Skip to content

Commit

Permalink
Prioritise kerberos scanning over RC4, to get more easily crackable h…
Browse files Browse the repository at this point in the history 
…ash. Fall back to defaults.
  • Loading branch information
@smashery
smashery committed Sep 4, 2023
1 parent 90cf371 commit 8992c95
Showing 1 changed file with 16 additions and 6 deletions.
22 changes: 16 additions & 6 deletions lib/metasploit/framework/login_scanner/kerberos.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,12 +23,22 @@ def attempt_login(credential)
}

begin
res = send_request_tgt(
server_name: server_name,
client_name: credential.public,
password: credential.private,
realm: credential.realm
)
begin
res = send_request_tgt(
server_name: server_name,
client_name: credential.public,
password: credential.private,
realm: credential.realm,
offered_etypes: [Rex::Proto::Kerberos::Crypto::Encryption::RC4_HMAC]
)
rescue Rex::Proto::Kerberos::Model::Error::KerberosEncryptionNotSupported => e
# RC4 likely disabled - let's try again with our full complement of default etypes
res = send_request_tgt(
server_name: server_name,
client_name: credential.public,
password: credential.private,
realm: credential.realm)
end

result_options = result_options.merge(
{
Expand Down

0 comments on commit 8992c95

Please sign in to comment.