
decode_asn1(asn1)
|
|
103
|
+
end
|
|
104
|
+
|
|
105
|
+
# Decodes a Rex::Proto::Kerberos::Model::KdcRequest
|
|
106
|
+
#
|
|
107
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
108
|
+
# @raise [RuntimeError] if decoding doesn't succeed
|
|
109
|
+
def decode_asn1(input)
|
|
110
|
+
input.value[0].value.each do |val|
|
|
111
|
+
case val.tag
|
|
112
|
+
when 1
|
|
113
|
+
self.pvno = decode_asn1_pvno(val)
|
|
114
|
+
when 2
|
|
115
|
+
self.msg_type = decode_asn1_msg_type(val)
|
|
116
|
+
when 3
|
|
117
|
+
self.pa_data = decode_asn1_pa_data(val)
|
|
118
|
+
when 4
|
|
119
|
+
self.req_body = decode_asn1_req_body(val)
|
|
120
|
+
else
|
|
121
|
+
raise ::RuntimeError, 'Filed to decode KdcRequest SEQUENCE'
|
|
122
|
+
end
|
|
123
|
+
end
|
|
124
|
+
end
|
|
125
|
+
|
|
126
|
+
# Decodes the pvno from an OpenSSL::ASN1::ASN1Data
|
|
127
|
+
#
|
|
128
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
129
|
+
# @return [Fixnum]
|
|
130
|
+
def decode_asn1_pvno(input)
|
|
131
|
+
input.value[0].value.to_i
|
|
132
|
+
end
|
|
133
|
+
|
|
134
|
+
# Decodes the msg_type from an OpenSSL::ASN1::ASN1Data
|
|
135
|
+
#
|
|
136
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
137
|
+
# @return [Fixnum]
|
|
138
|
+
def decode_asn1_msg_type(input)
|
|
139
|
+
input.value[0].value.to_i
|
|
140
|
+
end
|
|
141
|
+
|
|
142
|
+
# Decodes the pa_data from an OpenSSL::ASN1::ASN1Data
|
|
143
|
+
#
|
|
144
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
145
|
+
# @return [Array<Rex::Proto::Kerberos::Model::PreAuthData>]
|
|
146
|
+
def decode_asn1_pa_data(input)
|
|
147
|
+
pre_auth = []
|
|
148
|
+
input.value[0].value.each do |pre_auth_data|
|
|
149
|
+
pre_auth << Rex::Proto::Kerberos::Model::PreAuthData.decode(pre_auth_data)
|
|
150
|
+
end
|
|
151
|
+
|
|
152
|
+
pre_auth
|
|
153
|
+
end
|
|
154
|
+
|
|
155
|
+
# Decodes the req_body from an OpenSSL::ASN1::ASN1Data
|
|
156
|
+
#
|
|
157
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
158
|
+
# @return [Rex::Proto::Kerberos::Model::KdcRequestBody]
|
|
159
|
+
def decode_asn1_req_body(input)
|
|
160
|
+
Rex::Proto::Kerberos::Model::KdcRequestBody.decode(input.value[0])
|
|
161
|
+
end
|
|
162
|
+
end
|
|
163
|
+
end
|
|
164
|
+
end
|
|
165
|
+
end
|
|
166
|
+
end
|
|
@@ -0,0 +1,315 @@
|
|
|
1
|
+
# -*- coding: binary -*-
|
|
2
|
+
|
|
3
|
+
module Rex
|
|
4
|
+
module Proto
|
|
5
|
+
module Kerberos
|
|
6
|
+
module Model
|
|
7
|
+
# This class provides a representation of a Kerberos KDC-REQ-BODY (request body) data
|
|
8
|
+
# definition
|
|
9
|
+
class KdcRequestBody < Element
|
|
10
|
+
# @!attribute options
|
|
11
|
+
# @return [Fixnum] The ticket flags
|
|
12
|
+
attr_accessor :options
|
|
13
|
+
# @!attribute cname
|
|
14
|
+
# @return [Rex::Proto::Kerberos::Model::PrincipalName] The name part of the client's principal identifier
|
|
15
|
+
attr_accessor :cname
|
|
16
|
+
# @!attribute realm
|
|
17
|
+
# @return [String] The realm part of the server's principal identifier
|
|
18
|
+
attr_accessor :realm
|
|
19
|
+
# @!attribute sname
|
|
20
|
+
# @return [Rex::Proto::Kerberos::Model::PrincipalName] The name part of the server's identity
|
|
21
|
+
attr_accessor :sname
|
|
22
|
+
# @!attribute from
|
|
23
|
+
# @return [Time] Start time when the ticket is to be postdated
|
|
24
|
+
attr_accessor :from
|
|
25
|
+
# @!attribute till
|
|
26
|
+
# @return [Time] Expiration date requested by the client
|
|
27
|
+
attr_accessor :till
|
|
28
|
+
# @!attribute rtime
|
|
29
|
+
# @return [Time] Optional requested renew-till time
|
|
30
|
+
attr_accessor :rtime
|
|
31
|
+
# @!attribute nonce
|
|
32
|
+
# @return [Fixnum] random number
|
|
33
|
+
attr_accessor :nonce
|
|
34
|
+
# @!attribute etype
|
|
35
|
+
# @return [Array<Fixnum>] The desired encryption algorithm to be used in the response
|
|
36
|
+
attr_accessor :etype
|
|
37
|
+
# @!attribute enc_auth_data
|
|
38
|
+
# @return [Rex::Proto::Kerberos::Model::EncryptedData] An encoding of the desired authorization-data encrypted
|
|
39
|
+
attr_accessor :enc_auth_data
|
|
40
|
+
|
|
41
|
+
# Decodes the Rex::Proto::Kerberos::Model::KdcRequestBody attributes from input
|
|
42
|
+
#
|
|
43
|
+
# @param input [String, OpenSSL::ASN1::Sequence] the input to decode from
|
|
44
|
+
# @return [self] if decoding succeeds
|
|
45
|
+
# @raise [RuntimeError] if decoding doesn't succeed
|
|
46
|
+
def decode(input)
|
|
47
|
+
case input
|
|
48
|
+
when String
|
|
49
|
+
decode_string(input)
|
|
50
|
+
when OpenSSL::ASN1::Sequence
|
|
51
|
+
decode_asn1(input)
|
|
52
|
+
else
|
|
53
|
+
raise ::RuntimeError, 'Failed to decode KdcRequestBody, invalid input'
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
self
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
# Encodes the Rex::Proto::Kerberos::Model::KdcRequestBody into an ASN.1 String
|
|
60
|
+
#
|
|
61
|
+
# @return [String]
|
|
62
|
+
def encode
|
|
63
|
+
elems = []
|
|
64
|
+
|
|
65
|
+
elems << OpenSSL::ASN1::ASN1Data.new([encode_options], 0, :CONTEXT_SPECIFIC) if options
|
|
66
|
+
elems << OpenSSL::ASN1::ASN1Data.new([encode_cname], 1, :CONTEXT_SPECIFIC) if cname
|
|
67
|
+
elems << OpenSSL::ASN1::ASN1Data.new([encode_realm], 2, :CONTEXT_SPECIFIC) if realm
|
|
68
|
+
elems << OpenSSL::ASN1::ASN1Data.new([encode_sname], 3, :CONTEXT_SPECIFIC) if sname
|
|
69
|
+
elems << OpenSSL::ASN1::ASN1Data.new([encode_from], 4, :CONTEXT_SPECIFIC) if from
|
|
70
|
+
elems << OpenSSL::ASN1::ASN1Data.new([encode_till], 5, :CONTEXT_SPECIFIC) if till
|
|
71
|
+
elems << OpenSSL::ASN1::ASN1Data.new([encode_rtime], 6, :CONTEXT_SPECIFIC) if rtime
|
|
72
|
+
elems << OpenSSL::ASN1::ASN1Data.new([encode_nonce], 7, :CONTEXT_SPECIFIC) if nonce
|
|
73
|
+
elems << OpenSSL::ASN1::ASN1Data.new([encode_etype], 8, :CONTEXT_SPECIFIC) if etype
|
|
74
|
+
elems << OpenSSL::ASN1::ASN1Data.new([encode_enc_auth_data], 10, :CONTEXT_SPECIFIC) if enc_auth_data
|
|
75
|
+
|
|
76
|
+
seq = OpenSSL::ASN1::Sequence.new(elems)
|
|
77
|
+
|
|
78
|
+
seq.to_der
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
# Makes a checksum from the Rex::Proto::Kerberos::Model::KdcRequestBody
|
|
82
|
+
#
|
|
83
|
+
# @param etype [Fixnum] the crypto schema to checksum
|
|
84
|
+
# @return [String] the checksum
|
|
85
|
+
# @raise [NotImplementedError] if the encryption schema isn't supported
|
|
86
|
+
def checksum(etype)
|
|
87
|
+
data = self.encode
|
|
88
|
+
|
|
89
|
+
res = ''
|
|
90
|
+
case etype
|
|
91
|
+
when RSA_MD5
|
|
92
|
+
res = checksum_rsa_md5(data)
|
|
93
|
+
else
|
|
94
|
+
raise ::NotImplementedError, 'EncryptedData schema is not supported'
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
res
|
|
98
|
+
end
|
|
99
|
+
|
|
100
|
+
private
|
|
101
|
+
|
|
102
|
+
# Encodes the options
|
|
103
|
+
#
|
|
104
|
+
# @return [OpenSSL::ASN1::BitString]
|
|
105
|
+
def encode_options
|
|
106
|
+
OpenSSL::ASN1::BitString.new([options].pack('N'))
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
# Encodes the cname
|
|
110
|
+
#
|
|
111
|
+
# @return [String]
|
|
112
|
+
def encode_cname
|
|
113
|
+
cname.encode
|
|
114
|
+
end
|
|
115
|
+
|
|
116
|
+
# Encodes the realm
|
|
117
|
+
#
|
|
118
|
+
# @return [OpenSSL::ASN1::GeneralString]
|
|
119
|
+
def encode_realm
|
|
120
|
+
OpenSSL::ASN1::GeneralString.new(realm)
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
# Encodes the sname
|
|
124
|
+
#
|
|
125
|
+
# @return [String]
|
|
126
|
+
def encode_sname
|
|
127
|
+
sname.encode
|
|
128
|
+
end
|
|
129
|
+
|
|
130
|
+
# Encodes the from
|
|
131
|
+
#
|
|
132
|
+
# @return [OpenSSL::ASN1::GeneralizedTime]
|
|
133
|
+
def encode_from
|
|
134
|
+
OpenSSL::ASN1::GeneralizedTime.new(from)
|
|
135
|
+
end
|
|
136
|
+
|
|
137
|
+
# Encodes the till
|
|
138
|
+
#
|
|
139
|
+
# @return [OpenSSL::ASN1::GeneralizedTime]
|
|
140
|
+
def encode_till
|
|
141
|
+
OpenSSL::ASN1::GeneralizedTime.new(till)
|
|
142
|
+
end
|
|
143
|
+
|
|
144
|
+
# Encodes the rtime
|
|
145
|
+
#
|
|
146
|
+
# @return [OpenSSL::ASN1::GeneralizedTime]
|
|
147
|
+
def encode_rtime
|
|
148
|
+
OpenSSL::ASN1::GeneralizedTime.new(rtime)
|
|
149
|
+
end
|
|
150
|
+
|
|
151
|
+
# Encodes the nonce
|
|
152
|
+
#
|
|
153
|
+
# @return [OpenSSL::ASN1::Integer]
|
|
154
|
+
def encode_nonce
|
|
155
|
+
bn = OpenSSL::BN.new(nonce.to_s)
|
|
156
|
+
int = OpenSSL::ASN1::Integer.new(bn)
|
|
157
|
+
|
|
158
|
+
int
|
|
159
|
+
end
|
|
160
|
+
|
|
161
|
+
# Encodes the etype
|
|
162
|
+
#
|
|
163
|
+
# @return [OpenSSL::ASN1::Sequence]
|
|
164
|
+
def encode_etype
|
|
165
|
+
encoded_types = []
|
|
166
|
+
etype.each do |member|
|
|
167
|
+
bn = OpenSSL::BN.new(member.to_s)
|
|
168
|
+
int = OpenSSL::ASN1::Integer.new(bn)
|
|
169
|
+
encoded_types << int
|
|
170
|
+
end
|
|
171
|
+
|
|
172
|
+
OpenSSL::ASN1::Sequence.new(encoded_types)
|
|
173
|
+
end
|
|
174
|
+
|
|
175
|
+
# Encodes the enc_auth_data
|
|
176
|
+
#
|
|
177
|
+
# @return [String]
|
|
178
|
+
def encode_enc_auth_data
|
|
179
|
+
enc_auth_data.encode
|
|
180
|
+
end
|
|
181
|
+
|
|
182
|
+
# Decodes a Rex::Proto::Kerberos::Model::KdcRequestBody from an String
|
|
183
|
+
#
|
|
184
|
+
# @param input [String] the input to decode from
|
|
185
|
+
# @raise [RuntimeError] if decoding doesn't succeed
|
|
186
|
+
def decode_string(input)
|
|
187
|
+
asn1 = OpenSSL::ASN1.decode(input)
|
|
188
|
+
|
|
189
|
+
decode_asn1(asn1)
|
|
190
|
+
end
|
|
191
|
+
|
|
192
|
+
# Decodes a Rex::Proto::Kerberos::Model::KdcRequestBody from an
|
|
193
|
+
# OpenSSL::ASN1::Sequence
|
|
194
|
+
#
|
|
195
|
+
# @param input [OpenSSL::ASN1::Sequence] the input to decode from
|
|
196
|
+
# @raise [RuntimeError] if decoding doesn't succeed
|
|
197
|
+
def decode_asn1(input)
|
|
198
|
+
seq_values = input.value
|
|
199
|
+
|
|
200
|
+
seq_values.each do |val|
|
|
201
|
+
case val.tag
|
|
202
|
+
when 0
|
|
203
|
+
self.options = decode_options(val)
|
|
204
|
+
when 1
|
|
205
|
+
self.cname = decode_cname(val)
|
|
206
|
+
when 2
|
|
207
|
+
self.realm = decode_realm(val)
|
|
208
|
+
when 3
|
|
209
|
+
self.sname = decode_sname(val)
|
|
210
|
+
when 4
|
|
211
|
+
self.from = decode_from(val)
|
|
212
|
+
when 5
|
|
213
|
+
self.till = decode_till(val)
|
|
214
|
+
when 6
|
|
215
|
+
self.rtime = decode_rtime(val)
|
|
216
|
+
when 7
|
|
217
|
+
self.nonce = decode_nonce(val)
|
|
218
|
+
when 8
|
|
219
|
+
self.etype = decode_etype(val)
|
|
220
|
+
when 10
|
|
221
|
+
self.enc_auth_data = decode_enc_auth_data(val)
|
|
222
|
+
else
|
|
223
|
+
raise ::RuntimeError, 'Failed to decode KdcRequestBody SEQUENCE'
|
|
224
|
+
end
|
|
225
|
+
end
|
|
226
|
+
end
|
|
227
|
+
|
|
228
|
+
# Decodes the options field
|
|
229
|
+
#
|
|
230
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
231
|
+
# @return [Fixnum]
|
|
232
|
+
def decode_options(input)
|
|
233
|
+
input.value[0].value.unpack('N')[0]
|
|
234
|
+
end
|
|
235
|
+
|
|
236
|
+
# Decodes the cname field
|
|
237
|
+
#
|
|
238
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
239
|
+
# @return [Rex::Proto::Kerberos::Model::PrincipalName]
|
|
240
|
+
def decode_cname(input)
|
|
241
|
+
Rex::Proto::Kerberos::Model::PrincipalName.decode(input.value[0])
|
|
242
|
+
end
|
|
243
|
+
|
|
244
|
+
# Decodes the realm field
|
|
245
|
+
#
|
|
246
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
247
|
+
# @return [String]
|
|
248
|
+
def decode_realm(input)
|
|
249
|
+
input.value[0].value
|
|
250
|
+
end
|
|
251
|
+
|
|
252
|
+
# Decodes the sname field
|
|
253
|
+
#
|
|
254
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
255
|
+
# @return [Rex::Proto::Kerberos::Model::PrincipalName]
|
|
256
|
+
def decode_sname(input)
|
|
257
|
+
Rex::Proto::Kerberos::Model::PrincipalName.decode(input.value[0])
|
|
258
|
+
end
|
|
259
|
+
|
|
260
|
+
# Decodes the from field
|
|
261
|
+
#
|
|
262
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
263
|
+
# @return [Time]
|
|
264
|
+
def decode_from(input)
|
|
265
|
+
input.value[0].value
|
|
266
|
+
end
|
|
267
|
+
|
|
268
|
+
# Decodes the till field
|
|
269
|
+
#
|
|
270
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
271
|
+
# @return [Time]
|
|
272
|
+
def decode_till(input)
|
|
273
|
+
input.value[0].value
|
|
274
|
+
end
|
|
275
|
+
|
|
276
|
+
# Decodes the rtime field
|
|
277
|
+
#
|
|
278
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
279
|
+
# @return [Time]
|
|
280
|
+
def decode_rtime(input)
|
|
281
|
+
input.value[0].value
|
|
282
|
+
end
|
|
283
|
+
|
|
284
|
+
# Decodes the nonce field
|
|
285
|
+
#
|
|
286
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
287
|
+
# @return [Fixnum]
|
|
288
|
+
def decode_nonce(input)
|
|
289
|
+
input.value[0].value.to_i
|
|
290
|
+
end
|
|
291
|
+
|
|
292
|
+
# Decodes the etype field
|
|
293
|
+
#
|
|
294
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
295
|
+
# @return [Array<Fixnum>]
|
|
296
|
+
def decode_etype(input)
|
|
297
|
+
encs = []
|
|
298
|
+
input.value[0].value.each do |enc|
|
|
299
|
+
encs << enc.value.to_i
|
|
300
|
+
end
|
|
301
|
+
encs
|
|
302
|
+
end
|
|
303
|
+
|
|
304
|
+
# Decodes the enc_auth_data field
|
|
305
|
+
#
|
|
306
|
+
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
|
|
307
|
+
# @return [Rex::Proto::Kerberos::Model::EncryptedData]
|
|
308
|
+
def decode_enc_auth_data(input)
|
|
309
|
+
Rex::Proto::Kerberos::Model::EncryptedData.decode(input.value[0])
|
|
310
|
+
end
|
|
311
|
+
end
|
|
312
|
+
end
|
|
313
|
+
end
|
|
314
|
+
end
|
|
315
|
+
end
|