Support validating partial handshakes

lib/msf/core/exploit/remote/dcerpc/kerberos_authentication.rb

@@ -67,7 +67,7 @@ def build_ap_rep(session_key, sequence_number)
   end
 
   def auth_provider_complete_handshake(response, options)    
-      #@kerberos_authenticator.validate_response!(response.auth_value)
+      @kerberos_authenticator.validate_response!(response.auth_value, accept_incomplete: true)
       gss_api = OpenSSL::ASN1.decode(response.auth_value)
       security_blob = ::RubySMB::Gss.asn1dig(gss_api, 0, 2, 0)&.value
       ap_rep = Rex::Proto::Kerberos::Model::ApRep.decode(security_blob)

lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb

@@ -293,13 +293,14 @@ def parse_gss_init_response(token, session_key, mechanism: 'kerberos')
   end
 
   # @param security_blob [String] SPNEGO GSS Blob
+  # @param accept_incomplete [Boolean] Whether an Incomplete value is an acceptable response
   # @raise [Rex::Proto::Kerberos::Model::Error::KerberosDecodingError] if the response was not successful
-  def validate_response!(security_blob)
+  def validate_response!(security_blob, accept_incomplete: false)
     gss_api = OpenSSL::ASN1.decode(security_blob)
     neg_result = ::RubySMB::Gss.asn1dig(gss_api, 0, 0, 0)&.value.to_i
     supported_neg = ::RubySMB::Gss.asn1dig(gss_api, 0, 1, 0)&.value
 
-    is_success = neg_result == NEG_TOKEN_ACCEPT_COMPLETED &&
+    is_success = (neg_result == NEG_TOKEN_ACCEPT_COMPLETED || (accept_incomplete && neg_result == NEG_TOKEN_ACCEPT_INCOMPLETE)) &&
       supported_neg == ::Rex::Proto::Gss::OID_MICROSOFT_KERBEROS_5.value
 
     raise ::Rex::Proto::Kerberos::Model::Error::KerberosError.new('Failed to negotiate Kerberos GSS') unless is_success