Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
rapid7
GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/lib/rex/proto/kerberos/model.rb
58151 views
1
 # -*- coding: binary -*-

2


3
module Rex

4
  module Proto

5
    module Kerberos

6
      module Model

7
        VERSION = 5

8


9
        # Application Message Id's

10


11
        AS_REQ = 10

12
        AS_REP = 11

13
        TGS_REQ = 12

14
        TGS_REP = 13

15
        KRB_ERROR = 30

16
        TICKET = 1

17
        AUTHENTICATOR = 2

18
        AP_REQ = 14

19
        AP_REP = 15

20
        KRB_CRED = 22

21
        ENC_AP_REP_PART = 27

22
        ENC_KRB_CRED_PART = 29

23


24
        module OID

25
          DiffieHellman = '1.2.840.10046.2.1'

26
          SHA1 = '1.3.14.3.2.26'

27
          SHA256 = '2.16.840.1.101.3.4.2.1'

28
          ContentType = '1.2.840.113549.1.9.3'

29
          MessageDigest = '1.2.840.113549.1.9.4'

30
          SHA512 = '2.16.840.1.101.3.4.2.3'

31
          RSAWithSHA1 = '1.2.840.113549.1.1.5'

32
          RSAWithSHA256 = '1.2.840.113549.1.1.11'

33
          RSAWithSHA512 = '1.2.840.113549.1.1.13'

34
          PkinitAuthData = '1.3.6.1.5.2.3.1'

35
          SignedData = '1.2.840.113549.1.7.2'

36
        end

37


38
        # From Principal

39
        # https://datatracker.ietf.org/doc/html/rfc4120#section-6.2

40


41
        module NameType

42
          # Name type not known

43
          NT_UNKNOWN = 0

44
          # The name of the principal

45
          NT_PRINCIPAL = 1

46
          # Service and other unique instances

47
          NT_SRV_INST = 2

48
          # Service with host name and instance

49
          NT_SRV_HST = 3

50
          # Service with host as remaining component

51
          NT_SRV_XHST = 4

52
          # Unique ID

53
          NT_UID = 5

54


55
          NT_ENTERPRISE = 10

56
        end

57


58
        module PaS4uX509UserOptions

59
          CHECK_LOGON_RESTRICTIONS = 0x40000000

60
          SIGN_REPLY = 0x20000000

61
          NT_AUTH_POLICY_NOT_REQUIRED = 0x10000000

62
          UNCONDITIONAL_DELEGATION = 0x08000000

63
        end

64


65
        # See:

66
        # * https://www.iana.org/assignments/kerberos-parameters/kerberos-parameters.xhtml#pre-authentication

67
        # * https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-kile/ae60c948-fda8-45c2-b1d1-a71b484dd1f7

68


69
        module PreAuthType

70
          PA_TGS_REQ = 1

71
          PA_ENC_TIMESTAMP = 2

72
          PA_PW_SALT = 3

73
          PA_ETYPE_INFO = 11

74
          PA_PK_AS_REQ = 16

75
          PA_PK_AS_REP = 17

76
          PA_ETYPE_INFO2 = 19

77
          PA_PAC_REQUEST = 128

78
          PA_FOR_USER = 129

79
          PA_S4U_X509_USER = 130

80
          KEY_LIST_REP = 162

81
          PA_SUPPORTED_ETYPES = 165

82
          PA_PAC_OPTIONS = 167

83
          KERB_SUPERSEDED_BY_USER = 170

84
          DMSA_KEY_PACKAGE = 171

85
        end

86


87
        module AuthorizationDataType

88
          AD_IF_RELEVANT = 1

89
          KDC_ISSUED = 4

90
          AND_OR = 5

91
          MANDATORY_FOR_KDC = 8

92
          INITIAL_VERIFIED_CAS = 9

93
          OSF_DCE = 64

94
          SESAME = 65

95
        end

96
      end

97
    end

98
  end

99
end

100


101


102