Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
# -*- coding: binary -*-
2

3
require 'bindata'
4

5
# Models for or Krb5 keytab
6
module Rex::Proto::Kerberos::Keytab
7
  class Krb5KeytabCountedOctetString < BinData::Primitive
8
    endian :big
9
    search_prefix :krb5_keytab
10

11
    # @!attribute [rw] len
12
    #   @return [Integer]
13
    uint16 :len, value: -> { data.length }
14

15
    # @!attribute [rw] data
16
    #   @return [String]
17
    string :data, read_length: :len
18

19
    def get
20
      data.snapshot
21
    end
22

23
    def set(v)
24
      self.data = v
25
    end
26
  end
27

28
  class Krb5KeytabKeyblock < BinData::Record
29
    endian :big
30
    search_prefix :krb5_keytab
31

32
    # @!attribute [rw] enctype
33
    #   @return [Integer] The encryption type
34
    # @see Rex::Proto::Kerberos::Crypto::Encryption
35
    uint16 :enctype
36

37
    # @return [KeytabCountedOctetString]
38
    counted_octet_string :data
39
  end
40

41
  class Krb5KeytabEpoch < BinData::Primitive
42
    endian :big
43
    search_prefix :krb5_keytab
44

45
    # @!attribute [rw] epoch
46
    #   @return [Integer]
47
    uint32 :epoch
48

49
    def get
50
      Time.at(epoch)
51
    end
52

53
    def set(v)
54
      self.epoch = v.to_i
55
    end
56
  end
57

58
  class Krb5KeytabEntry < BinData::Record
59
    endian :big
60
    search_prefix :krb5_keytab
61

62
    # @return [Integer] The number of bytes for the len field
63
    LEN_FIELD_BYTE_SIZE = 4
64

65
    # @!attribute [rw] len
66
    #   @return [Integer] The number of remaining bytes for this record. The length does not include the 4 bytes for this field
67
    int32 :len,
68
          value: -> {
69
            size = [
70
              count_of_components,
71
              realm,
72
              components,
73
              name_type,
74
              timestamp,
75
              vno8,
76
              keyblock,
77
              vno,
78
              flags
79
            ].sum { |field| field.to_binary_s.bytes.count }
80

81
            size
82
         }
83

84
    # @!attribute [rw] count_of_components
85
    #   @return [Integer]
86
    uint16 :count_of_components, value: -> { components.length }
87

88
    # @!attribute [rw] realm#
89
    #   @return [CountedOctetString]
90
    counted_octet_string :realm
91

92
    # @!attribute [rw] components
93
    #   @return [Array<CountedOctetString>] The components in the principal name, which can be joined by slashes
94
    #     to represent the SPN
95
    array :components, initial_length: :count_of_components, type: :counted_octet_string
96

97
    # @!attribute [rw] name_type
98
    #   @return [Integer]
99
    # @see Rex::Proto::Kerberos::Model::NameType
100
    uint32 :name_type
101

102
    # @!attribute [rw] timestamp
103
    #   @return [Integer] The time the key entry was created; Can be 0 for keytabs generated by ktpass
104
    epoch :timestamp
105

106
    # @!attribute [rw] vno8
107
    #   @return [Integer] The lower 8 bits of the version number of the key
108
    uint8 :vno8
109

110
    # @!attribute [rw] keyblock
111
    #   @return [KeytabKeyBlock]
112
    keyblock :keyblock
113

114
    # @!attribute [rw] vno
115
    #   @return [Integer]
116
    uint32 :vno,
117
           initial_value: -> { vno8.to_i },
118
           # only present if >= 4 bytes left in entry
119
           onlyif: -> { ((len + LEN_FIELD_BYTE_SIZE) - vno.rel_offset) >= 4 }
120

121
    # @!attribute [rw] flags
122
    #   @return [Integer]
123
    uint32 :flags,
124
           # only present if >= 4 bytes left in entry
125
           onlyif: -> { ((len + LEN_FIELD_BYTE_SIZE) - flags.rel_offset) >= 4 }
126

127
    # @return [String] The principal associated with this key tab entry
128
    def principal
129
      "#{components.to_a.join('/')}@#{realm}"
130
    end
131
  end
132

133
  # Definition from:
134
  # https://web.mit.edu/kerberos/krb5-devel/doc/basic/keytab_def.html
135
  # http://www.ioplex.com/utilities/keytab.txt
136
  # http://web.mit.edu/freebsd/head/crypto/heimdal/doc/doxyout/krb5/html/krb5_fileformats.html
137
  #
138
  class Krb5Keytab < BinData::Record
139
    endian :big
140
    search_prefix :krb5_keytab
141

142
    # Older keytab version 0x501 not currently supported
143
    # @!attribute [r] file_format_version
144
    #   @return [Integer]
145
    uint16 :file_format_version, asserted_value: 0x502
146

147
    # @!attribute [rw] key_entries
148
    #   @return [Array<KeytabEntry>] the keytab entries
149
    array :key_entries, type: :entry, read_until: :eof
150
  end
151
end
152

153