Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
rapid7
GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/lib/rex/proto/kerberos/model.rb
33399 views
1
 # -*- coding: binary -*-

2


3
module Rex

4
  module Proto

5
    module Kerberos

6
      module Model

7
        VERSION = 5

8


9
        # Application Message Id's

10


11
        AS_REQ = 10

12
        AS_REP = 11

13
        TGS_REQ = 12

14
        TGS_REP = 13

15
        KRB_ERROR = 30

16
        TICKET = 1

17
        AUTHENTICATOR = 2

18
        AP_REQ = 14

19
        AP_REP = 15

20
        KRB_CRED = 22

21
        ENC_AP_REP_PART = 27

22
        ENC_KRB_CRED_PART = 29

23


24
        module OID

25
          DiffieHellman = '1.2.840.10046.2.1'

26
          SHA1 = '1.3.14.3.2.26'

27
          SHA256 = '2.16.840.1.101.3.4.2.1'

28
          ContentType = '1.2.840.113549.1.9.3'

29
          MessageDigest = '1.2.840.113549.1.9.4'

30
          RSAWithSHA1 = '1.2.840.113549.1.1.5'

31
          RSAWithSHA256 = '1.2.840.113549.1.1.11'

32
          PkinitAuthData = '1.3.6.1.5.2.3.1'

33
          SignedData = '1.2.840.113549.1.7.2'

34
        end

35


36
        # From Principal

37
        # https://datatracker.ietf.org/doc/html/rfc4120#section-6.2

38


39
        module NameType

40
          # Name type not known

41
          NT_UNKNOWN = 0

42
          # The name of the principal

43
          NT_PRINCIPAL = 1

44
          # Service and other unique instances

45
          NT_SRV_INST = 2

46
          # Service with host name and instance

47
          NT_SRV_HST = 3

48
          # Service with host as remaining component

49
          NT_SRV_XHST = 4

50
          # Unique ID

51
          NT_UID = 5

52


53
          NT_ENTERPRISE = 10

54
        end

55


56
        module PaS4uX509UserOptions

57
          CHECK_LOGON_RESTRICTIONS = 0x40000000

58
          SIGN_REPLY = 0x20000000

59
          NT_AUTH_POLICY_NOT_REQUIRED = 0x10000000

60
          UNCONDITIONAL_DELEGATION = 0x08000000

61
        end

62


63
        # See:

64
        # * https://www.iana.org/assignments/kerberos-parameters/kerberos-parameters.xhtml#pre-authentication

65
        # * https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-kile/ae60c948-fda8-45c2-b1d1-a71b484dd1f7

66


67
        module PreAuthType

68
          PA_TGS_REQ = 1

69
          PA_ENC_TIMESTAMP = 2

70
          PA_PW_SALT = 3

71
          PA_ETYPE_INFO = 11

72
          PA_PK_AS_REQ = 16

73
          PA_PK_AS_REP = 17

74
          PA_ETYPE_INFO2 = 19

75
          PA_PAC_REQUEST = 128

76
          PA_FOR_USER = 129

77
          PA_S4U_X509_USER = 130

78
          KEY_LIST_REP = 162

79
          PA_SUPPORTED_ETYPES = 165

80
          PA_PAC_OPTIONS = 167

81
          KERB_SUPERSEDED_BY_USER = 170

82
          DMSA_KEY_PACKAGE = 171

83
        end

84


85
        module AuthorizationDataType

86
          AD_IF_RELEVANT = 1

87
          KDC_ISSUED = 4

88
          AND_OR = 5

89
          MANDATORY_FOR_KDC = 8

90
          INITIAL_VERIFIED_CAS = 9

91
          OSF_DCE = 64

92
          SESAME = 65

93
        end

94
      end

95
    end

96
  end

97
end

98


99


100