Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KrbOfferedEncryptionTypes setting isn't always respected #19126

Closed
smashery opened this issue Apr 24, 2024 · 7 comments · Fixed by #19553
Closed

KrbOfferedEncryptionTypes setting isn't always respected #19126

smashery opened this issue Apr 24, 2024 · 7 comments · Fixed by #19553
Labels
bug confirmed Issues confirmed by a committer

Comments

@smashery
Copy link
Contributor

The KrbOfferedEncryptionTypes setting isn't respected if there's already a "matching" ticket in the kerberos cache.

Steps to reproduce

  • Setup: clear the kerberos cache (klist -d)
  • Use a kerberos-supported module
  • Run the module with kerberos auth (should default to AES256)
  • Observe the communications in wireshark - will likely be AES256
  • Note that the kerberos cache now has tickets (klist)
  • Re-run the module, forcibly setting krbofferedencryptiontypes to RC4-HMAC
  • Observe the communications in wireshark - should be RC4-HMAC, but is actually AES256
  • Delete kerberos tickets: klist -d
  • Re-run the module, forcibly setting krbofferedencryptiontypes to RC4-HMAC
  • Observe the communications in wireshark - is now RC4-HMAC

Expected behaviour

  • If an encryption type is set that does not match tickets in the kerberos cache, it should re-request a Kerberos ticket OR warn the user about this edge case

Tested on metasploit commit: c9dfb7e
@smashery smashery added the bug label Apr 24, 2024
@smashery smashery mentioned this issue Apr 24, 2024
Merged
15 tasks
@Neustradamus
Copy link

To follow :)

@github-actions GitHub Actions
Copy link

github-actions bot commented Jun 6, 2024

Hi!

This issue has been left open with no activity for a while now.

We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

@github-actions github-actions bot added the Stale Marks an issue as stale, to be closed if no action is taken label Jun 6, 2024
@Neustradamus
Copy link

.

@github-actions github-actions bot removed the Stale Marks an issue as stale, to be closed if no action is taken label Jun 7, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 8, 2024

Hi!

This issue has been left open with no activity for a while now.

We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

@github-actions github-actions bot added Stale Marks an issue as stale, to be closed if no action is taken and removed Stale Marks an issue as stale, to be closed if no action is taken labels Jul 8, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 8, 2024

Hi!

This issue has been left open with no activity for a while now.

We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

@github-actions github-actions bot added the Stale Marks an issue as stale, to be closed if no action is taken label Aug 8, 2024
@adfoster-r7 adfoster-r7 removed the Stale Marks an issue as stale, to be closed if no action is taken label Aug 8, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 9, 2024

Hi!

This issue has been left open with no activity for a while now.

We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

@github-actions github-actions bot added the Stale Marks an issue as stale, to be closed if no action is taken label Sep 9, 2024
@dwelch-r7 dwelch-r7 added confirmed Issues confirmed by a committer and removed Stale Marks an issue as stale, to be closed if no action is taken labels Sep 9, 2024
@Neustradamus
Copy link

.

@smashery smashery mentioned this issue Oct 11, 2024
Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug confirmed Issues confirmed by a committer
Projects
Metasploit Kanban
Archived in project
Milestone
No milestone
4 participants
@Neustradamus @smashery @dwelch-r7 @adfoster-r7