MCPcopy
hub / github.com/abatchy17/WindowsExploits / ticket_debug

Function ticket_debug

MS14-068/35474.py:138–149  ·  view source on GitHub ↗
(ticket, key)

Source from the content-addressed store, hash-verified

136# Pretty print full ticket content
137# Only possible in a lab environment when you already know krbtgt and/or service keys
138def ticket_debug(ticket, key):
139 try:
140 ticket_enc = decrypt_ticket_enc_part(ticket, key)
141 print >> sys.stderr, ticket.prettyPrint()
142 for ad in iter_authorization_data(ticket_enc['authorization-data']):
143 print >> sys.stderr, 'AUTHORIZATION-DATA (type: %d):' % ad['ad-type']
144 if ad['ad-type'] == AD_WIN2K_PAC:
145 pretty_print_pac(str(ad['ad-data']))
146 else:
147 print >> sys.stderr, str(ad['ad-data']).encode('hex')
148 except Exception as e:
149 print 'ERROR:', e
150
151
152if __name__ == '__main__':

Callers 1

sploitFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected