# Comparing python-minikerberos version 0.2.0-0kali1~jan+unchanged3 (unchanged) & python-minikerberos version 0.2.14-0kali1~jan+nur71 (fresh-releases) ## python3-minikerberos_0.2.14-0kali1_all.deb ### file list @@ -1,3 +1,3 @@ -rw-r--r-- 0 0 0 4 2020-07-26 12:56:38.000000 debian-binary --rw-r--r-- 0 0 0 2560 2020-07-26 12:56:38.000000 control.tar.xz --rw-r--r-- 0 0 0 62528 2020-07-26 12:56:38.000000 data.tar.xz +-rw-r--r-- 0 0 0 2804 2020-07-26 12:56:38.000000 control.tar.xz +-rw-r--r-- 0 0 0 79600 2020-07-26 12:56:38.000000 data.tar.xz ### control.tar.xz #### control.tar ##### file list @@ -1,5 +1,5 @@ drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./ --rw-r--r-- 0 root (0) root (0) 497 2020-07-26 12:56:38.000000 ./control --rw-r--r-- 0 root (0) root (0) 6106 2020-07-26 12:56:38.000000 ./md5sums +-rw-r--r-- 0 root (0) root (0) 493 2020-07-26 12:56:38.000000 ./control +-rw-r--r-- 0 root (0) root (0) 7105 2020-07-26 12:56:38.000000 ./md5sums -rwxr-xr-x 0 root (0) root (0) 265 2020-07-26 12:56:38.000000 ./postinst -rwxr-xr-x 0 root (0) root (0) 414 2020-07-26 12:56:38.000000 ./prerm ##### ./control @@ -1,13 +1,13 @@ Package: python3-minikerberos Source: python-minikerberos -Version: 0.2.14-0kali1 +Version: 0.2.14-0kali1 Architecture: all Maintainer: Kali Developers -Installed-Size: 366 +Installed-Size: 450 Depends: python3-asn1crypto, python3-asysocks, python3:any Section: python Priority: optional Homepage: https://github.com/skelsec/minikerberos Description: Kerberos manipulation library in pure Python (Python 3) This package contains Kerberos manipulation library. . ##### ./md5sums ###### line order @@ -45,22 +49,28 @@ usr/lib/python3/dist-packages/minikerberos/examples/ccache_editor.py usr/lib/python3/dist-packages/minikerberos/examples/ccacheroast.py usr/lib/python3/dist-packages/minikerberos/examples/getS4U2proxy.py usr/lib/python3/dist-packages/minikerberos/examples/getTGS.py usr/lib/python3/dist-packages/minikerberos/examples/getTGT.py usr/lib/python3/dist-packages/minikerberos/examples/kirbi2ccache.py usr/lib/python3/dist-packages/minikerberos/gssapi/__init__.py +usr/lib/python3/dist-packages/minikerberos/gssapi/channelbindings.py usr/lib/python3/dist-packages/minikerberos/gssapi/gssapi.py usr/lib/python3/dist-packages/minikerberos/network/__init__.py usr/lib/python3/dist-packages/minikerberos/network/aioclientsocket.py usr/lib/python3/dist-packages/minikerberos/network/aioclientsockssocket.py +usr/lib/python3/dist-packages/minikerberos/network/aioclientwsnetsocket.py usr/lib/python3/dist-packages/minikerberos/network/clientsocket.py usr/lib/python3/dist-packages/minikerberos/network/selector.py +usr/lib/python3/dist-packages/minikerberos/pkinit.py usr/lib/python3/dist-packages/minikerberos/protocol/__init__.py usr/lib/python3/dist-packages/minikerberos/protocol/asn1_structs.py usr/lib/python3/dist-packages/minikerberos/protocol/constants.py usr/lib/python3/dist-packages/minikerberos/protocol/encryption.py usr/lib/python3/dist-packages/minikerberos/protocol/errors.py +usr/lib/python3/dist-packages/minikerberos/protocol/mskile.py +usr/lib/python3/dist-packages/minikerberos/protocol/rfc4556.py +usr/lib/python3/dist-packages/minikerberos/protocol/rfc_iakerb.py usr/lib/python3/dist-packages/minikerberos/protocol/structures.py usr/lib/python3/dist-packages/minikerberos/security.py usr/share/doc/python3-minikerberos/changelog.Debian.gz usr/share/doc/python3-minikerberos/copyright ### data.tar.xz #### data.tar ##### file list @@ -1,87 +1,98 @@ drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./ drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/ drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/bin/ --rwxr-xr-x 0 root (0) root (0) 983 2020-07-26 12:56:38.000000 ./usr/bin/ccache2kirbi --rwxr-xr-x 0 root (0) root (0) 979 2020-07-26 12:56:38.000000 ./usr/bin/ccacheedit --rwxr-xr-x 0 root (0) root (0) 981 2020-07-26 12:56:38.000000 ./usr/bin/ccacheroast --rwxr-xr-x 0 root (0) root (0) 983 2020-07-26 12:56:38.000000 ./usr/bin/getS4U2proxy --rwxr-xr-x 0 root (0) root (0) 971 2020-07-26 12:56:38.000000 ./usr/bin/getTGS --rwxr-xr-x 0 root (0) root (0) 971 2020-07-26 12:56:38.000000 ./usr/bin/getTGT --rwxr-xr-x 0 root (0) root (0) 983 2020-07-26 12:56:38.000000 ./usr/bin/kirbi2ccache +-rwxr-xr-x 0 root (0) root (0) 986 2020-07-26 12:56:38.000000 ./usr/bin/ccache2kirbi +-rwxr-xr-x 0 root (0) root (0) 982 2020-07-26 12:56:38.000000 ./usr/bin/ccacheedit +-rwxr-xr-x 0 root (0) root (0) 984 2020-07-26 12:56:38.000000 ./usr/bin/ccacheroast +-rwxr-xr-x 0 root (0) root (0) 986 2020-07-26 12:56:38.000000 ./usr/bin/getS4U2proxy +-rwxr-xr-x 0 root (0) root (0) 974 2020-07-26 12:56:38.000000 ./usr/bin/getTGS +-rwxr-xr-x 0 root (0) root (0) 974 2020-07-26 12:56:38.000000 ./usr/bin/getTGT +-rwxr-xr-x 0 root (0) root (0) 986 2020-07-26 12:56:38.000000 ./usr/bin/kirbi2ccache drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/ drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/ drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/ drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/ --rw-r--r-- 0 root (0) root (0) 271 2020-02-29 19:49:27.000000 ./usr/lib/python3/dist-packages/minikerberos/__init__.py --rw-r--r-- 0 root (0) root (0) 135 2020-02-29 19:49:31.000000 ./usr/lib/python3/dist-packages/minikerberos/_version.py --rw-r--r-- 0 root (0) root (0) 22395 2020-03-01 19:33:17.000000 ./usr/lib/python3/dist-packages/minikerberos/aioclient.py --rw-r--r-- 0 root (0) root (0) 23170 2020-02-29 19:49:45.000000 ./usr/lib/python3/dist-packages/minikerberos/client.py +-rw-r--r-- 0 root (0) root (0) 271 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/__init__.py +-rw-r--r-- 0 root (0) root (0) 136 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/_version.py +-rw-r--r-- 0 root (0) root (0) 25876 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/aioclient.py +-rw-r--r-- 0 root (0) root (0) 23141 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/client.py drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/common/ --rw-r--r-- 0 root (0) root (0) 0 2020-02-29 01:05:25.000000 ./usr/lib/python3/dist-packages/minikerberos/common/__init__.py --rw-r--r-- 0 root (0) root (0) 22443 2020-02-29 19:15:06.000000 ./usr/lib/python3/dist-packages/minikerberos/common/ccache.py --rw-r--r-- 0 root (0) root (0) 413 2020-02-29 18:17:52.000000 ./usr/lib/python3/dist-packages/minikerberos/common/constants.py --rw-r--r-- 0 root (0) root (0) 7606 2020-02-29 19:45:19.000000 ./usr/lib/python3/dist-packages/minikerberos/common/creds.py --rw-r--r-- 0 root (0) root (0) 6934 2020-02-29 14:06:34.000000 ./usr/lib/python3/dist-packages/minikerberos/common/keytab.py --rw-r--r-- 0 root (0) root (0) 264 2020-02-29 23:52:07.000000 ./usr/lib/python3/dist-packages/minikerberos/common/proxy.py --rw-r--r-- 0 root (0) root (0) 1161 2020-02-29 19:45:54.000000 ./usr/lib/python3/dist-packages/minikerberos/common/spn.py --rw-r--r-- 0 root (0) root (0) 487 2020-02-29 22:41:31.000000 ./usr/lib/python3/dist-packages/minikerberos/common/target.py --rw-r--r-- 0 root (0) root (0) 6934 2020-03-01 17:45:38.000000 ./usr/lib/python3/dist-packages/minikerberos/common/url.py --rw-r--r-- 0 root (0) root (0) 1928 2020-02-29 19:46:20.000000 ./usr/lib/python3/dist-packages/minikerberos/common/utils.py +-rw-r--r-- 0 root (0) root (0) 0 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/common/__init__.py +-rw-r--r-- 0 root (0) root (0) 24010 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/common/ccache.py +-rw-r--r-- 0 root (0) root (0) 430 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/common/constants.py +-rw-r--r-- 0 root (0) root (0) 8443 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/common/creds.py +-rw-r--r-- 0 root (0) root (0) 6934 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/common/keytab.py +-rw-r--r-- 0 root (0) root (0) 296 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/common/proxy.py +-rw-r--r-- 0 root (0) root (0) 1161 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/common/spn.py +-rw-r--r-- 0 root (0) root (0) 487 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/common/target.py +-rw-r--r-- 0 root (0) root (0) 7246 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/common/url.py +-rw-r--r-- 0 root (0) root (0) 4070 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/common/utils.py +drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/common/windows/ +-rw-r--r-- 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/common/windows/__init__.py +-rw-r--r-- 0 root (0) root (0) 12500 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/common/windows/crypt32.py +-rw-r--r-- 0 root (0) root (0) 23499 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/common/windows/defines.py drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/ drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/AES/ --rw-r--r-- 0 root (0) root (0) 58622 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/AES/AES.py --rw-r--r-- 0 root (0) root (0) 2160 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/AES/__init__.py --rw-r--r-- 0 root (0) root (0) 8190 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/AES/blockfeeder.py --rw-r--r-- 0 root (0) root (0) 2110 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/AES/util.py --rw-r--r-- 0 root (0) root (0) 1080 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/BASE.py +-rw-r--r-- 0 root (0) root (0) 58622 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/AES/AES.py +-rw-r--r-- 0 root (0) root (0) 2160 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/AES/__init__.py +-rw-r--r-- 0 root (0) root (0) 8190 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/AES/blockfeeder.py +-rw-r--r-- 0 root (0) root (0) 2110 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/AES/util.py +-rw-r--r-- 0 root (0) root (0) 1080 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/BASE.py drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/DES/ --rw-r--r-- 0 root (0) root (0) 27485 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/DES/DES.py --rw-r--r-- 0 root (0) root (0) 76 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/DES/__init__.py +-rw-r--r-- 0 root (0) root (0) 27485 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/DES/DES.py +-rw-r--r-- 0 root (0) root (0) 76 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/DES/__init__.py +-rw-r--r-- 0 root (0) root (0) 4699 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/MD4.py drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/PBKDF2/ --rw-r--r-- 0 root (0) root (0) 0 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/PBKDF2/__init__.py --rw-r--r-- 0 root (0) root (0) 1286 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/PBKDF2/pbkdf2.py +-rw-r--r-- 0 root (0) root (0) 0 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/PBKDF2/__init__.py +-rw-r--r-- 0 root (0) root (0) 1286 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/PBKDF2/pbkdf2.py drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/RC4/ --rw-r--r-- 0 root (0) root (0) 2144 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/RC4/RC4.py --rw-r--r-- 0 root (0) root (0) 18 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/RC4/__init__.py --rw-r--r-- 0 root (0) root (0) 1938 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/RC4.py --rw-r--r-- 0 root (0) root (0) 0 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/__init__.py --rw-r--r-- 0 root (0) root (0) 1325 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/hashing.py +-rw-r--r-- 0 root (0) root (0) 2144 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/RC4/RC4.py +-rw-r--r-- 0 root (0) root (0) 18 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/RC4/__init__.py +-rw-r--r-- 0 root (0) root (0) 1938 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/RC4.py +-rw-r--r-- 0 root (0) root (0) 0 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/__init__.py +-rw-r--r-- 0 root (0) root (0) 1388 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/crypto/hashing.py drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/ --rw-r--r-- 0 root (0) root (0) 0 2019-10-10 17:39:31.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/__init__.py --rw-r--r-- 0 root (0) root (0) 1013 2020-02-29 14:03:29.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/__main__.py --rw-r--r-- 0 root (0) root (0) 878 2020-03-01 19:28:32.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/ccache2kirbi.py --rw-r--r-- 0 root (0) root (0) 2580 2020-03-01 19:35:39.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/ccache_editor.py --rw-r--r-- 0 root (0) root (0) 501 2020-03-01 19:28:26.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/ccacheroast.py --rw-r--r-- 0 root (0) root (0) 2447 2020-03-01 19:41:52.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/getS4U2proxy.py --rw-r--r-- 0 root (0) root (0) 2643 2020-03-01 19:42:14.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/getTGS.py --rw-r--r-- 0 root (0) root (0) 1259 2020-03-01 19:34:59.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/getTGT.py --rw-r--r-- 0 root (0) root (0) 1068 2020-03-01 18:53:08.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/kirbi2ccache.py +-rw-r--r-- 0 root (0) root (0) 0 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/__init__.py +-rw-r--r-- 0 root (0) root (0) 1013 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/__main__.py +-rw-r--r-- 0 root (0) root (0) 878 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/ccache2kirbi.py +-rw-r--r-- 0 root (0) root (0) 2545 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/ccache_editor.py +-rw-r--r-- 0 root (0) root (0) 501 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/ccacheroast.py +-rw-r--r-- 0 root (0) root (0) 2447 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/getS4U2proxy.py +-rw-r--r-- 0 root (0) root (0) 2161 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/getTGS.py +-rw-r--r-- 0 root (0) root (0) 1259 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/getTGT.py +-rw-r--r-- 0 root (0) root (0) 1068 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/examples/kirbi2ccache.py drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/gssapi/ --rw-r--r-- 0 root (0) root (0) 0 2020-02-29 16:34:44.000000 ./usr/lib/python3/dist-packages/minikerberos/gssapi/__init__.py --rw-r--r-- 0 root (0) root (0) 12202 2020-02-29 19:46:31.000000 ./usr/lib/python3/dist-packages/minikerberos/gssapi/gssapi.py +-rw-r--r-- 0 root (0) root (0) 0 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/gssapi/__init__.py +-rw-r--r-- 0 root (0) root (0) 2971 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/gssapi/channelbindings.py +-rw-r--r-- 0 root (0) root (0) 12268 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/gssapi/gssapi.py drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/network/ --rw-r--r-- 0 root (0) root (0) 0 2020-02-29 01:02:57.000000 ./usr/lib/python3/dist-packages/minikerberos/network/__init__.py --rw-r--r-- 0 root (0) root (0) 1766 2020-02-29 20:44:02.000000 ./usr/lib/python3/dist-packages/minikerberos/network/aioclientsocket.py --rw-r--r-- 0 root (0) root (0) 1981 2020-03-01 00:22:52.000000 ./usr/lib/python3/dist-packages/minikerberos/network/aioclientsockssocket.py --rw-r--r-- 0 root (0) root (0) 2835 2020-02-29 17:12:05.000000 ./usr/lib/python3/dist-packages/minikerberos/network/clientsocket.py --rw-r--r-- 0 root (0) root (0) 627 2020-02-29 20:34:50.000000 ./usr/lib/python3/dist-packages/minikerberos/network/selector.py +-rw-r--r-- 0 root (0) root (0) 0 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/network/__init__.py +-rw-r--r-- 0 root (0) root (0) 1766 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/network/aioclientsocket.py +-rw-r--r-- 0 root (0) root (0) 1956 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/network/aioclientsockssocket.py +-rw-r--r-- 0 root (0) root (0) 1915 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/network/aioclientwsnetsocket.py +-rw-r--r-- 0 root (0) root (0) 2835 2020-06-10 19:17:18.000000 ./usr/lib/python3/dist-packages/minikerberos/network/clientsocket.py +-rw-r--r-- 0 root (0) root (0) 627 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/network/selector.py +-rw-r--r-- 0 root (0) root (0) 15166 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/pkinit.py drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/ --rw-r--r-- 0 root (0) root (0) 0 2020-02-29 13:58:56.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/__init__.py --rw-r--r-- 0 root (0) root (0) 29879 2020-02-29 19:48:03.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/asn1_structs.py --rw-r--r-- 0 root (0) root (0) 4053 2020-02-29 19:48:26.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/constants.py --rw-r--r-- 0 root (0) root (0) 28416 2020-02-29 18:41:26.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/encryption.py --rw-r--r-- 0 root (0) root (0) 8391 2020-02-29 19:48:33.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/errors.py --rw-r--r-- 0 root (0) root (0) 2010 2020-02-29 19:49:17.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/structures.py --rw-r--r-- 0 root (0) root (0) 5380 2020-02-29 22:29:28.000000 ./usr/lib/python3/dist-packages/minikerberos/security.py -drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos-0.2.0.egg-info/ --rw-r--r-- 0 root (0) root (0) 437 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos-0.2.0.egg-info/PKG-INFO --rw-r--r-- 0 root (0) root (0) 1 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos-0.2.0.egg-info/dependency_links.txt --rw-r--r-- 0 root (0) root (0) 377 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos-0.2.0.egg-info/entry_points.txt --rw-r--r-- 0 root (0) root (0) 16 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos-0.2.0.egg-info/requires.txt --rw-r--r-- 0 root (0) root (0) 13 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos-0.2.0.egg-info/top_level.txt --rw-r--r-- 0 root (0) root (0) 1 2020-03-01 19:43:33.000000 ./usr/lib/python3/dist-packages/minikerberos-0.2.0.egg-info/zip-safe +-rw-r--r-- 0 root (0) root (0) 0 2020-06-10 19:16:31.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/__init__.py +-rw-r--r-- 0 root (0) root (0) 29446 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/asn1_structs.py +-rw-r--r-- 0 root (0) root (0) 5427 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/constants.py +-rw-r--r-- 0 root (0) root (0) 28570 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/encryption.py +-rw-r--r-- 0 root (0) root (0) 9499 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/errors.py +-rw-r--r-- 0 root (0) root (0) 2851 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/mskile.py +-rw-r--r-- 0 root (0) root (0) 4367 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/rfc4556.py +-rw-r--r-- 0 root (0) root (0) 938 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/rfc_iakerb.py +-rw-r--r-- 0 root (0) root (0) 2668 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/protocol/structures.py +-rw-r--r-- 0 root (0) root (0) 5401 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos/security.py +drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos-0.2.14.egg-info/ +-rw-r--r-- 0 root (0) root (0) 438 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos-0.2.14.egg-info/PKG-INFO +-rw-r--r-- 0 root (0) root (0) 1 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos-0.2.14.egg-info/dependency_links.txt +-rw-r--r-- 0 root (0) root (0) 377 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos-0.2.14.egg-info/entry_points.txt +-rw-r--r-- 0 root (0) root (0) 33 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos-0.2.14.egg-info/requires.txt +-rw-r--r-- 0 root (0) root (0) 13 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos-0.2.14.egg-info/top_level.txt +-rw-r--r-- 0 root (0) root (0) 1 2020-07-26 12:56:38.000000 ./usr/lib/python3/dist-packages/minikerberos-0.2.14.egg-info/zip-safe drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/share/ drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/share/doc/ drwxr-xr-x 0 root (0) root (0) 0 2020-07-26 12:56:38.000000 ./usr/share/doc/python3-minikerberos/ --rw-r--r-- 0 root (0) root (0) 258 2020-07-26 12:56:38.000000 ./usr/share/doc/python3-minikerberos/changelog.Debian.gz +-rw-r--r-- 0 root (0) root (0) 276 2020-07-26 12:56:38.000000 ./usr/share/doc/python3-minikerberos/changelog.Debian.gz -rw-r--r-- 0 root (0) root (0) 2959 2020-07-26 12:56:38.000000 ./usr/share/doc/python3-minikerberos/copyright ##### ./usr/bin/ccache2kirbi @@ -26,8 +26,8 @@ globals().setdefault('load_entry_point', importlib_load_entry_point) if __name__ == '__main__': sys.argv[0] = re.sub(r'(-script\.pyw?|\.exe)?$', '', sys.argv[0]) - sys.exit(load_entry_point('minikerberos==0.2.0', 'console_scripts', 'ccache2kirbi')()) + sys.exit(load_entry_point('minikerberos==0.2.14', 'console_scripts', 'ccache2kirbi')()) ##### ./usr/bin/ccacheedit @@ -26,8 +26,8 @@ globals().setdefault('load_entry_point', importlib_load_entry_point) if __name__ == '__main__': sys.argv[0] = re.sub(r'(-script\.pyw?|\.exe)?$', '', sys.argv[0]) - sys.exit(load_entry_point('minikerberos==0.2.0', 'console_scripts', 'ccacheedit')()) + sys.exit(load_entry_point('minikerberos==0.2.14', 'console_scripts', 'ccacheedit')()) ##### ./usr/bin/ccacheroast @@ -26,8 +26,8 @@ globals().setdefault('load_entry_point', importlib_load_entry_point) if __name__ == '__main__': sys.argv[0] = re.sub(r'(-script\.pyw?|\.exe)?$', '', sys.argv[0]) - sys.exit(load_entry_point('minikerberos==0.2.0', 'console_scripts', 'ccacheroast')()) + sys.exit(load_entry_point('minikerberos==0.2.14', 'console_scripts', 'ccacheroast')()) ##### ./usr/bin/getS4U2proxy @@ -26,8 +26,8 @@ globals().setdefault('load_entry_point', importlib_load_entry_point) if __name__ == '__main__': sys.argv[0] = re.sub(r'(-script\.pyw?|\.exe)?$', '', sys.argv[0]) - sys.exit(load_entry_point('minikerberos==0.2.0', 'console_scripts', 'getS4U2proxy')()) + sys.exit(load_entry_point('minikerberos==0.2.14', 'console_scripts', 'getS4U2proxy')()) ##### ./usr/bin/getTGS @@ -26,8 +26,8 @@ globals().setdefault('load_entry_point', importlib_load_entry_point) if __name__ == '__main__': sys.argv[0] = re.sub(r'(-script\.pyw?|\.exe)?$', '', sys.argv[0]) - sys.exit(load_entry_point('minikerberos==0.2.0', 'console_scripts', 'getTGS')()) + sys.exit(load_entry_point('minikerberos==0.2.14', 'console_scripts', 'getTGS')()) ##### ./usr/bin/getTGT @@ -26,8 +26,8 @@ globals().setdefault('load_entry_point', importlib_load_entry_point) if __name__ == '__main__': sys.argv[0] = re.sub(r'(-script\.pyw?|\.exe)?$', '', sys.argv[0]) - sys.exit(load_entry_point('minikerberos==0.2.0', 'console_scripts', 'getTGT')()) + sys.exit(load_entry_point('minikerberos==0.2.14', 'console_scripts', 'getTGT')()) ##### ./usr/bin/kirbi2ccache @@ -26,8 +26,8 @@ globals().setdefault('load_entry_point', importlib_load_entry_point) if __name__ == '__main__': sys.argv[0] = re.sub(r'(-script\.pyw?|\.exe)?$', '', sys.argv[0]) - sys.exit(load_entry_point('minikerberos==0.2.0', 'console_scripts', 'kirbi2ccache')()) + sys.exit(load_entry_point('minikerberos==0.2.14', 'console_scripts', 'kirbi2ccache')()) ##### ./usr/lib/python3/dist-packages/minikerberos/_version.py @@ -1,7 +1,7 @@ -__version__ = "0.2.0" +__version__ = "0.2.14" __banner__ = \ """ # minikerberos %s # Author: Tamas Jos @skelsec (skelsecprojects@gmail.com) """ % __version__ ##### ./usr/lib/python3/dist-packages/minikerberos/aioclient.py @@ -510,9 +604,9 @@ ap_req['ticket'] = Ticket.load(ticket_data) ap_req['ap-options'] = APOptions(set(ap_opts)) ap_req['authenticator'] = EncryptedData({'etype': sessionkey.enctype, 'cipher': authenticator_data_enc}) return AP_REQ(ap_req).dump() async def getST(self, target_user, service_spn): - tgs, encTGSRepPart, key = await self.S4U2self(target_user) - return self.S4U2proxy(tgs['ticket'], service_spn) + tgs, encTGSRepPart, key = await self.S4U2self(target_user) + return await self.S4U2proxy(tgs['ticket'], service_spn) ##### ./usr/lib/python3/dist-packages/minikerberos/client.py @@ -230,15 +230,14 @@ ac = AuthenticatorChecksum() ac.flags = 0 ac.channel_binding = b'\x00'*16 chksum = {} chksum['cksumtype'] = 0x8003 chksum['checksum'] = ac.to_bytes() - print(chksum['checksum']) authenticator_data['cksum'] = Checksum(chksum) authenticator_data['seq-number'] = 0 authenticator_data_enc = self.kerberos_cipher.encrypt(self.kerberos_session_key, 7, Authenticator(authenticator_data).dump(), None) ap_req = {} ##### ./usr/lib/python3/dist-packages/minikerberos/common/ccache.py @@ -702,7 +738,10 @@ def to_file(self, filename): """ Writes the contents of the CCACHE object to a file """ with open(filename, 'wb') as f: f.write(self.to_bytes()) + @staticmethod + def from_bytes(data): + return CCACHE.parse(io.BytesIO(data)) ##### ./usr/lib/python3/dist-packages/minikerberos/common/constants.py @@ -13,8 +13,9 @@ AES128 = 'AES128' AES256 = 'AES256' RC4 = 'RC4' DES = 'DES' DES3 = 'DES3' TDES = 'TDES' CCACHE = 'CCACHE' - KEYTAB = 'KEYTAB' + KEYTAB = 'KEYTAB' + KIRBI = 'KIRBI' ##### ./usr/lib/python3/dist-packages/minikerberos/common/creds.py @@ -152,14 +168,22 @@ enctype = KerberosSecretType.DES elif Enctype.RC4 == keytab_entry.enctype: enctype = KerberosSecretType.RC4 if enctype: cred.add_secret(enctype, keytab_entry.key_contents.hex()) return cred + @staticmethod + def from_ccache_file(filepath, principal: str = None, realm: str = None): + k = KerberosCredential() + k.username = principal + k.domain = realm + k.ccache = CCACHE.from_file(filepath) + return k + def add_secret(self, st: KerberosSecretType, secret: str): if st == KerberosSecretType.PASSWORD or st == KerberosSecretType.PW or st == KerberosSecretType.PASS: if secret == '' or secret is None: self.password = getpass.getpass('Enter Kerberos credential password:') else: self.password = secret elif st == KerberosSecretType.NT or st == KerberosSecretType.RC4: ##### ./usr/lib/python3/dist-packages/minikerberos/common/proxy.py @@ -1,11 +1,12 @@ class KerberosProxy: - def __init__(self, target = None,creds = None): + def __init__(self, target = None,creds = None, type = None): self.target = target self.creds = creds + self.type = type def __str__(self): t = '===KerberosTarget===\r\n' t += 'target: %s\r\n' % str(self.target) t += 'creds: %s\r\n' % str(self.creds) return t ##### ./usr/lib/python3/dist-packages/minikerberos/common/url.py @@ -116,60 +118,68 @@ @staticmethod def from_url(url_str): res = KerberosClientURL() url = urlparse(url_str) res.dc_ip = url.hostname schemes = url.scheme.upper().split('+') - if schemes[0] not in ['KERBEROS', 'KERBEROS-TCP, KERBEROS-UDP']: + + if schemes[0] not in ['KERBEROS', 'KERBEROS-TCP, KERBEROS-UDP', 'KRB5', 'KRB5-UDP', 'KRB5-TCP']: raise Exception('Unknown protocol! %s' % schemes[0]) if schemes[0].endswith('UDP') is True: res.protocol = KerberosSocketType.UDP + ttype = schemes[1] + if ttype.find('-') != -1 and ttype.upper().endswith('-PROMPT'): + ttype = ttype.split('-')[0] + res.secret = getpass.getpass() try: - res.secret_type = KerberosSecretType(schemes[1]) + res.secret_type = KerberosSecretType(ttype) except: - raise Exception('Unknown secret type! %s' % schemes[0]) + raise Exception('Unknown secret type! %s' % ttype) if url.username is not None: if url.username.find('\\') != -1: res.domain , res.username = url.username.split('\\') else: raise Exception('Domain missing from username!') else: raise Exception('Missing username!') - - res.secret = url.password + + if res.secret is None: + res.secret = url.password if url.port is not None: res.port = int(url.port) query = parse_qs(url.query) - proxy_present = False + proxy_type = None for k in query: - if k.startswith('proxy') is True: - proxy_present = True + if k == 'proxytype': + proxy_type = query[k][0] + if k in kerberosclienturl_param2var: data = query[k][0] for c in kerberosclienturl_param2var[k][1]: data = c(data) setattr( res, kerberosclienturl_param2var[k][0], data ) - if proxy_present is True: + if proxy_type is not None: cu = SocksClientURL.from_params(url_str) - cu.endpoint_ip = res.dc_ip - cu.endpoint_port = res.port + cu[-1].endpoint_ip = res.dc_ip + cu[-1].endpoint_port = res.port + + res.proxy = KerberosProxy(cu, None, type='SOCKS') - res.proxy = KerberosProxy(cu.get_target(), cu.get_creds()) if res.username is None: raise Exception('Missing username!') if res.secret is None: raise Exception('Missing secret/password!') if res.secret_type is None: ##### ./usr/lib/python3/dist-packages/minikerberos/common/utils.py @@ -32,23 +33,64 @@ windows_epoch = datetime.datetime(1970,1,1, tzinfo=datetime.timezone.utc) def dt_to_kerbtime(dt): td = dt - windows_epoch return int((td.microseconds + (td.seconds + td.days * 24 * 3600) * 10**6) / 1e6) def TGSTicket2hashcat(res): tgs_encryption_type = int(res['ticket']['enc-part']['etype']) - tgs_name_string = res['ticket']['sname']['name-string'][0] + tgs_name_string = '@'.join(res['ticket']['sname']['name-string']) #[0] tgs_realm = res['ticket']['realm'] - tgs_checksum = res['ticket']['enc-part']['cipher'][:16] - tgs_encrypted_data2 = res['ticket']['enc-part']['cipher'][16:] + + if tgs_encryption_type == 23: + tgs_checksum = res['ticket']['enc-part']['cipher'][:16] + tgs_encrypted_data2 = res['ticket']['enc-part']['cipher'][16:] + return '$krb5tgs$%s$*%s$%s$spn*$%s$%s' % (tgs_encryption_type,tgs_name_string,tgs_realm, tgs_checksum.hex(), tgs_encrypted_data2.hex() ) + + elif tgs_encryption_type in [17,18]: + # $krb5tgs$17$user$realm$ae8434177efd09be5bc2eff8$90b4ce5b266821adc26c64f71958a475cf9348fce65096190be04f8430c4e0d554c86dd7ad29c275f9e8f15d2dab4565a3d6e21e449dc2f88e52ea0402c7170ba74f4af037c5d7f8db6d53018a564ab590fc23aa1134788bcc4a55f69ec13c0a083291a96b41bffb978f5a160b7edc828382d11aacd89b5a1bfa710b0e591b190bff9062eace4d26187777db358e70efd26df9c9312dbeef20b1ee0d823d4e71b8f1d00d91ea017459c27c32dc20e451ea6278be63cdd512ce656357c942b95438228e + # $krb5tgs$18$user$realm$8efd91bb01cc69dd07e46009$7352410d6aafd72c64972a66058b02aa1c28ac580ba41137d5a170467f06f17faf5dfb3f95ecf4fad74821fdc7e63a3195573f45f962f86942cb24255e544ad8d05178d560f683a3f59ce94e82c8e724a3af0160be549b472dd83e6b80733ad349973885e9082617294c6cbbea92349671883eaf068d7f5dcfc0405d97fda27435082b82b24f3be27f06c19354bf32066933312c770424eb6143674756243c1bde78ee3294792dcc49008a1b54f32ec5d5695f899946d42a67ce2fb1c227cb1d2004c0 + + tgs_checksum = res['ticket']['enc-part']['cipher'][-12:] + tgs_encrypted_data2 = res['ticket']['enc-part']['cipher'][:-12] + return '$krb5tgs$%s$%s$%s$%s$%s' % (tgs_encryption_type,tgs_name_string,tgs_realm, tgs_checksum.hex(), tgs_encrypted_data2.hex() ) + + else: + return 'unknown$enctype$%s' % tgs_encryption_type - return '$krb5tgs$%s$*%s$%s$spn*$%s$%s' % (tgs_encryption_type,tgs_name_string,tgs_realm, tgs_checksum.hex(), tgs_encrypted_data2.hex() ) def TGTTicket2hashcat(res): tgt_encryption_type = int(res['enc-part']['etype']) tgt_name_string = res['cname']['name-string'][0] tgt_realm = res['crealm'] tgt_checksum = res['enc-part']['cipher'][:16] tgt_encrypted_data2 = res['enc-part']['cipher'][16:] return '$krb5asrep$%s$%s@%s:%s$%s' % (tgt_encryption_type,tgt_name_string, tgt_realm, tgt_checksum.hex(), tgt_encrypted_data2.hex()) - + +def tgt_to_kirbi(tgs, encTGSRepPart): + #encTGSRepPart is already decrypted at this point + ci = {} + ci['key'] = encTGSRepPart['key'] + ci['prealm'] = tgs['crealm'] + ci['pname'] = tgs['cname'] + ci['flags'] = encTGSRepPart['flags'] + ci['authtime'] = encTGSRepPart['authtime'] + ci['starttime'] = encTGSRepPart['starttime'] + ci['endtime'] = encTGSRepPart['endtime'] + ci['renew-till'] = encTGSRepPart['renew-till'] + ci['srealm'] = encTGSRepPart['srealm'] + ci['sname'] = encTGSRepPart['sname'] + + ti = {} + ti['ticket-info'] = [KrbCredInfo(ci)] + + te = {} + te['etype'] = 0 + te['cipher'] = EncKrbCredPart(ti).dump() + + t = {} + t['pvno'] = 5 + t['msg-type'] = 22 + t['enc-part'] = EncryptedData(te) + t['tickets'] = [tgs['ticket']] + + return KRB_CRED(t) ##### ./usr/lib/python3/dist-packages/minikerberos/crypto/hashing.py @@ -1,35 +1,38 @@ import hashlib import hmac from minikerberos.crypto.BASE import hashBASE, hmacBASE +from minikerberos.crypto.MD4 import MD4 class md5(hashBASE): def __init__(self, data = None): hashBASE.__init__(self, data) def setup_hash(self): self._hash = hashlib.new('md5') def update(self, data): return self._hash.update(data) def digest(self): return self._hash.digest() def hexdigest(self): return self._hash.hexdigest() -class md4(hashBASE): - def __init__(self, data = None): - hashBASE.__init__(self, data) - def setup_hash(self): - self._hash = hashlib.new('md4') - def update(self, data): - return self._hash.update(data) - def digest(self): - return self._hash.digest() - def hexdigest(self): - return self._hash.hexdigest() +#class md4(hashBASE): +# def __init__(self, data = None): +# hashBASE.__init__(self, data) +# def setup_hash(self): +# self._hash = hashlib.new('md4') +# def update(self, data): +# return self._hash.update(data) +# def digest(self): +# return self._hash.digest() +# def hexdigest(self): +# return self._hash.hexdigest() + +md4 = MD4 class hmac_md5(hmacBASE): def __init__(self, key): hmacBASE.__init__(self, key) def setup_hash(self): self._hmac = hmac.new(self._key, digestmod = hashlib.md5) def update(self, data): ##### ./usr/lib/python3/dist-packages/minikerberos/examples/ccache_editor.py @@ -56,15 +56,14 @@ elif args.command == 'del': #delete output_filename = os.path.join(os.path.dirname(os.path.abspath(args.ccachefile)), '%s.edited.ccache' % ntpath.basename(args.ccachefile)) #sorry for this, im tired now :( id = args.id temp_cc = CCACHE() temp_cc.file_format_version = cc.file_format_version - temp_cc.headerlen = cc.headerlen temp_cc.headers = cc.headers temp_cc.primary_principal = cc.primary_principal i = 0 for cred in cc.credentials: if i in id: i += 1 continue ##### ./usr/lib/python3/dist-packages/minikerberos/examples/getTGS.py @@ -12,58 +12,44 @@ async def amain(args): if args.spn.find('@') == -1: raise Exception('SPN must contain @') t, domain = args.spn.split('@') if t.find('/') != -1: - service, hostname = args.spn.split('/') + service, hostname = t.split('/') else: hostname = t service = None spn = KerberosSPN() spn.username = hostname spn.service = service spn.domain = domain cu = KerberosClientURL.from_url(args.kerberos_connection_url) ccred = cu.get_creds() target = cu.get_target() logging.debug('Getting TGT') - - if not ccred.ccache: - client = AIOKerberosClient(ccred, target) - logging.debug('Getting TGT') - await client.get_TGT() - logging.debug('Getting TGS') - await client.get_TGS(spn) - else: - logging.debug('Getting TGS via TGT from CCACHE') - for tgt, key in ccred.ccache.get_all_tgt(): - try: - logging.info('Trying to get SPN with %s' % '!'.join(tgt['cname']['name-string'])) - client = AIOKerberosClient.from_tgt(target, tgt, key) - await client.get_TGS(spn) - logging.info('Sucsess!') - except Exception as e: - logging.debug('This ticket is not usable it seems Reason: %s' % e) - continue - else: - break + + client = AIOKerberosClient(ccred, target) + logging.debug('Getting TGT') + await client.get_TGT() + logging.debug('Getting TGS') + await client.get_TGS(spn) client.ccache.to_file(args.ccache) logging.info('Done!') def main(): import argparse parser = argparse.ArgumentParser(description='Polls the kerberos service for a TGS for the sepcified user and specified service', formatter_class=argparse.RawDescriptionHelpFormatter, epilog = kerberos_url_help_epilog) - parser.add_argument('kerberos_connection_string', help='the kerberos target string in the following format //:@') + parser.add_argument('kerberos_connection_url', help='the kerberos target string in the following format //:@') parser.add_argument('spn', help='the service principal in format /@ Example: cifs/fileserver.test.corp@TEST.corp for a TGS ticket to be used for file access on server "fileserver". IMPORTANT: SERVER\'S HOSTNAME MUST BE USED, NOT IP!!!') parser.add_argument('ccache', help='ccache file to store the TGT ticket in') parser.add_argument('-u', action='store_true', help='Use UDP instead of TCP (not tested)') parser.add_argument('-v', '--verbose', action='count', default=0) args = parser.parse_args() if args.verbose == 0: ##### ./usr/lib/python3/dist-packages/minikerberos/gssapi/gssapi.py @@ -13,14 +13,16 @@ # https://tools.ietf.org/html/rfc2478 # https://tools.ietf.org/html/draft-ietf-krb-wg-gssapi-cfx-02 GSS_WRAP_HEADER = b'\x60\x2b\x06\x09\x2a\x86\x48\x86\xf7\x12\x01\x02\x02' class GSSAPIFlags(enum.IntFlag): GSS_C_DCE_STYLE = 0x1000 + GSS_C_EXTENDED_ERROR_FLAG = 0x4000 + GSS_C_IDENTIFY_FLAG = 0x2000 GSS_C_DELEG_FLAG = 1 GSS_C_MUTUAL_FLAG = 2 GSS_C_REPLAY_FLAG = 4 GSS_C_SEQUENCE_FLAG = 8 GSS_C_CONF_FLAG = 0x10 GSS_C_INTEG_FLAG = 0x20 ##### ./usr/lib/python3/dist-packages/minikerberos/network/aioclientsockssocket.py @@ -25,15 +25,15 @@ return '%s:%d' % (self.target.ip, self.target.port) async def sendrecv(self, data): self.out_queue = asyncio.Queue() self.in_queue = asyncio.Queue() comms = SocksQueueComms(self.out_queue, self.in_queue) - self.client = SOCKSClient(comms, self.target.proxy.target, self.target.proxy.creds) + self.client = SOCKSClient(comms, self.target.proxy.target) self.proxy_task = asyncio.create_task(self.client.run()) length = len(data).to_bytes(4, byteorder = 'big', signed = False) await self.out_queue.put(length+data) resp_data = b'' resp_data_len = -1 ##### ./usr/lib/python3/dist-packages/minikerberos/network/clientsocket.py @@ -6,15 +6,15 @@ from minikerberos.protocol.errors import KerberosErrorCode, KerberosError class KerberosClientSocket: def __init__(self, target): self.target = target #ip, port = 88, soc_type = KerberosSocketType.TCP - self.soc_type = target.soc_type + self.soc_type = target.protocol self.dst_ip = target.ip self.dst_port = int(target.port) self.soc = None def __str__(self): t = '===KerberosClientSocket===\r\n' t += 'soc_type: %s\r\n' % self.soc_type ##### ./usr/lib/python3/dist-packages/minikerberos/protocol/asn1_structs.py @@ -781,163 +872,22 @@ ('checksum', Checksum, {'tag_type': TAG, 'tag': 1}), ] class AD_IF_RELEVANT(AuthorizationData): pass -# -#DOMAIN-X500-COMPRESS krb5int32 ::= 1 -# -#-- authorization data primitives -# -#AD-IF-RELEVANT ::= AuthorizationData -# -#AD-KDCIssued ::= SEQUENCE { -# ad-checksum[0] Checksum, -# i-realm[1] Realm OPTIONAL, -# i-sname[2] PrincipalName OPTIONAL, -# elements[3] AuthorizationData -#} -# -#AD-AND-OR ::= SEQUENCE { -# condition-count[0] INTEGER, -# elements[1] AuthorizationData -#} -# -#AD-MANDATORY-FOR-KDC ::= AuthorizationData -# -#-- PA-SAM-RESPONSE-2/PA-SAM-RESPONSE-2 -# -#PA-SAM-TYPE ::= INTEGER { -# PA_SAM_TYPE_ENIGMA(1), -- Enigma Logic -# PA_SAM_TYPE_DIGI_PATH(2), -- Digital Pathways -# PA_SAM_TYPE_SKEY_K0(3), -- S/key where KDC has key 0 -# PA_SAM_TYPE_SKEY(4), -- Traditional S/Key -# PA_SAM_TYPE_SECURID(5), -- Security Dynamics -# PA_SAM_TYPE_CRYPTOCARD(6) -- CRYPTOCard -#} -# -#PA-SAM-REDIRECT ::= HostAddresses -# -#SAMFlags ::= BIT STRING { -# use-sad-as-key(0), -# send-encrypted-sad(1), -# must-pk-encrypt-sad(2) -#} -# -#PA-SAM-CHALLENGE-2-BODY ::= SEQUENCE { -# sam-type[0] krb5int32, -# sam-flags[1] SAMFlags, -# sam-type-name[2] GeneralString OPTIONAL, -# sam-track-id[3] GeneralString OPTIONAL, -# sam-challenge-label[4] GeneralString OPTIONAL, -# sam-challenge[5] GeneralString OPTIONAL, -# sam-response-prompt[6] GeneralString OPTIONAL, -# sam-pk-for-sad[7] EncryptionKey OPTIONAL, -# sam-nonce[8] krb5int32, -# sam-etype[9] krb5int32, -# ... -#} -# -#PA-SAM-CHALLENGE-2 ::= SEQUENCE { -# sam-body[0] PA-SAM-CHALLENGE-2-BODY, -# sam-cksum[1] SEQUENCE OF Checksum, -- (1..MAX) -# ... -#} -# -#PA-SAM-RESPONSE-2 ::= SEQUENCE { -# sam-type[0] krb5int32, -# sam-flags[1] SAMFlags, -# sam-track-id[2] GeneralString OPTIONAL, -# sam-enc-nonce-or-sad[3] EncryptedData, -- PA-ENC-SAM-RESPONSE-ENC -# sam-nonce[4] krb5int32, -# ... -#} -# -#PA-ENC-SAM-RESPONSE-ENC ::= SEQUENCE { -# sam-nonce[0] krb5int32, -# sam-sad[1] GeneralString OPTIONAL, -# ... -#} -# -#PA-S4U2Self ::= SEQUENCE { -# name[0] PrincipalName, -# realm[1] Realm, -# cksum[2] Checksum, -# auth[3] GeneralString -#} -# -# -# -# -# -# -# -# -# -# -# -## https://github.com/tiran/kkdcpasn1/blob/asn1crypto/pykkdcpasn1.py -#class EncryptedData(core.Sequence): -# """EncryptedData -# * KDC-REQ-BODY -# * Ticket -# * AP-REQ -# * KRB-PRIV -# EncryptedData ::= SEQUENCE { -# etype [0] Int32, -# kvno [1] UInt32 OPTIONAL, -# cipher [2] OCTET STRING -# } -# """ -# _fields = [ -# ('etype', Int32, {'tag_type': TAG, 'tag': 0}), -# ('kvno', UInt32, {'tag_type': TAG, 'tag': 1, 'optional': True}), -# ('cipher', core.OctetString, {'tag_type': TAG, 'tag': 2}), -#] -# -#class EncryptionKey(core.Sequence): -# """ -# EncryptionKey ::= SEQUENCE { -# keytype[0] krb5int32, -# keyvalue[1] OCTET STRING -# } -# """ -# _fields = [ -# ('keytype', Int32, {'tag_type': TAG, 'tag': 0}), -# ('keyvalue', core.OctetString, {'tag_type': TAG, 'tag': 1}), -#] -# -# -# -# -# -# +class GSSAPIOID(core.ObjectIdentifier): + _map = { + '1.2.840.113554.1.2.2': 'krb5', + } + + _reverse_map = { + 'krb5': '1.2.840.113554.1.2.2', + } + + +class GSSAPIToken(core.Asn1Value): + class_ = 1 + tag = 0 + method = 1 -# -# -#class SequenceOfInt32(core.SequenceOf): -# """SEQUENCE OF Int32 for KDC-REQ-BODY -# """ -# _child_spec = Int32 -# -# -# -#class SequenceOfKrbCredInfo(core.SequenceOf): -# _child_spec = KrbCredInfo -# -# -#class EncKrbCredPart(core.Sequence): -# explicit = (1, 29) -# -# _fields = [ -# ('ticket-info', SequenceOfKrbCredInfo, {'tag_type': TAG, 'tag': 0}), -# ('nonce', Int32, {'tag_type': TAG, 'tag': 1, 'optional': True}), -# ('timestamp', KerberosTime , {'tag_type': TAG, 'tag': 2, 'optional': True}), -# ('usec', Microseconds , {'tag_type': TAG, 'tag': 3, 'optional': True}), -# ('s-address', HostAddress , {'tag_type': TAG, 'tag': 4, 'optional': True}), -# ('r-address', HostAddress , {'tag_type': TAG, 'tag': 5, 'optional': True}), -# ] -# -# -# ##### ./usr/lib/python3/dist-packages/minikerberos/protocol/constants.py @@ -118,8 +119,60 @@ OTP_PIN_CHANGE = 144# __ = gareth.richards@rsa.com) EPAK_AS_REQ = 145# EPAK_AS_REP = 146# PKINIT_KX = 147# __ krb_wg_anon PKU2U_NAME = 148# __ zhu_pku2u REQ_ENC_PA_REP = 149# __ SPAKE = 151# __https://datatracker.ietf.org/doc/draft-ietf-kitten-krb-spake-preauth/?include_text=1 - SUPPORTED_ETYPES = 165 #) __ MS_KILE + SUPPORTED_ETYPES = 165 #) __ MS_KILE + + +# Full list of key_usage numbers: https://tools.ietf.org/html/rfc4120#section-7.5.1 +# +class KEY_USAGE(enum.Enum): + AS_REQ_PA_ENC_TS = 1 + KDC_REP_TICKET = 2 + AS_REP_ENCPART = 3 + TGS_REQ_AD_SESSKEY = 4 + TGS_REQ_AD_SUBKEY = 5 + TGS_REQ_AUTH_CKSUM = 6 + TGS_REQ_AUTH = 7 + TGS_REP_ENCPART_SESSKEY = 8 + TGS_REP_ENCPART_SUBKEY = 9 + AP_REQ_AUTH_CKSUM = 10 + AP_REQ_AUTH = 11 + AP_REP_ENCPART = 12 + KRB_PRIV_ENCPART = 13 + KRB_CRED_ENCPART = 14 + KRB_SAFE_CKSUM = 15 + APP_DATA_ENCRYPT = 16 + APP_DATA_CKSUM = 17 + KRB_ERROR_CKSUM = 18 + AD_KDCISSUED_CKSUM = 19 + AD_MTE = 20 + AD_ITE = 21 + + GSS_TOK_MIC = 22 + GSS_TOK_WRAP_INTEG = 23 + GSS_TOK_WRAP_PRIV = 24 + + PA_SAM_CHALLENGE_CKSUM = 25 + #PA_SAM_CHALLENGE_TRACKID 26 #/** Note conflict with @ref KRB5_KEYUSAGE_PA_S4U_X509_USER_REQUEST */ + #PA_SAM_RESPONSE 27 #/** Note conflict with @ref KRB5_KEYUSAGE_PA_S4U_X509_USER_REPLY */ + + PA_S4U_X509_USER_REQUEST = 26 #/* Defined in [MS-SFU] *//** Note conflict with @ref KRB5_KEYUSAGE_PA_SAM_CHALLENGE_TRACKID */ + PA_S4U_X509_USER_REPLY = 27 #/** Note conflict with @ref KRB5_KEYUSAGE_PA_SAM_RESPONSE */ + + AD_SIGNEDPATH = -21 + IAKERB_FINISHED = 42 + PA_PKINIT_KX = 44 + PA_OTP_REQUEST = 45 + + FAST_REQ_CHKSUM = 50 + FAST_ENC = 51 + FAST_REP = 52 + FAST_FINISHED = 53 + ENC_CHALLENGE_CLIENT = 54 + ENC_CHALLENGE_KDC = 55 + AS_REQ = 56 + CAMMAC = 64 + SPAKE = 65 ##### ./usr/lib/python3/dist-packages/minikerberos/protocol/encryption.py @@ -513,15 +514,17 @@ table = {3: 8, 23: 13} msusage = table[keyusage] if keyusage in table else keyusage return pack(' Fri, 11 Jun 2021 14:54:48 -0000 + -- Kali Janitor Thu, 26 Aug 2021 01:51:31 -0000 -python-minikerberos (0.2.0-0kali1~jan+unchanged2) kali-dev; urgency=medium +python-minikerberos (0.2.0-0kali1) kali-dev; urgency=medium * Initial release -- Sophie Brun Wed, 25 Mar 2020 15:53:39 +0100