CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/lib/rex/proto/kerberos/model/krb_cred.rb
Views: 11766
1
# -*- coding: binary -*-

2


3
module Rex

4
  module Proto

5
    module Kerberos

6
      module Model

7
        # This class provides a representation of a Kerberos KRB-CRED

8
        # message definition.

9
        class KrbCred < Element

10
          # @!attribute pvno

11
          #   @return [Integer] The protocol version number

12
          attr_accessor :pvno

13
          # @!attribute msg_type

14
          #   @return [Integer] The type of a protocol message

15
          attr_accessor :msg_type

16
          # @!attribute tickets

17
          #   @return [Array<Rex::Proto::Kerberos::Model::Ticket>] Tickets encapsulated in this message

18
          attr_accessor :tickets

19
          # @!attribute enc_part

20
          #   @return [Rex::Proto::Kerberos::Model::EncryptedData] Encrypted KRB-CRED blob

21
          attr_accessor :enc_part

22


23
          def ==(other)

24
            pvno == other.pvno &&

25
              msg_type == other.msg_type &&

26
              tickets == other.tickets &&

27
              enc_part == other.enc_part

28
          end

29


30
          # Decodes the Rex::Proto::Kerberos::Model::KrbCred from an input

31
          #

32
          # @param input [String, OpenSSL::ASN1::ASN1Data] the input to decode from

33
          # @return [self] if decoding succeeds

34
          # @raise [Rex::Proto::Kerberos::Model::Error::KerberosDecodingError] if decoding doesn't succeed

35
          def decode(input)

36
            case input

37
            when String

38
              decode_string(input)

39
            when OpenSSL::ASN1::Sequence

40
              decode_asn1(input)

41
            else

42
              raise ::Rex::Proto::Kerberos::Model::Error::KerberosDecodingError, 'Failed to decode KrbCred, invalid input'

43
            end

44


45
            self

46
          end

47


48
          # Rex::Proto::Kerberos::Model::KrbCred encoding isn't supported

49
          #

50
          # @raise [NotImplementedError]

51
          def encode

52
            elems = []

53
            elems << OpenSSL::ASN1::ASN1Data.new([encode_pvno], 0, :CONTEXT_SPECIFIC)

54
            elems << OpenSSL::ASN1::ASN1Data.new([encode_msg_type], 1, :CONTEXT_SPECIFIC)

55
            elems << OpenSSL::ASN1::ASN1Data.new([encode_tickets], 2, :CONTEXT_SPECIFIC)

56
            elems << OpenSSL::ASN1::ASN1Data.new([encode_enc_part], 3, :CONTEXT_SPECIFIC)

57


58
            seq = OpenSSL::ASN1::Sequence.new(elems)

59
            seq_asn1 = OpenSSL::ASN1::ASN1Data.new([seq], KRB_CRED, :APPLICATION)

60


61
            seq_asn1.to_der

62
          end

63


64
          # Loads a KrbCred from a kirbi file

65
          # @param [String] file_path the path to load the file from

66
          # @return [Rex::Proto::Kerberos::Model::KrbCred]

67
          def self.load_credential_from_file(file_path)

68
            unless File.readable?(file_path.to_s)

69
              raise ::ArgumentError, "Failed to load kirbi file '#{file_path}'"

70
            end

71


72
            decode(File.binread(file_path))

73
          end

74


75
          # Saves a KrbCred to a kirbi file

76
          # @param [String] file_path the path to save the file to

77
          # @return [Integer] The length written

78
          def save_credential_to_file(file_path)

79
            File.binwrite(file_path, encode)

80
          end

81


82
          private

83


84
          # Encodes the pvno

85
          #

86
          # @raise [Rex::Proto::Kerberos::Model::Error::KerberosDecodingError]

87
          def encode_pvno

88
            bn = OpenSSL::BN.new(pvno.to_s)

89
            int = OpenSSL::ASN1::Integer.new(bn)

90


91
            int

92
          rescue OpenSSL::ASN1::ASN1Error

93
            raise Rex::Proto::Kerberos::Model::Error::KerberosDecodingError

94
          end

95


96
          # Encodes the msg_type field

97
          #

98
          # @return [OpenSSL::ASN1::Integer]

99
          def encode_msg_type

100
            bn = OpenSSL::BN.new(msg_type.to_s)

101
            int = OpenSSL::ASN1::Integer.new(bn)

102


103
            int

104
          end

105


106
          # Encodes the ticket field

107
          #

108
          # @return [OpenSSL::ASN1::Sequence]

109
          def encode_tickets

110
            encoded = tickets.map(&:encode)

111
            seq = OpenSSL::ASN1::Sequence.new(encoded)

112
          end

113


114
          # Encodes the enc_part field

115
          #

116
          # @return [String]

117
          def encode_enc_part

118
            encoded = enc_part.encode

119
          end

120


121
          # Decodes a Rex::Proto::Kerberos::Model::KrbCred

122
          #

123
          # @param input [String] the input to decode from

124
          def decode_string(input)

125
            asn1 = OpenSSL::ASN1.decode(input)

126


127
            decode_asn1(asn1)

128
          end

129


130
          # Decodes a Rex::Proto::Kerberos::Model::KrbCred from an

131
          # OpenSSL::ASN1Data

132
          #

133
          # @param input [OpenSSL::ASN1Data] the input to decode from

134
          def decode_asn1(input)

135
            input.value[0].value.each do |val|

136
              case val.tag

137
              when 0

138
                self.pvno = decode_pvno(val)

139
              when 1

140
                self.msg_type = decode_msg_type(val)

141
              when 2

142
                self.tickets = decode_tickets(val)

143
              when 3

144
                self.enc_part = decode_enc_part(val)

145
              else

146
                raise ::Rex::Proto::Kerberos::Model::Error::KerberosDecodingError, "Failed to decode KrbCred (#{val.tag})"

147
              end

148
            end

149
          end

150


151
          # Decodes the pvno from an OpenSSL::ASN1::ASN1Data

152
          #

153
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from

154
          # @return [Integer]

155
          def decode_pvno(input)

156
            input.value[0].value.to_i

157
          end

158


159
          # Decodes the msg_type from an OpenSSL::ASN1::ASN1Data

160
          #

161
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from

162
          # @return [Integer]

163
          def decode_msg_type(input)

164
            input.value[0].value.to_i

165
          end

166


167
          # Decodes the tickets from an OpenSSL::ASN1::Sequence

168
          #

169
          # @param input [OpenSSL::ASN1::Sequence] the input to decode from

170
          # @return [Array<Rex::Proto::Kerberos::Model::Tickets>]

171
          def decode_tickets(input)

172
            tickets = []

173
            input.value[0].value.each do |val|

174
              tickets << Rex::Proto::Kerberos::Model::Ticket.decode(val)

175
            end

176
            tickets

177
          end

178


179
          # Decodes the enc_part

180
          #

181
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from

182
          # @return [Rex::Proto::Kerberos::Model::EncryptedData]

183
          def decode_enc_part(input)

184
            Rex::Proto::Kerberos::Model::EncryptedData.decode(input.value[0])

185
          end

186
        end

187
      end

188
    end

189
  end

190
end

191


192