Coverage for /root/GitHubProjects/impacket/impacket/krb5/pac.py : 100%

Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1# Impacket - Collection of Python classes for working with network protocols.
2#
3# SECUREAUTH LABS. Copyright (C) 2018 SecureAuth Corporation. All rights reserved.
4#
5# This software is provided under a slightly modified version
6# of the Apache Software License. See the accompanying LICENSE file
7# for more information.
8#
9# Description:
10# [MS-PAC] Implementation
11#
12# Author:
13# Alberto Solino (@agsolino)
14#
15from impacket.dcerpc.v5.dtypes import ULONG, RPC_UNICODE_STRING, FILETIME, PRPC_SID, USHORT
16from impacket.dcerpc.v5.ndr import NDRSTRUCT, NDRUniConformantArray, NDRPOINTER
17from impacket.dcerpc.v5.nrpc import USER_SESSION_KEY, CHAR_FIXED_8_ARRAY, PUCHAR_ARRAY, PRPC_UNICODE_STRING_ARRAY
18from impacket.dcerpc.v5.rpcrt import TypeSerialization1
19from impacket.structure import Structure
21################################################################################
22# CONSTANTS
23################################################################################
24# From https://msdn.microsoft.com/library/aa302203#msdn_pac_credentials
25# and http://diswww.mit.edu/menelaus.mit.edu/cvs-krb5/25862
26PAC_LOGON_INFO = 1
27PAC_CREDENTIALS_INFO = 2
28PAC_SERVER_CHECKSUM = 6
29PAC_PRIVSVR_CHECKSUM = 7
30PAC_CLIENT_INFO_TYPE = 10
31PAC_DELEGATION_INFO = 11
32PAC_UPN_DNS_INFO = 12
34################################################################################
35# STRUCTURES
36################################################################################
38PISID = PRPC_SID
40# 2.2.1 KERB_SID_AND_ATTRIBUTES
41class KERB_SID_AND_ATTRIBUTES(NDRSTRUCT):
42 structure = (
43 ('Sid', PISID),
44 ('Attributes', ULONG),
45 )
47class KERB_SID_AND_ATTRIBUTES_ARRAY(NDRUniConformantArray):
48 item = KERB_SID_AND_ATTRIBUTES
50class PKERB_SID_AND_ATTRIBUTES_ARRAY(NDRPOINTER):
51 referent = (
52 ('Data', KERB_SID_AND_ATTRIBUTES_ARRAY),
53 )
55# 2.2.2 GROUP_MEMBERSHIP
56from impacket.dcerpc.v5.nrpc import PGROUP_MEMBERSHIP_ARRAY
58# 2.2.3 DOMAIN_GROUP_MEMBERSHIP
59class DOMAIN_GROUP_MEMBERSHIP(NDRSTRUCT):
60 structure = (
61 ('DomainId', PISID),
62 ('GroupCount', ULONG),
63 ('GroupIds', PGROUP_MEMBERSHIP_ARRAY),
64 )
66class DOMAIN_GROUP_MEMBERSHIP_ARRAY(NDRUniConformantArray):
67 item = DOMAIN_GROUP_MEMBERSHIP
69class PDOMAIN_GROUP_MEMBERSHIP_ARRAY(NDRPOINTER):
70 referent = (
71 ('Data', KERB_SID_AND_ATTRIBUTES_ARRAY),
72 )
74# 2.3 PACTYPE
75class PACTYPE(Structure):
76 structure = (
77 ('cBuffers', '<L=0'),
78 ('Version', '<L=0'),
79 ('Buffers', ':'),
80 )
82# 2.4 PAC_INFO_BUFFER
83class PAC_INFO_BUFFER(Structure):
84 structure = (
85 ('ulType', '<L=0'),
86 ('cbBufferSize', '<L=0'),
87 ('Offset', '<Q=0'),
88 )
90# 2.5 KERB_VALIDATION_INFO
91class KERB_VALIDATION_INFO(NDRSTRUCT):
92 structure = (
93 ('LogonTime', FILETIME),
94 ('LogoffTime', FILETIME),
95 ('KickOffTime', FILETIME),
96 ('PasswordLastSet', FILETIME),
97 ('PasswordCanChange', FILETIME),
98 ('PasswordMustChange', FILETIME),
99 ('EffectiveName', RPC_UNICODE_STRING),
100 ('FullName', RPC_UNICODE_STRING),
101 ('LogonScript', RPC_UNICODE_STRING),
102 ('ProfilePath', RPC_UNICODE_STRING),
103 ('HomeDirectory', RPC_UNICODE_STRING),
104 ('HomeDirectoryDrive', RPC_UNICODE_STRING),
105 ('LogonCount', USHORT),
106 ('BadPasswordCount', USHORT),
107 ('UserId', ULONG),
108 ('PrimaryGroupId', ULONG),
109 ('GroupCount', ULONG),
110 ('GroupIds', PGROUP_MEMBERSHIP_ARRAY),
111 ('UserFlags', ULONG),
112 ('UserSessionKey', USER_SESSION_KEY),
113 ('LogonServer', RPC_UNICODE_STRING),
114 ('LogonDomainName', RPC_UNICODE_STRING),
115 ('LogonDomainId', PRPC_SID),
117 # Also called Reserved1
118 ('LMKey', CHAR_FIXED_8_ARRAY),
120 ('UserAccountControl', ULONG),
121 ('SubAuthStatus', ULONG),
122 ('LastSuccessfulILogon', FILETIME),
123 ('LastFailedILogon', FILETIME),
124 ('FailedILogonCount', ULONG),
125 ('Reserved3', ULONG),
127 ('SidCount', ULONG),
128 #('ExtraSids', PNETLOGON_SID_AND_ATTRIBUTES_ARRAY),
129 ('ExtraSids', PKERB_SID_AND_ATTRIBUTES_ARRAY),
130 ('ResourceGroupDomainSid', PISID),
131 ('ResourceGroupCount', ULONG),
132 ('ResourceGroupIds', PGROUP_MEMBERSHIP_ARRAY),
133 )
135class PKERB_VALIDATION_INFO(NDRPOINTER):
136 referent = (
137 ('Data', KERB_VALIDATION_INFO),
138 )
140# 2.6.1 PAC_CREDENTIAL_INFO
141class PAC_CREDENTIAL_INFO(Structure):
142 structure = (
143 ('Version', '<L=0'),
144 ('EncryptionType', '<L=0'),
145 ('SerializedData', ':'),
146 )
148# 2.6.3 SECPKG_SUPPLEMENTAL_CRED
149class SECPKG_SUPPLEMENTAL_CRED(NDRSTRUCT):
150 structure = (
151 ('PackageName', RPC_UNICODE_STRING),
152 ('CredentialSize', ULONG),
153 ('Credentials', PUCHAR_ARRAY),
154 )
156class SECPKG_SUPPLEMENTAL_CRED_ARRAY(NDRUniConformantArray):
157 item = SECPKG_SUPPLEMENTAL_CRED
159# 2.6.2 PAC_CREDENTIAL_DATA
160class PAC_CREDENTIAL_DATA(NDRSTRUCT):
161 structure = (
162 ('CredentialCount', ULONG),
163 ('Credentials', SECPKG_SUPPLEMENTAL_CRED_ARRAY),
164 )
166# 2.6.4 NTLM_SUPPLEMENTAL_CREDENTIAL
167class NTLM_SUPPLEMENTAL_CREDENTIAL(NDRSTRUCT):
168 structure = (
169 ('Version', ULONG),
170 ('Flags', ULONG),
171 ('LmPassword', '16s=b""'),
172 ('NtPassword', '16s=b""'),
173 )
175# 2.7 PAC_CLIENT_INFO
176class PAC_CLIENT_INFO(Structure):
177 structure = (
178 ('ClientId', '<Q=0'),
179 ('NameLength', '<H=0'),
180 ('_Name', '_-Name', 'self["NameLength"]'),
181 ('Name', ':'),
182 )
184# 2.8 PAC_SIGNATURE_DATA
185class PAC_SIGNATURE_DATA(Structure):
186 structure = (
187 ('SignatureType', '<l=0'),
188 ('Signature', ':'),
189 )
191# 2.9 Constrained Delegation Information - S4U_DELEGATION_INFO
192class S4U_DELEGATION_INFO(NDRSTRUCT):
193 structure = (
194 ('S4U2proxyTarget', RPC_UNICODE_STRING),
195 ('TransitedListSize', ULONG),
196 ('S4UTransitedServices', PRPC_UNICODE_STRING_ARRAY ),
197 )
199# 2.10 UPN_DNS_INFO
200class UPN_DNS_INFO(Structure):
201 structure = (
202 ('UpnLength', '<H=0'),
203 ('UpnOffset', '<H=0'),
204 ('DnsDomainNameLength', '<H=0'),
205 ('DnsDomainNameOffset', '<H=0'),
206 ('Flags', '<L=0'),
207 )
209# 2.11 PAC_CLIENT_CLAIMS_INFO
210class PAC_CLIENT_CLAIMS_INFO(Structure):
211 structure = (
212 ('Claims', ':'),
213 )
215# 2.12 PAC_DEVICE_INFO
216class PAC_DEVICE_INFO(NDRSTRUCT):
217 structure = (
218 ('UserId', ULONG),
219 ('PrimaryGroupId', ULONG),
220 ('AccountDomainId', PISID ),
221 ('AccountGroupCount', ULONG ),
222 ('AccountGroupIds', PGROUP_MEMBERSHIP_ARRAY ),
223 ('SidCount', ULONG ),
224 ('ExtraSids', PKERB_SID_AND_ATTRIBUTES_ARRAY ),
225 ('DomainGroupCount', ULONG ),
226 ('DomainGroup', PDOMAIN_GROUP_MEMBERSHIP_ARRAY ),
227 )
229# 2.13 PAC_DEVICE_CLAIMS_INFO
230class PAC_DEVICE_CLAIMS_INFO(Structure):
231 structure = (
232 ('Claims', ':'),
233 )
235class VALIDATION_INFO(TypeSerialization1):
236 structure = (
237 ('Data', PKERB_VALIDATION_INFO),
238 )