Skip to content

Commit

Permalink
Merge remote-tracking branch 'upstream/master'
Browse files Browse the repository at this point in the history
  • Loading branch information
certcc-ghbot committed Sep 16, 2024
2 parents 9d11a6a + 720723f commit b3dab80
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 2 deletions.
5 changes: 5 additions & 0 deletions lib/metasploit/framework/login_scanner/kerberos.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,10 @@ class Kerberos
DEFAULT_PORT = 88
REALM_KEY = Metasploit::Model::Realm::Key::ACTIVE_DIRECTORY_DOMAIN
DEFAULT_REALM = nil
LIKELY_PORTS = [ DEFAULT_PORT ].freeze
LIKELY_SERVICE_NAMES = [ 'kerberos', 'kerberos5', 'krb5', 'kerberos-sec' ].freeze
PRIVATE_TYPES = %i[ password ].freeze
CAN_GET_SESSION = true

def attempt_login(credential)
result_options = {
Expand Down Expand Up @@ -117,6 +121,7 @@ def self.login_status_for_kerberos_error(krb_err)
private

def set_sane_defaults
self.connection_timeout = 10 if self.connection_timeout.nil?
self.port = DEFAULT_PORT unless self.port
end

Expand Down
4 changes: 2 additions & 2 deletions lib/msf/core/exploit/remote/kerberos/client.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -179,7 +179,7 @@ def send_request_tgt_pkinit(options = {})
pfx = options[:pfx]
request_pac = options.fetch(:request_pac, true)
realm = options[:realm]
server_name = options.fetch(:server_name, "krbtgt/#{realm}")
server_name = options[:server_name] || "krbtgt/#{realm}"
client_name = options[:client_name]
client_name = client_name.dup.force_encoding('utf-8') if client_name
ticket_options = options.fetch(:options) { 0x50800000 } # Forwardable, Proxiable, Renewable
Expand Down Expand Up @@ -245,7 +245,7 @@ def send_request_tgt_pkinit(options = {})
# @raise [Rex::Proto::Kerberos::Model::Error::KerberosError] if the provided credentials are invalid
def send_request_tgt(options = {})
realm = options[:realm]
server_name = options[:server_name]
server_name = options[:server_name] || "krbtgt/#{realm}"
client_name = options[:client_name]
client_name = client_name.dup.force_encoding('utf-8') if client_name
password = options[:password]
Expand Down

0 comments on commit b3dab80

Please sign in to comment.