Beispiel #1
0
    static AsnElt Duplicate(AsnElt ae)
    {
        if (ae.Constructed)
        {
            int      n  = ae.Sub.Length;
            AsnElt[] ss = new AsnElt[n];
            for (int i = 0; i < n; i++)
            {
                ss[i] = Duplicate(ae.Sub[i]);
            }
            return(AsnElt.Make(ae.TagClass, ae.TagValue, ss));
        }

        if (ae.TagClass == AsnElt.UNIVERSAL)
        {
            switch (ae.TagValue)
            {
            case AsnElt.BOOLEAN:
                return(ae.GetBoolean()
                                        ? AsnElt.BOOL_TRUE : AsnElt.BOOL_FALSE);

            case AsnElt.INTEGER:
                return(AsnElt.MakeIntegerSigned(
                           ae.CopyValue()));

            case AsnElt.OBJECT_IDENTIFIER:
                return(AsnElt.MakeOID(ae.GetOID()));

            case AsnElt.NumericString:
            case AsnElt.PrintableString:
            case AsnElt.IA5String:
            case AsnElt.TeletexString:
            case AsnElt.UTF8String:
            case AsnElt.BMPString:
            case AsnElt.UniversalString:
            case AsnElt.UTCTime:
            case AsnElt.GeneralizedTime:
                return(AsnElt.MakeString(
                           ae.TagValue, ae.GetString()));
            }
        }

        /*
         * All other primitive types will be treated as blobs.
         * We still need to duplicate them in order to avoid
         * variants in tag/length encoding.
         */
        return(AsnElt.MakePrimitive(ae.TagClass,
                                    ae.TagValue, ae.CopyValue()));
    }
Beispiel #2
0
    static int GetRSAPublicKeySize(byte[] kv)
    {
        AsnElt ae = AsnElt.Decode(kv);

        ae.CheckTag(AsnElt.SEQUENCE);
        ae.CheckNumSub(2);
        AsnElt ai = ae.GetSub(0);

        ai.CheckTag(AsnElt.INTEGER);
        ai.CheckPrimitive();
        byte[] v = ai.CopyValue();
        if (v.Length > 0 && v[0] >= 0x80)
        {
            throw new AsnException(
                      "Invalid RSA modulus (negative)");
        }
        int bitLen = M.BitLength(v);

        if (bitLen < 512)
        {
            throw new AsnException(string.Format(
                                       "Invalid RSA modulus ({0} bits)", bitLen));
        }
        else if ((v[v.Length - 1] & 0x01) == 0)
        {
            throw new AsnException("Invalid RSA modulus (even)");
        }
        return(bitLen);
    }
Beispiel #3
0
        public PA_S4U_X509_USER(byte[] key, string name, string realm, uint nonce, Interop.KERB_ETYPE eType = Interop.KERB_ETYPE.aes256_cts_hmac_sha1)
        {
            user_id = new S4UUserID(name, realm, nonce);

            AsnElt userIDAsn = user_id.Encode();
            AsnElt userIDSeq = AsnElt.Make(AsnElt.SEQUENCE, userIDAsn);

            byte[] userIDBytes = userIDSeq.CopyValue();
            byte[] cksumBytes  = null;

            if (eType == Interop.KERB_ETYPE.aes256_cts_hmac_sha1)
            {
                cksumBytes = Crypto.KerberosChecksum(key, userIDBytes, Interop.KERB_CHECKSUM_ALGORITHM.KERB_CHECKSUM_HMAC_SHA1_96_AES256, Interop.KRB_KEY_USAGE_PA_S4U_X509_USER);
            }
            if (eType == Interop.KERB_ETYPE.aes128_cts_hmac_sha1)
            {
                cksumBytes = Crypto.KerberosChecksum(key, userIDBytes, Interop.KERB_CHECKSUM_ALGORITHM.KERB_CHECKSUM_HMAC_SHA1_96_AES128, Interop.KRB_KEY_USAGE_PA_S4U_X509_USER);
            }
            if (eType == Interop.KERB_ETYPE.rc4_hmac)
            {
                cksumBytes = Crypto.KerberosChecksum(key, userIDBytes, Interop.KERB_CHECKSUM_ALGORITHM.KERB_CHECKSUM_RSA_MD4, Interop.KRB_KEY_USAGE_PA_S4U_X509_USER);
            }

            cksum = new Checksum(Interop.KERB_CHECKSUM_ALGORITHM.KERB_CHECKSUM_HMAC_SHA1_96_AES256, cksumBytes);
        }
        public PA_S4U_X509_USER(byte[] key, string name, string realm, uint nonce)
        {
            user_id = new S4UUserID(name, realm, nonce);

            AsnElt userIDAsn = user_id.Encode();
            AsnElt userIDSeq = AsnElt.Make(AsnElt.SEQUENCE, userIDAsn);

            //userIDSeq = AsnElt.MakeImplicit(AsnElt.CONTEXT, 0, userIDSeq);
            byte[] userIDBytes = userIDSeq.CopyValue();

            byte[] cksumBytes = Crypto.KerberosChecksum(key, userIDBytes, Interop.KERB_CHECKSUM_ALGORITHM.KERB_CHECKSUM_HMAC_SHA1_96_AES256_X509);
            cksum = new Checksum(Interop.KERB_CHECKSUM_ALGORITHM.KERB_CHECKSUM_HMAC_SHA1_96_AES256, cksumBytes);
        }
Beispiel #5
0
 static byte[] GetPositiveInteger(AsnElt ae)
 {
     ae.CheckTag(AsnElt.INTEGER);
     byte[] x = ae.CopyValue();
     if (x.Length == 0)
     {
         throw new AsnException("Invalid integer (empty)");
     }
     if (x[0] >= 0x80)
     {
         throw new AsnException("Invalid integer (negative)");
     }
     return(x);
 }
Beispiel #6
0
        private static void S4U2Proxy(KRB_CRED kirbi, string targetUser, string targetSPN, string outfile, bool ptt, string domainController = "", string altService = "", KRB_CRED tgs = null, bool opsec = false, string proxyUrl = null, string createnetonly = null, bool show = false)
        {
            Console.WriteLine("[*] Impersonating user '{0}' to target SPN '{1}'", targetUser, targetSPN);
            if (!String.IsNullOrEmpty(altService))
            {
                string[] altSnames = altService.Split(',');
                if (altSnames.Length == 1)
                {
                    Console.WriteLine("[*]   Final ticket will be for the alternate service '{0}'", altService);
                }
                else
                {
                    Console.WriteLine("[*]   Final tickets will be for the alternate services '{0}'", altService);
                }
            }

            // extract out the info needed for the TGS-REQ/S4U2Proxy execution
            string userName = kirbi.enc_part.ticket_info[0].pname.name_string[0];
            string domain   = kirbi.enc_part.ticket_info[0].prealm;
            Ticket ticket   = kirbi.tickets[0];

            byte[]             clientKey = kirbi.enc_part.ticket_info[0].key.keyvalue;
            Interop.KERB_ETYPE etype     = (Interop.KERB_ETYPE)kirbi.enc_part.ticket_info[0].key.keytype;

            Console.WriteLine("[*] Building S4U2proxy request for service: '{0}'", targetSPN);
            TGS_REQ s4u2proxyReq = new TGS_REQ(!opsec);

            s4u2proxyReq.req_body.kdcOptions = s4u2proxyReq.req_body.kdcOptions | Interop.KdcOptions.CONSTRAINED_DELEGATION;

            s4u2proxyReq.req_body.realm = domain;

            string[] parts      = targetSPN.Split('/');
            string   serverName = parts[parts.Length - 1];

            s4u2proxyReq.req_body.sname.name_type = Interop.PRINCIPAL_TYPE.NT_SRV_INST;
            foreach (string part in parts)
            {
                s4u2proxyReq.req_body.sname.name_string.Add(part);
            }

            // supported encryption types
            s4u2proxyReq.req_body.etypes.Add(Interop.KERB_ETYPE.aes128_cts_hmac_sha1);
            s4u2proxyReq.req_body.etypes.Add(Interop.KERB_ETYPE.aes256_cts_hmac_sha1);
            s4u2proxyReq.req_body.etypes.Add(Interop.KERB_ETYPE.rc4_hmac);

            // add in the ticket from the S4U2self response
            s4u2proxyReq.req_body.additional_tickets.Add(tgs.tickets[0]);

            // needed for authenticator checksum
            byte[] cksum_Bytes = null;

            // the rest of the opsec changes
            if (opsec)
            {
                // remove renewableok and add canonicalize
                s4u2proxyReq.req_body.kdcOptions = s4u2proxyReq.req_body.kdcOptions & ~Interop.KdcOptions.RENEWABLEOK;
                s4u2proxyReq.req_body.kdcOptions = s4u2proxyReq.req_body.kdcOptions | Interop.KdcOptions.CANONICALIZE;

                // 15 minutes in the future like genuine requests
                DateTime till = DateTime.Now;
                till = till.AddMinutes(15);
                s4u2proxyReq.req_body.till = till;

                // extra etypes
                s4u2proxyReq.req_body.etypes.Add(Interop.KERB_ETYPE.rc4_hmac_exp);
                s4u2proxyReq.req_body.etypes.Add(Interop.KERB_ETYPE.old_exp);

                // get hostname and hostname of SPN
                string hostName = Dns.GetHostName().ToUpper();
                string targetHostName;
                if (parts.Length > 1)
                {
                    targetHostName = parts[1].Substring(0, parts[1].IndexOf('.')).ToUpper();
                }
                else
                {
                    targetHostName = hostName;
                }

                // create enc-authorization-data if target host is not the local machine
                if (hostName != targetHostName)
                {
                    // authdata requires key and etype from tgs
                    byte[]             tgsKey   = tgs.enc_part.ticket_info[0].key.keyvalue;
                    Interop.KERB_ETYPE tgsEtype = (Interop.KERB_ETYPE)tgs.enc_part.ticket_info[0].key.keytype;

                    ADIfRelevant       ifrelevant   = new ADIfRelevant();
                    ADRestrictionEntry restrictions = new ADRestrictionEntry();
                    ADKerbLocal        kerbLocal    = new ADKerbLocal();
                    ifrelevant.ADData.Add(restrictions);
                    ifrelevant.ADData.Add(kerbLocal);
                    AsnElt authDataSeq = ifrelevant.Encode();
                    authDataSeq = AsnElt.Make(AsnElt.SEQUENCE, authDataSeq);
                    byte[] authorizationDataBytes = authDataSeq.Encode();
                    byte[] enc_authorization_data = Crypto.KerberosEncrypt(tgsEtype, Interop.KRB_KEY_USAGE_TGS_REQ_ENC_AUTHOIRZATION_DATA, tgsKey, authorizationDataBytes);
                    s4u2proxyReq.req_body.enc_authorization_data = new EncryptedData((Int32)tgsEtype, enc_authorization_data);
                }

                // encode req_body for authenticator cksum
                AsnElt req_Body_ASN    = s4u2proxyReq.req_body.Encode();
                AsnElt req_Body_ASNSeq = AsnElt.Make(AsnElt.SEQUENCE, new[] { req_Body_ASN });
                req_Body_ASNSeq = AsnElt.MakeImplicit(AsnElt.CONTEXT, 4, req_Body_ASNSeq);
                byte[] req_Body_Bytes = req_Body_ASNSeq.CopyValue();
                cksum_Bytes = Crypto.KerberosChecksum(clientKey, req_Body_Bytes, Interop.KERB_CHECKSUM_ALGORITHM.KERB_CHECKSUM_RSA_MD5);
            }

            // moved to end so we can have the checksum in the authenticator
            PA_DATA padata = new PA_DATA(domain, userName, ticket, clientKey, etype, opsec, cksum_Bytes);

            s4u2proxyReq.padata.Add(padata);
            PA_DATA pac_options = new PA_DATA(false, false, false, true);

            s4u2proxyReq.padata.Add(pac_options);

            byte[] s4ubytes = s4u2proxyReq.Encode().Encode();

            byte[] response2 = null;

            if (String.IsNullOrEmpty(proxyUrl))
            {
                string dcIP = Networking.GetDCIP(domainController);
                if (String.IsNullOrEmpty(dcIP))
                {
                    return;
                }

                Console.WriteLine("[*] Sending S4U2proxy request to domain controller {0}:88", dcIP);

                response2 = Networking.SendBytes(dcIP, 88, s4ubytes);
            }
            else
            {
                Console.WriteLine("[*] Sending S4U2proxy request via KDC proxy: {0}", proxyUrl);
                KDC_PROXY_MESSAGE message = new KDC_PROXY_MESSAGE(s4ubytes);
                message.target_domain = domain;
                response2             = Networking.MakeProxyRequest(proxyUrl, message);
            }
            if (response2 == null)
            {
                return;
            }

            // decode the supplied bytes to an AsnElt object
            //  false == ignore trailing garbage
            AsnElt responseAsn = AsnElt.Decode(response2, false);

            // check the response value
            int responseTag = responseAsn.TagValue;

            if (responseTag == (int)Interop.KERB_MESSAGE_TYPE.TGS_REP)
            {
                Console.WriteLine("[+] S4U2proxy success!");

                // parse the response to an TGS-REP
                TGS_REP rep2 = new TGS_REP(responseAsn);

                // https://github.com/gentilkiwi/kekeo/blob/master/modules/asn1/kull_m_kerberos_asn1.h#L62
                byte[]        outBytes2   = Crypto.KerberosDecrypt(etype, 8, clientKey, rep2.enc_part.cipher);
                AsnElt        ae2         = AsnElt.Decode(outBytes2, false);
                EncKDCRepPart encRepPart2 = new EncKDCRepPart(ae2.Sub[0]);

                if (!String.IsNullOrEmpty(altService))
                {
                    string[] altSnames = altService.Split(',');

                    foreach (string altSname in altSnames)
                    {
                        // now build the final KRB-CRED structure with one or more alternate snames
                        KRB_CRED cred = new KRB_CRED();

                        // since we want an alternate sname, first substitute it into the ticket structure
                        rep2.ticket.sname.name_string[0] = altSname;

                        // add the ticket
                        cred.tickets.Add(rep2.ticket);

                        // build the EncKrbCredPart/KrbCredInfo parts from the ticket and the data in the encRepPart

                        KrbCredInfo info = new KrbCredInfo();

                        // [0] add in the session key
                        info.key.keytype  = encRepPart2.key.keytype;
                        info.key.keyvalue = encRepPart2.key.keyvalue;

                        // [1] prealm (domain)
                        info.prealm = encRepPart2.realm;

                        // [2] pname (user)
                        info.pname.name_type   = rep2.cname.name_type;
                        info.pname.name_string = rep2.cname.name_string;

                        // [3] flags
                        info.flags = encRepPart2.flags;

                        // [4] authtime (not required)

                        // [5] starttime
                        info.starttime = encRepPart2.starttime;

                        // [6] endtime
                        info.endtime = encRepPart2.endtime;

                        // [7] renew-till
                        info.renew_till = encRepPart2.renew_till;

                        // [8] srealm
                        info.srealm = encRepPart2.realm;

                        // [9] sname
                        info.sname.name_type   = encRepPart2.sname.name_type;
                        info.sname.name_string = encRepPart2.sname.name_string;

                        // if we want an alternate sname, substitute it into the encrypted portion of the KRB_CRED
                        Console.WriteLine("[*] Substituting alternative service name '{0}'", altSname);
                        info.sname.name_string[0] = altSname;

                        // add the ticket_info into the cred object
                        cred.enc_part.ticket_info.Add(info);

                        byte[] kirbiBytes = cred.Encode().Encode();

                        string kirbiString = Convert.ToBase64String(kirbiBytes);

                        Console.WriteLine("[*] base64(ticket.kirbi) for SPN '{0}/{1}':\r\n", altSname, serverName);

                        if (Rubeus.Program.wrapTickets)
                        {
                            // display the .kirbi base64, columns of 80 chararacters
                            foreach (string line in Helpers.Split(kirbiString, 80))
                            {
                                Console.WriteLine("      {0}", line);
                            }
                        }
                        else
                        {
                            Console.WriteLine("      {0}", kirbiString);
                        }

                        if (!String.IsNullOrEmpty(outfile))
                        {
                            string filename = $"{Helpers.GetBaseFromFilename(outfile)}_{altSname}-{serverName}{Helpers.GetExtensionFromFilename(outfile)}";
                            filename = Helpers.MakeValidFileName(filename);
                            if (Helpers.WriteBytesToFile(filename, kirbiBytes))
                            {
                                Console.WriteLine("\r\n[*] Ticket written to {0}\r\n", filename);
                            }
                        }

                        if (ptt)
                        {
                            // pass-the-ticket -> import into LSASS
                            ImportTicket(kirbiBytes, createnetonly, show);
                        }
                    }
                }
                else
                {
                    // now build the final KRB-CRED structure, no alternate snames
                    KRB_CRED cred = new KRB_CRED();

                    // if we want an alternate sname, first substitute it into the ticket structure
                    if (!String.IsNullOrEmpty(altService))
                    {
                        rep2.ticket.sname.name_string[0] = altService;
                    }

                    // add the ticket
                    cred.tickets.Add(rep2.ticket);

                    // build the EncKrbCredPart/KrbCredInfo parts from the ticket and the data in the encRepPart

                    KrbCredInfo info = new KrbCredInfo();

                    // [0] add in the session key
                    info.key.keytype  = encRepPart2.key.keytype;
                    info.key.keyvalue = encRepPart2.key.keyvalue;

                    // [1] prealm (domain)
                    info.prealm = encRepPart2.realm;

                    // [2] pname (user)
                    info.pname.name_type   = rep2.cname.name_type;
                    info.pname.name_string = rep2.cname.name_string;

                    // [3] flags
                    info.flags = encRepPart2.flags;

                    // [4] authtime (not required)

                    // [5] starttime
                    info.starttime = encRepPart2.starttime;

                    // [6] endtime
                    info.endtime = encRepPart2.endtime;

                    // [7] renew-till
                    info.renew_till = encRepPart2.renew_till;

                    // [8] srealm
                    info.srealm = encRepPart2.realm;

                    // [9] sname
                    info.sname.name_type   = encRepPart2.sname.name_type;
                    info.sname.name_string = encRepPart2.sname.name_string;

                    // add the ticket_info into the cred object
                    cred.enc_part.ticket_info.Add(info);

                    byte[] kirbiBytes = cred.Encode().Encode();

                    string kirbiString = Convert.ToBase64String(kirbiBytes);

                    Console.WriteLine("[*] base64(ticket.kirbi) for SPN '{0}':\r\n", targetSPN);

                    if (Rubeus.Program.wrapTickets)
                    {
                        // display the .kirbi base64, columns of 80 chararacters
                        foreach (string line in Helpers.Split(kirbiString, 80))
                        {
                            Console.WriteLine("      {0}", line);
                        }
                    }
                    else
                    {
                        Console.WriteLine("      {0}", kirbiString);
                    }

                    if (!String.IsNullOrEmpty(outfile))
                    {
                        string filename = $"{Helpers.GetBaseFromFilename(outfile)}_{targetSPN}{Helpers.GetExtensionFromFilename(outfile)}";
                        filename = Helpers.MakeValidFileName(filename);
                        if (Helpers.WriteBytesToFile(filename, kirbiBytes))
                        {
                            Console.WriteLine("\r\n[*] Ticket written to {0}\r\n", filename);
                        }
                    }

                    if (ptt)
                    {
                        // pass-the-ticket -> import into LSASS
                        ImportTicket(kirbiBytes, createnetonly, show);
                    }
                }
            }
            else if (responseTag == (int)Interop.KERB_MESSAGE_TYPE.ERROR)
            {
                // parse the response to an KRB-ERROR
                KRB_ERROR error = new KRB_ERROR(responseAsn.Sub[0]);
                Console.WriteLine("\r\n[X] KRB-ERROR ({0}) : {1}\r\n", error.error_code, (Interop.KERBEROS_ERROR)error.error_code);
            }
            else
            {
                Console.WriteLine("\r\n[X] Unknown application tag: {0}", responseTag);
            }
        }
Beispiel #7
0
    /*
     * Create an instance by decoding the provided object.
     * This constructor assumes ASN.1 DER encoding (not Base64,
     * not PEM).
     *
     * On decoding error, an AsnException is thrown.
     */
    public X509Cert(byte[] cert)
    {
        /*
         * Compute thumbprint.
         */
        thumbprint = M.DoSHA1(cert).ToUpperInvariant();

        /*
         * Outer layer decoding and extraction of the signature
         * hash algorithm.
         */
        AsnElt ac = AsnElt.Decode(cert);

        ac.CheckTag(AsnElt.SEQUENCE);
        ac.CheckNumSub(3);
        hashAlgorithm = GetSignHashName(
            new AlgorithmIdentifier(ac.GetSub(1)));

        /*
         * TBS exploration. First field is optional; if present,
         * it contains the certificate version.
         */
        AsnElt atbs = ac.GetSub(0);

        atbs.CheckNumSubMin(6);
        atbs.CheckNumSubMax(10);
        int off = 0;

        if (atbs.GetSub(0).TagValue == 0)
        {
            off++;
        }

        /*
         * Serial numer: nominally an INTEGER, we extract the
         * raw bytes, because some CA wrongly use unsigned
         * encoding.
         */
        AsnElt aserial = atbs.GetSub(off);

        aserial.CheckTag(AsnElt.INTEGER);
        byte[] sv  = aserial.CopyValue();
        int    svk = 0;

        while (svk < sv.Length && sv[svk] == 0)
        {
            svk++;
        }
        if (svk == sv.Length)
        {
            serialHex = "00";
        }
        else
        {
            StringBuilder sb = new StringBuilder();
            while (svk < sv.Length)
            {
                sb.AppendFormat("{0:X2}", sv[svk++]);
            }
            serialHex = sb.ToString();
        }

        /*
         * Issuer and subject DN.
         */
        issuerDN  = new X500Name(atbs.GetSub(off + 2));
        subjectDN = new X500Name(atbs.GetSub(off + 4));

        /*
         * Validity dates.
         */
        AsnElt adates = atbs.GetSub(off + 3);

        adates.CheckTag(AsnElt.SEQUENCE);
        adates.CheckNumSub(2);
        validFrom = adates.GetSub(0).GetTime();
        validTo   = adates.GetSub(1).GetTime();

        /*
         * Public key.
         */
        AsnElt aspki = atbs.GetSub(off + 5);

        aspki.CheckTag(AsnElt.SEQUENCE);
        aspki.CheckNumSub(2);
        AlgorithmIdentifier kt =
            new AlgorithmIdentifier(aspki.GetSub(0));
        AsnElt aktp = kt.Parameters;
        AsnElt apkv = aspki.GetSub(1);

        apkv.CheckTag(AsnElt.BIT_STRING);
        byte[] kv = apkv.GetBitString();
        curveOID = null;
        keyType  = "UNKNOWN";
        keySize  = 0;
        switch (kt.OID)
        {
        /*
         * RSA public keys should use the 'rsaEncryption' OID,
         * but some are tagged with the OAEP or the PSS OID,
         * to somehow specify that the RSA key should be used
         * only with OAEP or PSS.
         */
        case "1.2.840.113549.1.1.1":
        case "1.2.840.113549.1.1.7":
        case "1.2.840.113549.1.1.10":
            keyType = "RSA";
            keySize = GetRSAPublicKeySize(kv);
            break;

        /*
         * All DSA public keys should use that OID.
         */
        case "1.2.840.10040.4.1":
            keyType = "DSA";
            keySize = GetDSAPublicKeySize(aktp);
            break;

        /*
         * Elliptic curve keys.
         * We only support "normal" elliptic curve keys, not
         * restricted keys.
         * We only supported named curves (RFC 5480 forbids
         * explicit curve parameters).
         */
        case "1.2.840.10045.2.1":
            if (aktp == null)
            {
                break;
            }
            if (aktp.TagClass != AsnElt.UNIVERSAL ||
                aktp.TagValue != AsnElt.OBJECT_IDENTIFIER)
            {
                break;
            }
            keyType  = "EC";
            curveOID = aktp.GetOID();
            keySize  = GetCurveSize(curveOID);
            break;

            /* TODO: GOST R 34.10-94 and GOST R 34.10-2001 */
        }

        /*
         * If there are extensions, process them.
         * extract the dNSNames.
         */
        serverNames = null;
        extensions  = new SortedDictionary <string, Extension>(
            StringComparer.Ordinal);

        for (int i = off + 6; i < atbs.Sub.Length; i++)
        {
            AsnElt aexts = atbs.GetSub(i);
            if (aexts.TagClass != AsnElt.CONTEXT ||
                aexts.TagValue != 3)
            {
                continue;
            }
            aexts.CheckNumSub(1);
            aexts = aexts.GetSub(0);
            aexts.CheckTag(AsnElt.SEQUENCE);
            foreach (AsnElt aext in aexts.Sub)
            {
                aext.CheckTag(AsnElt.SEQUENCE);
                aext.CheckNumSubMin(2);
                aext.CheckNumSubMax(3);
                AsnElt aoid = aext.GetSub(0);
                aoid.CheckTag(AsnElt.OBJECT_IDENTIFIER);
                string oid = aoid.GetOID();
                AsnElt av;
                bool   critical = false;
                if (aext.Sub.Length == 2)
                {
                    av = aext.GetSub(1);
                }
                else
                {
                    AsnElt acrit = aext.GetSub(1);
                    acrit.CheckTag(AsnElt.BOOLEAN);
                    critical = acrit.GetBoolean();
                    av       = aext.GetSub(2);
                }
                av.CheckTag(AsnElt.OCTET_STRING);
                Extension ext = new Extension(
                    oid, critical, av.CopyValue());
                if (extensions.ContainsKey(oid))
                {
                    throw new AsnException(
                              "duplicate extension " + oid);
                }
                extensions[oid] = ext;
                ProcessExtension(ext);
            }
        }

        /*
         * If there was no SAN, or no dNSName in the SAN, then
         * get the Common Name from the subjectDN.
         */
        string cn = null;

        foreach (DNPart dnp in subjectDN.Parts)
        {
            if (dnp.FriendlyType == DNPart.COMMON_NAME)
            {
                if (cn != null)
                {
                    throw new AsnException(
                              "multiple CN in subject DN");
                }
                cn = dnp.Value;
            }
        }
        if (serverNames == null)
        {
            if (cn == null)
            {
                serverNames = new string[0];
            }
            else
            {
                serverNames = new string[] { cn };
            }
        }
    }
Beispiel #8
0
        public static byte[] NewTGSReq(string userName, string domain, string sname, Ticket providedTicket, byte[] clientKey, Interop.KERB_ETYPE paEType, Interop.KERB_ETYPE requestEType = Interop.KERB_ETYPE.subkey_keymaterial, bool renew = false, string s4uUser = "", bool enterprise = false, bool roast = false, bool opsec = false, bool unconstrained = false)
        {
            TGS_REQ req = new TGS_REQ(!opsec);

            if (!opsec)
            {
                // set the username
                req.req_body.cname.name_string.Add(userName);
            }

            // get domain from service for cross domain requests
            // if not requesting a cross domain TGT (krbtgt)
            string targetDomain = "";

            string[] parts = sname.Split('/');
            if (!(roast) && (parts.Length > 1) && (parts[0] != "krbtgt"))
            {
                targetDomain = parts[1].Substring(parts[1].IndexOf('.') + 1);
            }
            else
            {
                targetDomain = domain;
            }

            // the realm (domain) the user exists in
            req.req_body.realm = targetDomain.ToUpper();

            // add in our encryption types
            if (requestEType == Interop.KERB_ETYPE.subkey_keymaterial)
            {
                // normal behavior
                req.req_body.etypes.Add(Interop.KERB_ETYPE.aes256_cts_hmac_sha1);
                req.req_body.etypes.Add(Interop.KERB_ETYPE.aes128_cts_hmac_sha1);
                req.req_body.etypes.Add(Interop.KERB_ETYPE.rc4_hmac);
                req.req_body.etypes.Add(Interop.KERB_ETYPE.rc4_hmac_exp);
                //req.req_body.etypes.Add(Interop.KERB_ETYPE.des_cbc_crc);
            }
            // real traffic have these etypes except when requesting a TGT, then only
            else if ((opsec) && (parts.Length > 1) && (parts[0] != "krbtgt"))
            {
                req.req_body.etypes.Add(Interop.KERB_ETYPE.aes256_cts_hmac_sha1);
                req.req_body.etypes.Add(Interop.KERB_ETYPE.aes128_cts_hmac_sha1);
                req.req_body.etypes.Add(Interop.KERB_ETYPE.rc4_hmac);
                req.req_body.etypes.Add(Interop.KERB_ETYPE.rc4_hmac_exp);
                req.req_body.etypes.Add(Interop.KERB_ETYPE.old_exp);
            }
            else
            {
                // add in the supported etype specified
                req.req_body.etypes.Add(requestEType);
            }

            if (!String.IsNullOrEmpty(s4uUser))
            {
                // constrained delegation yo'
                req.req_body.sname.name_type = Interop.PRINCIPAL_TYPE.NT_PRINCIPAL;
                req.req_body.sname.name_string.Add(userName);

                if (!opsec)
                {
                    req.req_body.kdcOptions = req.req_body.kdcOptions | Interop.KdcOptions.ENCTKTINSKEY;
                }

                if (opsec)
                {
                    req.req_body.etypes.Add(Interop.KERB_ETYPE.old_exp);
                }
            }
            else
            {
                if (enterprise)
                {
                    // KRB_NT-ENTERPRISE = 10
                    //      userPrincipalName
                    //      sAMAccountName
                    //      sAMAccountName@DomainNetBIOSName
                    //      sAMAccountName@DomainFQDN
                    //      DomainNetBIOSName\sAMAccountName
                    //      DomainFQDN\sAMAccountName
                    req.req_body.sname.name_type = Interop.PRINCIPAL_TYPE.NT_ENTERPRISE;
                    req.req_body.sname.name_string.Add(sname);
                    req.req_body.kdcOptions = req.req_body.kdcOptions | Interop.KdcOptions.CANONICALIZE;
                }
                else if (parts.Length == 1)
                {
                    // KRB_NT_SRV_INST = 2
                    //      service and other unique instance (e.g. krbtgt)
                    req.req_body.sname.name_type = Interop.PRINCIPAL_TYPE.NT_SRV_INST;
                    req.req_body.sname.name_string.Add(sname);
                    req.req_body.sname.name_string.Add(domain);
                }
                else if (parts.Length == 2)
                {
                    // KRB_NT_SRV_INST = 2
                    //      SPN (sname/server.domain.com)
                    req.req_body.sname.name_type = Interop.PRINCIPAL_TYPE.NT_SRV_INST;
                    req.req_body.sname.name_string.Add(parts[0]);
                    req.req_body.sname.name_string.Add(parts[1]);
                }
                else if (parts.Length == 3)
                {
                    // KRB_NT_SRV_HST = 3
                    //      SPN (sname/server.domain.com/blah)
                    req.req_body.sname.name_type = Interop.PRINCIPAL_TYPE.NT_SRV_HST;
                    req.req_body.sname.name_string.Add(parts[0]);
                    req.req_body.sname.name_string.Add(parts[1]);
                    req.req_body.sname.name_string.Add(parts[2]);
                }
                else
                {
                    Console.WriteLine("[X] Error: invalid TGS_REQ sname '{0}'", sname);
                }
            }

            if (renew)
            {
                req.req_body.kdcOptions = req.req_body.kdcOptions | Interop.KdcOptions.RENEW;
            }

            // needed for authenticator checksum
            byte[] cksum_Bytes = null;

            // opsec complete the request body before the creation of the AP-REQ
            if (opsec)
            {
                // set correct flags based on type of request
                req.req_body.kdcOptions = req.req_body.kdcOptions | Interop.KdcOptions.CANONICALIZE;
                if (!unconstrained)
                {
                    req.req_body.kdcOptions = req.req_body.kdcOptions & ~Interop.KdcOptions.RENEWABLEOK;
                }
                if (unconstrained)
                {
                    req.req_body.kdcOptions = req.req_body.kdcOptions | Interop.KdcOptions.FORWARDED;
                }

                // get hostname and hostname of SPN
                string hostName = Dns.GetHostName().ToUpper();
                string targetHostName;
                if (parts.Length > 1)
                {
                    targetHostName = parts[1].Substring(0, parts[1].IndexOf('.')).ToUpper();
                }
                else
                {
                    targetHostName = hostName;
                }

                // create enc-authorization-data if target host is not the local machine
                if ((hostName != targetHostName) && String.IsNullOrEmpty(s4uUser) && (!unconstrained))
                {
                    List <AuthorizationData> tmp          = new List <AuthorizationData>();
                    AuthorizationData        restrictions = new AuthorizationData(Interop.AuthorizationDataType.KERB_AUTH_DATA_TOKEN_RESTRICTIONS);
                    AuthorizationData        kerbLocal    = new AuthorizationData(Interop.AuthorizationDataType.KERB_LOCAL);
                    tmp.Add(restrictions);
                    tmp.Add(kerbLocal);
                    AuthorizationData authorizationData      = new AuthorizationData(tmp);
                    byte[]            authorizationDataBytes = authorizationData.Encode().Encode();
                    byte[]            enc_authorization_data = Crypto.KerberosEncrypt(requestEType, Interop.KRB_KEY_USAGE_TGS_REQ_ENC_AUTHOIRZATION_DATA, clientKey, authorizationDataBytes);
                    req.req_body.enc_authorization_data = new EncryptedData((Int32)requestEType, enc_authorization_data);
                }

                // S4U requests have a till time of 15 minutes in the future
                if (!String.IsNullOrEmpty(s4uUser))
                {
                    DateTime till = DateTime.Now;
                    till = till.AddMinutes(15);
                    req.req_body.till = till;
                }

                // encode req_body for authenticator cksum
                AsnElt req_Body_ASN    = req.req_body.Encode();
                AsnElt req_Body_ASNSeq = AsnElt.Make(AsnElt.SEQUENCE, new[] { req_Body_ASN });
                req_Body_ASNSeq = AsnElt.MakeImplicit(AsnElt.CONTEXT, 4, req_Body_ASNSeq);
                byte[] req_Body_Bytes = req_Body_ASNSeq.CopyValue();
                cksum_Bytes = Crypto.KerberosChecksum(clientKey, req_Body_Bytes, Interop.KERB_CHECKSUM_ALGORITHM.KERB_CHECKSUM_RSA_MD5);
            }

            // create the PA-DATA that contains the AP-REQ w/ appropriate authenticator/etc.
            PA_DATA padata = new PA_DATA(domain, userName, providedTicket, clientKey, paEType, opsec, cksum_Bytes);

            req.padata.Add(padata);

            // moved so all PA-DATA sections are inserted after the request body has been completed, this is useful when
            // forming opsec requests as they require a checksum of the request body within the authenticator and the
            // PADATA-TGS-REQ should go before the other PA-DATA sections
            if (opsec && (!String.IsNullOrEmpty(s4uUser)))
            {
                // real packets seem to lowercase the domain in these 2 PA_DATA's
                domain = domain.ToLower();

                // PA_S4U_X509_USER commented out until we get the checksum working
                //PA_DATA s4upadata = new PA_DATA(clientKey, s4uUser, domain, req.req_body.nonce);
                //req.padata.Add(s4upadata);
            }

            // add final S4U PA-DATA
            if (!String.IsNullOrEmpty(s4uUser))
            {
                // constrained delegation yo'
                PA_DATA s4upadata = new PA_DATA(clientKey, s4uUser, domain);
                req.padata.Add(s4upadata);
            }
            else if (opsec)
            {
                PA_DATA padataoptions = new PA_DATA(false, true, false, false);
                req.padata.Add(padataoptions);
            }

            return(req.Encode().Encode());
        }
Beispiel #9
0
    static void Parse(TextWriter tw, int depth, AsnElt ae)
    {
        Indent(tw, depth);
        tw.Write("(");
        switch (ae.TagClass)
        {
        case AsnElt.APPLICATION:
            tw.Write("[application " + ae.TagValue + "]");
            break;

        case AsnElt.CONTEXT:
            tw.Write("[" + ae.TagValue + "]");
            break;

        case AsnElt.PRIVATE:
            tw.Write("[private " + ae.TagValue + "]");
            break;

        default:
            switch (ae.TagValue)
            {
            case AsnElt.BOOLEAN:
                tw.Write("bool " + ae.GetBoolean() + ")");
                return;

            case AsnElt.INTEGER:
                tw.Write("int " + ae.GetIntegerHex() + ")");
                return;

            case AsnElt.BIT_STRING:
                int    bitLen;
                byte[] bs = ae.GetBitString(out bitLen);
                tw.Write("bits "
                         + (bs.Length * 8 - bitLen));
                PrintBytes(tw, depth, bs);
                tw.Write(")");
                return;

            case AsnElt.OCTET_STRING:
                tw.Write("blob");
                PrintBytes(tw, depth, ae.CopyValue());
                tw.Write(")");
                return;

            case AsnElt.NULL:
                ae.CheckNull();
                tw.Write("null)");
                return;

            case AsnElt.OBJECT_IDENTIFIER:
                string oid = ae.GetOID();
                if (!numOID)
                {
                    oid = AsnOID.ToName(oid);
                }
                tw.Write("oid " + oid + ")");
                return;

            case AsnElt.NumericString:
                tw.Write("numeric "
                         + EscapeString(ae.GetString()) + ")");
                return;

            case AsnElt.PrintableString:
                tw.Write("printable "
                         + EscapeString(ae.GetString()) + ")");
                return;

            case AsnElt.IA5String:
                tw.Write("ia5 "
                         + EscapeString(ae.GetString()) + ")");
                return;

            case AsnElt.TeletexString:
                tw.Write("teletex "
                         + EscapeString(ae.GetString()) + ")");
                return;

            case AsnElt.UTF8String:
                tw.Write("utf8 "
                         + EscapeString(ae.GetString()) + ")");
                return;

            case AsnElt.BMPString:
                tw.Write("bmp "
                         + EscapeString(ae.GetString()) + ")");
                return;

            case AsnElt.UniversalString:
                tw.Write("utf32 "
                         + EscapeString(ae.GetString()) + ")");
                return;

            case AsnElt.UTCTime:
                tw.Write("utc "
                         + EscapeString(ae.GetString())
                         + " {" + ae.GetTime() + "} )");
                return;

            case AsnElt.GeneralizedTime:
                tw.Write("gentime "
                         + EscapeString(ae.GetString())
                         + " {" + ae.GetTime() + "} )");
                return;

            case AsnElt.SEQUENCE:
                if (!ae.Constructed)
                {
                    throw new AsnException(
                              "Non-constructed SEQUENCE");
                }
                tw.Write("sequence");
                ParseSubs(tw, depth, ae);
                tw.Write(")");
                return;

            case AsnElt.SET:
                if (!ae.Constructed)
                {
                    throw new AsnException(
                              "Non-constructed SET");
                }
                tw.Write("set");
                ParseSubs(tw, depth, ae);
                tw.Write(")");
                return;

            default:
                tw.Write(
                    "[universal " + ae.TagValue + "]");
                break;
            }
            break;
        }
        if (ae.Constructed)
        {
            tw.Write("sequence");
            ParseSubs(tw, depth, ae);
            tw.Write(")");
        }
        else
        {
            tw.Write("blob");
            PrintBytes(tw, depth, ae.CopyValue());
            tw.Write(")");
        }
    }