MCPcopy Index your code
hub / github.com/secdev/scapy / krb_as_req

Function krb_as_req

scapy/layers/kerberos.py:4199–4274  ·  view source on GitHub ↗

r""" Kerberos AS-Req :param upn: the user principal name formatted as "DOMAIN\user", "DOMAIN/user" or "user@DOMAIN" :param spn: (optional) the full service principal name. Defaults to "krbtgt/ " :param ip: the KDC ip. (optional. If not provided,

(
    upn: str,
    spn: Optional[str] = None,
    ip: Optional[str] = None,
    key: Optional["Key"] = None,
    password: Optional[str] = None,
    realm: Optional[str] = None,
    host: str = "WIN10",
    p12: Optional[str] = None,
    x509: Optional[Union[str, Cert]] = None,
    x509key: Optional[Union[str, PrivKey]] = None,
    **kwargs,
)

Source from the content-addressed store, hash-verified

4197
4198
4199def krb_as_req(
4200 upn: str,
4201 spn: Optional[str] = None,
4202 ip: Optional[str] = None,
4203 key: Optional["Key"] = None,
4204 password: Optional[str] = None,
4205 realm: Optional[str] = None,
4206 host: str = "WIN10",
4207 p12: Optional[str] = None,
4208 x509: Optional[Union[str, Cert]] = None,
4209 x509key: Optional[Union[str, PrivKey]] = None,
4210 **kwargs,
4211):
4212 r"""
4213 Kerberos AS-Req
4214
4215 :param upn: the user principal name formatted as "DOMAIN\user", "DOMAIN/user"
4216 or "user@DOMAIN"
4217 :param spn: (optional) the full service principal name.
4218 Defaults to "krbtgt/<realm>"
4219 :param ip: the KDC ip. (optional. If not provided, Scapy will query the DNS for
4220 _kerberos._tcp.dc._msdcs.domain.local).
4221 :param key: (optional) pass the Key object.
4222 :param password: (optional) otherwise, pass the user&#x27;s password
4223 :param x509: (optional) pass a x509 certificate for PKINIT.
4224 :param x509key: (optional) pass the private key of the x509 certificate for PKINIT.
4225 :param p12: (optional) use a pfx/p12 instead of x509 and x509key. In this case,
4226 'password' is the password of the p12.
4227 :param realm: (optional) the realm to use. Otherwise use the one from UPN.
4228 :param host: (optional) the host performing the AS-Req. WIN10 by default.
4229
4230 :return: returns a named tuple (asrep=<...>, sessionkey=<...>)
4231
4232 Example::
4233
4234 >>> # The KDC is found via DC Locator, we ask a TGT for user1
4235 >>> krb_as_req("user1@DOMAIN.LOCAL", password="Password1")
4236
4237 Equivalent::
4238
4239 >>> from scapy.libs.rfc3961 import Key, EncryptionType
4240 >>> key = Key(EncryptionType.AES256_CTS_HMAC_SHA1_96, key=hex_bytes("6d0748c546
4241 ...: f4e99205e78f8da7681d4ec5520ae4815543720c2a647c1ae814c9"))
4242 >>> krb_as_req("user1@DOMAIN.LOCAL", ip="192.168.122.17", key=key)
4243
4244 Example using PKINIT with a p12::
4245
4246 >>> krb_as_req("user1@DOMAIN.LOCAL", p12="./store.p12", password="password")
4247 """
4248 if realm is None:
4249 _, realm = _parse_upn(upn)
4250 if key is None and p12 is None and x509 is None:
4251 if password is None:
4252 try:
4253 from prompt_toolkit import prompt
4254
4255 password = prompt("Enter password: ", is_password=True)
4256 except ImportError:

Callers 5

request_tgtMethod · 0.90
krb_as_and_tgsFunction · 0.85
kpasswdFunction · 0.85
GSS_Init_sec_contextMethod · 0.85

Calls 4

_parse_upnFunction · 0.85
KerberosClientClass · 0.85
runMethod · 0.45
stopMethod · 0.45

Tested by

no test coverage detected