Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
rapid7
GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/modules/auxiliary/scanner/kerberos/kerberos_login.rb
28087 views
1
##

2
# This module requires Metasploit: https://metasploit.com/download

3
# Current source: https://github.com/rapid7/metasploit-framework

4
##

5


6
class MetasploitModule < Msf::Auxiliary

7
  include Msf::Exploit::Remote::Kerberos::AuthBrute

8


9
  def initialize(info = {})

10
    super(

11
      update_info(

12
        info,

13
        'Name' => 'Kerberos Authentication Check Scanner',

14
        'Description' => %q{

15
          This module will test Kerberos logins on a range of machines and

16
          report successful logins.  If you have loaded a database plugin

17
          and connected to a database this module will record successful

18
          logins and hosts so you can track your access.

19


20
          Kerberos accounts which do not require pre-authentication will

21
          have the TGT logged for offline cracking, this technique is known as AS-REP Roasting.

22


23
          It is also able to identify whether user accounts are enabled or

24
          disabled/locked out.

25
        },

26
        'Author' => [

27
          'alanfoster',

28
        ],

29
        'References' => [

30
        ],

31
        'License' => MSF_LICENSE,

32
        'Notes' => {

33
          'Stability' => [CRASH_SAFE],

34
          'Reliability' => [],

35
          'SideEffects' => [ACCOUNT_LOCKOUTS, IOC_IN_LOGS]

36
        }

37
      )

38
    )

39
  end

40


41
  def run

42
    attempt_kerberos_logins

43
  end

44
end

45


46