本文整理汇总了Python中impacket.krb5.crypto.Key方法的典型用法代码示例。如果您正苦于以下问题:Python crypto.Key方法的具体用法?Python crypto.Key怎么用?Python crypto.Key使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类impacket.krb5.crypto的用法示例。
在下文中一共展示了crypto.Key方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: toTGT
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def toTGT(self):
tgt_rep = AS_REP()
tgt_rep['pvno'] = 5
tgt_rep['msg-type'] = int(constants.ApplicationTagNumbers.AS_REP.value)
tgt_rep['crealm'] = self['server'].realm['data']
# Fake EncryptedData
tgt_rep['enc-part'] = None
tgt_rep['enc-part']['etype'] = 1
tgt_rep['enc-part']['cipher'] = ''
seq_set(tgt_rep, 'cname', self['client'].toPrincipal().components_to_asn1)
ticket = types.Ticket()
ticket.from_asn1(self.ticket['data'])
seq_set(tgt_rep,'ticket', ticket.to_asn1)
cipher = crypto._enctype_table[self['key']['keytype']]()
tgt = dict()
tgt['KDC_REP'] = encoder.encode(tgt_rep)
tgt['cipher'] = cipher
tgt['sessionKey'] = crypto.Key(cipher.enctype, str(self['key']['keyvalue']))
return tgt 示例2: DecryptAttributeValue
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def DecryptAttributeValue(dce, attribute):
sessionKey = dce.get_session_key()
# Is it a Kerberos Session Key?
if isinstance(sessionKey, crypto.Key):
# Extract its contents and move on
sessionKey = sessionKey.contents
encryptedPayload = ENCRYPTED_PAYLOAD(attribute)
md5 = hashlib.new('md5')
md5.update(sessionKey)
md5.update(encryptedPayload['Salt'])
finalMD5 = md5.digest()
cipher = ARC4.new(finalMD5)
plainText = cipher.decrypt(attribute[16:])
#chkSum = (binascii.crc32(plainText[4:])) & 0xffffffff
#if unpack('<L',plainText[:4])[0] != chkSum:
# print "RECEIVED 0x%x" % unpack('<L',plainText[:4])[0]
# print "CALCULATED 0x%x" % chkSum
return plainText[4:]
# 5.16.4 ATTRTYP-to-OID Conversion 示例3: toTGT
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def toTGT(self):
tgt_rep = AS_REP()
tgt_rep['pvno'] = 5
tgt_rep['msg-type'] = int(constants.ApplicationTagNumbers.AS_REP.value)
tgt_rep['crealm'] = self['server'].realm['data']
# Fake EncryptedData
tgt_rep['enc-part'] = noValue
tgt_rep['enc-part']['etype'] = 1
tgt_rep['enc-part']['cipher'] = ''
seq_set(tgt_rep, 'cname', self['client'].toPrincipal().components_to_asn1)
ticket = types.Ticket()
ticket.from_asn1(self.ticket['data'])
seq_set(tgt_rep,'ticket', ticket.to_asn1)
cipher = crypto._enctype_table[self['key']['keytype']]()
tgt = dict()
tgt['KDC_REP'] = encoder.encode(tgt_rep)
tgt['cipher'] = cipher
tgt['sessionKey'] = crypto.Key(cipher.enctype, str(self['key']['keyvalue']))
return tgt 示例4: toTGT
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def toTGT(self):
tgt_rep = AS_REP()
tgt_rep['pvno'] = 5
tgt_rep['msg-type'] = int(constants.ApplicationTagNumbers.AS_REP.value)
tgt_rep['crealm'] = self['server'].realm['data']
# Fake EncryptedData
tgt_rep['enc-part'] = noValue
tgt_rep['enc-part']['etype'] = 1
tgt_rep['enc-part']['cipher'] = ''
seq_set(tgt_rep, 'cname', self['client'].toPrincipal().components_to_asn1)
ticket = types.Ticket()
ticket.from_asn1(self.ticket['data'])
seq_set(tgt_rep,'ticket', ticket.to_asn1)
cipher = crypto._enctype_table[self['key']['keytype']]()
tgt = dict()
tgt['KDC_REP'] = encoder.encode(tgt_rep)
tgt['cipher'] = cipher
tgt['sessionKey'] = crypto.Key(cipher.enctype, self['key']['keyvalue'])
return tgt 示例5: toTGT
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def toTGT(self):
tgt_rep = AS_REP()
tgt_rep['pvno'] = 5
tgt_rep['msg-type'] = int(constants.ApplicationTagNumbers.AP_REP.value)
tgt_rep['crealm'] = self['server'].realm['data']
# Fake EncryptedData
tgt_rep['enc-part'] = None
tgt_rep['enc-part']['etype'] = 1
tgt_rep['enc-part']['cipher'] = ''
seq_set(tgt_rep, 'cname', self['client'].toPrincipal().components_to_asn1)
ticket = types.Ticket()
ticket.from_asn1(self.ticket['data'])
seq_set(tgt_rep,'ticket', ticket.to_asn1)
cipher = crypto._enctype_table[self['key']['keytype']]()
tgt = dict()
tgt['KDC_REP'] = encoder.encode(tgt_rep)
tgt['cipher'] = cipher
tgt['sessionKey'] = crypto.Key(cipher.enctype, str(self['key']['keyvalue']))
return tgt 示例6: toTGS
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def toTGS(self):
tgs_rep = TGS_REP()
tgs_rep['pvno'] = 5
tgs_rep['msg-type'] = int(constants.ApplicationTagNumbers.TGS_REP.value)
tgs_rep['crealm'] = self['server'].realm['data']
# Fake EncryptedData
tgs_rep['enc-part'] = None
tgs_rep['enc-part']['etype'] = 1
tgs_rep['enc-part']['cipher'] = ''
seq_set(tgs_rep, 'cname', self['client'].toPrincipal().components_to_asn1)
ticket = types.Ticket()
ticket.from_asn1(self.ticket['data'])
seq_set(tgs_rep,'ticket', ticket.to_asn1)
cipher = crypto._enctype_table[self['key']['keytype']]()
tgs = dict()
tgs['KDC_REP'] = encoder.encode(tgs_rep)
tgs['cipher'] = cipher
tgs['sessionKey'] = crypto.Key(cipher.enctype, str(self['key']['keyvalue']))
return tgs 示例7: prettyPrint
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def prettyPrint(self):
return "Key: (0x%x)%s" % (self['keytype'], hexlify(self['keyvalue'])) 示例8: toTGS
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def toTGS(self, newSPN=None):
tgs_rep = TGS_REP()
tgs_rep['pvno'] = 5
tgs_rep['msg-type'] = int(constants.ApplicationTagNumbers.TGS_REP.value)
tgs_rep['crealm'] = self['server'].realm['data']
# Fake EncryptedData
tgs_rep['enc-part'] = None
tgs_rep['enc-part']['etype'] = 1
tgs_rep['enc-part']['cipher'] = ''
seq_set(tgs_rep, 'cname', self['client'].toPrincipal().components_to_asn1)
ticket = types.Ticket()
ticket.from_asn1(self.ticket['data'])
if newSPN is not None:
if newSPN.upper() != str(ticket.service_principal).upper():
LOG.debug('Changing sname from %s to %s and hoping for the best' % (ticket.service_principal, newSPN) )
ticket.service_principal = types.Principal(newSPN, type=int(ticket.service_principal.type))
seq_set(tgs_rep,'ticket', ticket.to_asn1)
cipher = crypto._enctype_table[self['key']['keytype']]()
tgs = dict()
tgs['KDC_REP'] = encoder.encode(tgs_rep)
tgs['cipher'] = cipher
tgs['sessionKey'] = crypto.Key(cipher.enctype, str(self['key']['keyvalue']))
return tgs 示例9: deriveKey
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def deriveKey(baseKey):
# 2.2.11.1.3 Deriving Key1 and Key2 from a Little-Endian, Unsigned Integer Key
# Let I be the little-endian, unsigned integer.
# Let I[X] be the Xth byte of I, where I is interpreted as a zero-base-index array of bytes.
# Note that because I is in little-endian byte order, I[0] is the least significant byte.
# Key1 is a concatenation of the following values: I[0], I[1], I[2], I[3], I[0], I[1], I[2].
# Key2 is a concatenation of the following values: I[3], I[0], I[1], I[2], I[3], I[0], I[1]
key = pack('<L',baseKey)
key1 = key[0] + key[1] + key[2] + key[3] + key[0] + key[1] + key[2]
key2 = key[3] + key[0] + key[1] + key[2] + key[3] + key[0] + key[1]
return transformKey(key1),transformKey(key2) 示例10: toTGS
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def toTGS(self, newSPN=None):
tgs_rep = TGS_REP()
tgs_rep['pvno'] = 5
tgs_rep['msg-type'] = int(constants.ApplicationTagNumbers.TGS_REP.value)
tgs_rep['crealm'] = self['server'].realm['data']
# Fake EncryptedData
tgs_rep['enc-part'] = noValue
tgs_rep['enc-part']['etype'] = 1
tgs_rep['enc-part']['cipher'] = ''
seq_set(tgs_rep, 'cname', self['client'].toPrincipal().components_to_asn1)
ticket = types.Ticket()
ticket.from_asn1(self.ticket['data'])
if newSPN is not None:
if newSPN.upper() != str(ticket.service_principal).upper():
LOG.debug('Changing sname from %s to %s and hoping for the best' % (ticket.service_principal, newSPN) )
ticket.service_principal = types.Principal(newSPN, type=int(ticket.service_principal.type))
seq_set(tgs_rep,'ticket', ticket.to_asn1)
cipher = crypto._enctype_table[self['key']['keytype']]()
tgs = dict()
tgs['KDC_REP'] = encoder.encode(tgs_rep)
tgs['cipher'] = cipher
tgs['sessionKey'] = crypto.Key(cipher.enctype, str(self['key']['keyvalue']))
return tgs 示例11: toTGS
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def toTGS(self, newSPN=None):
tgs_rep = TGS_REP()
tgs_rep['pvno'] = 5
tgs_rep['msg-type'] = int(constants.ApplicationTagNumbers.TGS_REP.value)
tgs_rep['crealm'] = self['server'].realm['data']
# Fake EncryptedData
tgs_rep['enc-part'] = noValue
tgs_rep['enc-part']['etype'] = 1
tgs_rep['enc-part']['cipher'] = ''
seq_set(tgs_rep, 'cname', self['client'].toPrincipal().components_to_asn1)
ticket = types.Ticket()
ticket.from_asn1(self.ticket['data'])
if newSPN is not None:
if newSPN.upper() != str(ticket.service_principal).upper():
LOG.debug('Changing sname from %s to %s and hoping for the best' % (ticket.service_principal, newSPN) )
ticket.service_principal = types.Principal(newSPN, type=int(ticket.service_principal.type))
seq_set(tgs_rep,'ticket', ticket.to_asn1)
cipher = crypto._enctype_table[self['key']['keytype']]()
tgs = dict()
tgs['KDC_REP'] = encoder.encode(tgs_rep)
tgs['cipher'] = cipher
tgs['sessionKey'] = crypto.Key(cipher.enctype, self['key']['keyvalue'])
return tgs 示例12: deriveKey
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def deriveKey(baseKey):
# 2.2.11.1.3 Deriving Key1 and Key2 from a Little-Endian, Unsigned Integer Key
# Let I be the little-endian, unsigned integer.
# Let I[X] be the Xth byte of I, where I is interpreted as a zero-base-index array of bytes.
# Note that because I is in little-endian byte order, I[0] is the least significant byte.
# Key1 is a concatenation of the following values: I[0], I[1], I[2], I[3], I[0], I[1], I[2].
# Key2 is a concatenation of the following values: I[3], I[0], I[1], I[2], I[3], I[0], I[1]
key = pack('<L',baseKey)
key1 = [key[0] , key[1] , key[2] , key[3] , key[0] , key[1] , key[2]]
key2 = [key[3] , key[0] , key[1] , key[2] , key[3] , key[0] , key[1]]
if PY2:
return transformKey(b''.join(key1)),transformKey(b''.join(key2))
else:
return transformKey(bytes(key1)),transformKey(bytes(key2)) 示例13: fromTGT
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def fromTGT(self, tgt, oldSessionKey, sessionKey):
self.headers = []
header = Header()
header['tag'] = 1
header['taglen'] = 8
header['tagdata'] = '\xff\xff\xff\xff\x00\x00\x00\x00'
self.headers.append(header)
decodedTGT = decoder.decode(tgt, asn1Spec = AS_REP())[0]
tmpPrincipal = types.Principal()
tmpPrincipal.from_asn1(decodedTGT, 'crealm', 'cname')
self.principal = Principal()
self.principal.fromPrincipal(tmpPrincipal)
# Now let's add the credential
cipherText = decodedTGT['enc-part']['cipher']
cipher = crypto._enctype_table[decodedTGT['enc-part']['etype']]
# Key Usage 3
# AS-REP encrypted part (includes TGS session key or
# application session key), encrypted with the client key
# (Section 5.4.2)
plainText = cipher.decrypt(oldSessionKey, 3, str(cipherText))
encASRepPart = decoder.decode(plainText, asn1Spec = EncASRepPart())[0]
credential = Credential()
server = types.Principal()
server.from_asn1(encASRepPart, 'srealm', 'sname')
tmpServer = Principal()
tmpServer.fromPrincipal(server)
credential['client'] = self.principal
credential['server'] = tmpServer
credential['is_skey'] = 0
credential['key'] = KeyBlock()
credential['key']['keytype'] = int(encASRepPart['key']['keytype'])
credential['key']['keyvalue'] = str(encASRepPart['key']['keyvalue'])
credential['key']['keylen'] = len(credential['key']['keyvalue'])
credential['time'] = Times()
credential['time']['authtime'] = self.toTimeStamp(types.KerberosTime.from_asn1(encASRepPart['authtime']))
credential['time']['starttime'] = self.toTimeStamp(types.KerberosTime.from_asn1(encASRepPart['starttime']))
credential['time']['endtime'] = self.toTimeStamp(types.KerberosTime.from_asn1(encASRepPart['endtime']))
credential['time']['renew_till'] = self.toTimeStamp(types.KerberosTime.from_asn1(encASRepPart['renew-till']))
flags = self.reverseFlags(encASRepPart['flags'])
credential['tktflags'] = flags
credential['num_address'] = 0
credential.ticket = CountedOctetString()
credential.ticket['data'] = encoder.encode(decodedTGT['ticket'].clone(tagSet=Ticket.tagSet, cloneValueFlag=True))
credential.ticket['length'] = len(credential.ticket['data'])
credential.secondTicket = CountedOctetString()
credential.secondTicket['data'] = ''
credential.secondTicket['length'] = 0
self.credentials.append(credential) 示例14: fromTGS
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def fromTGS(self, tgs, oldSessionKey, sessionKey):
self.headers = []
header = Header()
header['tag'] = 1
header['taglen'] = 8
header['tagdata'] = '\xff\xff\xff\xff\x00\x00\x00\x00'
self.headers.append(header)
decodedTGS = decoder.decode(tgs, asn1Spec = TGS_REP())[0]
tmpPrincipal = types.Principal()
tmpPrincipal.from_asn1(decodedTGS, 'crealm', 'cname')
self.principal = Principal()
self.principal.fromPrincipal(tmpPrincipal)
# Now let's add the credential
cipherText = decodedTGS['enc-part']['cipher']
cipher = crypto._enctype_table[decodedTGS['enc-part']['etype']]
# Key Usage 8
# TGS-REP encrypted part (includes application session
# key), encrypted with the TGS session key (Section 5.4.2)
plainText = cipher.decrypt(oldSessionKey, 8, str(cipherText))
encTGSRepPart = decoder.decode(plainText, asn1Spec = EncTGSRepPart())[0]
credential = Credential()
server = types.Principal()
server.from_asn1(encTGSRepPart, 'srealm', 'sname')
tmpServer = Principal()
tmpServer.fromPrincipal(server)
credential['client'] = self.principal
credential['server'] = tmpServer
credential['is_skey'] = 0
credential['key'] = KeyBlock()
credential['key']['keytype'] = int(encTGSRepPart['key']['keytype'])
credential['key']['keyvalue'] = str(encTGSRepPart['key']['keyvalue'])
credential['key']['keylen'] = len(credential['key']['keyvalue'])
credential['time'] = Times()
credential['time']['authtime'] = self.toTimeStamp(types.KerberosTime.from_asn1(encTGSRepPart['authtime']))
credential['time']['starttime'] = self.toTimeStamp(types.KerberosTime.from_asn1(encTGSRepPart['starttime']))
credential['time']['endtime'] = self.toTimeStamp(types.KerberosTime.from_asn1(encTGSRepPart['endtime']))
credential['time']['renew_till'] = self.toTimeStamp(types.KerberosTime.from_asn1(encTGSRepPart['renew-till']))
flags = self.reverseFlags(encTGSRepPart['flags'])
credential['tktflags'] = flags
credential['num_address'] = 0
credential.ticket = CountedOctetString()
credential.ticket['data'] = encoder.encode(decodedTGS['ticket'].clone(tagSet=Ticket.tagSet, cloneValueFlag=True))
credential.ticket['length'] = len(credential.ticket['data'])
credential.secondTicket = CountedOctetString()
credential.secondTicket['data'] = ''
credential.secondTicket['length'] = 0
self.credentials.append(credential) 示例15: sessionSetupResp_KerberosMututal
# 需要导入模块: from impacket.krb5 import crypto [as 别名]
# 或者: from impacket.krb5.crypto import Key [as 别名]
def sessionSetupResp_KerberosMututal(self, smbPacket):
# Pull the most recent keys from kerberos
while not self.info['kerbPoppedKeys'].empty():
nKey = self.info['kerbPoppedKeys'].get()
self.info['smbKeyChain'][hash(nKey)] = copy.deepcopy(nKey)
st = SMB2SessionSetup_Response(data = smbPacket['Data'])['Buffer']
# See if we have the original KERBEROS_SESSION_KEY to decrypt this new Keberos ServiceSessionKey
for keyHash in self.info['smbKeyChain'].keys():
smbKey = self.info['smbKeyChain'][keyHash]
if(smbKey.KERBEROS_SERVICE_SESSION_KEY == ""):
print("NO KERB SERVICE SESSION KEY IN KEY: " + str(smbKey))
continue
# Make sure the keys were generated for this dialect
smbKey.setDialect(self.SESSION_DIALECT)
try:
print("Trying key:")
print(str(smbKey))
k = st.find("\x6f\x81\x87\x30")
apRep = decoder.decode(st[k:], asn1Spec = AP_REP())[0]
cipher = _enctype_table[18]
cipherText = str(apRep['enc-part']['cipher'])
key = Key(18, smbKey.KERBEROS_SERVICE_SESSION_KEY)
# Key Usage 12
# AP-REP encrypted part (includes application session
# subkey), encrypted with the application session key
# (Section 5.5.2)
plainText = cipher.decrypt(key, 12, cipherText)
encAPRepPart = decoder.decode(plainText, asn1Spec = EncAPRepPart())[0]
newSessionKey = Key(encAPRepPart['subkey']['keytype'], str(encAPRepPart['subkey']['keyvalue']))
print("\t!!!Compromised SMB SessionBaseKey via Kerberos Mutual Auth!!!\t " + hexlify(newSessionKey.contents[:16]))
self.KNOWN_KEY = SMBKey(sessionBaseKey = newSessionKey.contents[:16], dialect = self.SESSION_DIALECT, kerbSessionKey = smbKey.KERBEROS_SESSION_KEY, kerbServiceSessionKey = newSessionKey.contents)
self.info['smbKeyChain'][hash(self.KNOWN_KEY)] = self.KNOWN_KEY
break
except Exception, e:
# self.logger.info("FAILED TO POP MUTUAL AUTH WITH \n" + str(smbKey))
# print(str(e))
continue