scapy.layers.kerberos¶
Kerberos V5
Implements parts of:
Kerberos Network Authentication Service (V5): RFC4120
Kerberos Version 5 GSS-API: RFC1964, RFC4121
Kerberos Pre-Authentication: RFC6113 (FAST)
You will find more complete documentation for this layer over Kerberos
Example decryption:
>>> from scapy.libs.rfc3961 import Key, EncryptionType
>>> pkt = Ether(hex_bytes("525400695813525400216c2b08004500015da71840008006dc\
83c0a87a9cc0a87a11c209005854f6ab2392c25bd650182014b6e00000000001316a8201\
2d30820129a103020105a20302010aa3633061304ca103020102a24504433041a0030201\
12a23a043848484decb01c9b62a1cabfbc3f2d1ed85aa5e093ba8358a8cea34d4393af93\
bf211e274fa58e814878db9f0d7a28d94e7327660db4f3704b3011a10402020080a20904\
073005a0030101ffa481b73081b4a00703050040810010a1123010a003020101a1093007\
1b0577696e3124a20e1b0c444f4d41494e2e4c4f43414ca321301fa003020102a1183016\
1b066b72627467741b0c444f4d41494e2e4c4f43414ca511180f32303337303931333032\
343830355aa611180f32303337303931333032343830355aa7060204701cc5d1a8153013\
0201120201110201170201180202ff79020103a91d301b3019a003020114a11204105749\
4e31202020202020202020202020"))
>>> enc = pkt[Kerberos].root.padata[0].padataValue
>>> k = Key(enc.etype.val, key=hex_bytes("7fada4e566ae4fb270e2800a23a\
e87127a819d42e69b5e22de0ddc63da80096d"))
>>> enc.decrypt(k)
- scapy.layers.kerberos.ADMANDATORYFORKDC[source]¶
alias of
AuthorizationData
- class scapy.layers.kerberos.AD_AND_OR(_pkt, /, *, conditionCount=0x0 <ASN1_INTEGER[0]>, elements=None)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_PACKET object>)>¶
- aliastypes¶
- scapy.layers.kerberos.AD_IF_RELEVANT[source]¶
alias of
AuthorizationData
- class scapy.layers.kerberos.AD_KDCIssued(_pkt, /, *, checksumtype=0x0 <ASN1_INTEGER[0]>, checksum=<ASN1_STRING['']>, iRealm=<ASN1_GENERAL_STRING['']>, iSname=None, elements=None)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_STRING object>)>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_PACKET object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.ASN1F_KRB_APPLICATION(*seq: Any, **kwargs: Any)[source]¶
Bases:
ASN1F_SEQUENCE
- ASN1_tag = <ASN1Tag APPLICATION[96]>¶
- default: _A | None¶
- class scapy.layers.kerberos.ASN1_Class_KRB[source]¶
Bases:
ASN1_Class_UNIVERSAL
- ANY = <ASN1Tag ANY[0]>¶
- APPLICATION = <ASN1Tag APPLICATION[96]>¶
- BIT_STRING = <ASN1Tag BIT_STRING[3]>¶
- BMP_STRING = <ASN1Tag BMP_STRING[30]>¶
- BOOLEAN = <ASN1Tag BOOLEAN[1]>¶
- CHAR_STRING = <ASN1Tag CHAR_STRING[29]>¶
- COUNTER32 = <ASN1Tag COUNTER32[65]>¶
- EMBEDDED_PDF = <ASN1Tag EMBEDDED_PDF[11]>¶
- ENUMERATED = <ASN1Tag ENUMERATED[10]>¶
- ERROR = <ASN1Tag ERROR[-3]>¶
- EXTERNAL = <ASN1Tag EXTERNAL[8]>¶
- GAUGE32 = <ASN1Tag GAUGE32[66]>¶
- GENERALIZED_TIME = <ASN1Tag GENERALIZED_TIME[24]>¶
- GENERAL_STRING = <ASN1Tag GENERAL_STRING[27]>¶
- GRAPHIC_STRING = <ASN1Tag GRAPHIC_STRING[25]>¶
- IA5_STRING = <ASN1Tag IA5_STRING[22]>¶
- INTEGER = <ASN1Tag INTEGER[2]>¶
- IPADDRESS = <ASN1Tag IPADDRESS[64]>¶
- ISO646_STRING = <ASN1Tag ISO646_STRING[26]>¶
- NONE = <ASN1Tag NONE[-1]>¶
- NULL = <ASN1Tag NULL[5]>¶
- NUMERIC_STRING = <ASN1Tag NUMERIC_STRING[18]>¶
- OBJECT_DESCRIPTOR = <ASN1Tag OBJECT_DESCRIPTOR[7]>¶
- OID = <ASN1Tag OID[6]>¶
- PRINTABLE_STRING = <ASN1Tag PRINTABLE_STRING[19]>¶
- RAW = <ASN1Tag RAW[-2]>¶
- REAL = <ASN1Tag REAL[9]>¶
- RELATIVE_OID = <ASN1Tag RELATIVE_OID[13]>¶
- SEQUENCE = <ASN1Tag SEQUENCE[48]>¶
- SET = <ASN1Tag SET[49]>¶
- STRING = <ASN1Tag STRING[4]>¶
- T61_STRING = <ASN1Tag T61_STRING[20]>¶
- TIME_TICKS = <ASN1Tag TIME_TICKS[67]>¶
- UNIVERSAL_STRING = <ASN1Tag UNIVERSAL_STRING[28]>¶
- UTC_TIME = <ASN1Tag UTC_TIME[23]>¶
- UTF8_STRING = <ASN1Tag UTF8_STRING[12]>¶
- VIDEOTEX_STRING = <ASN1Tag VIDEOTEX_STRING[21]>¶
- name = 'KERBEROS'¶
- class scapy.layers.kerberos.ASN1_GSSAPI_APPLICATION(val: _K)[source]¶
Bases:
ASN1_SEQUENCE
- tag = <ASN1Tag APPLICATION[96]>¶
- class scapy.layers.kerberos.AuthorizationData(_pkt, /, *, seq=[<AuthorizationDataItem |>])[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE_OF seq>¶
- aliastypes¶
- class scapy.layers.kerberos.AuthorizationDataItem(_pkt, /, *, adType=0x0 <ASN1_INTEGER[0]>, adData=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.layers.kerberos._AuthorizationData_value_Field object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.BERcodec_GSSAPI_APPLICATION[source]¶
Bases:
BERcodec_SEQUENCE
- tag = <ASN1Tag APPLICATION[96]>¶
- class scapy.layers.kerberos.DHRepInfo(_pkt, /, *, dhSignedData=<ASN1_STRING['']>, serverDHNonce=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_STRING object>, <scapy.asn1fields.ASN1F_optional object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.ETYPE_INFO(_pkt, /, *, seq=[<ETYPE_INFO_ENTRY |>])[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE_OF seq>¶
- aliastypes¶
- class scapy.layers.kerberos.ETYPE_INFO2(_pkt, /, *, seq=[<ETYPE_INFO_ENTRY2 |>])[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE_OF seq>¶
- aliastypes¶
- class scapy.layers.kerberos.ETYPE_INFO_ENTRY(_pkt, /, *, etype=0x1 <ASN1_INTEGER[1]>, salt=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_optional object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.ETYPE_INFO_ENTRY2(_pkt, /, *, etype=0x1 <ASN1_INTEGER[1]>, salt=<ASN1_GENERAL_STRING['']>, s2kparams=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.EncASRepPart(_pkt, /, *, key=None, lastReq=[], nonce=0x0 <ASN1_INTEGER[0]>, keyExpiration=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, flags=0, authtime=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, starttime=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, endtime=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, renewTill=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, srealm=<ASN1_GENERAL_STRING['']>, sname=<PrincipalName |>, caddr=[], encryptedPaData=[])[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_KRB_APPLICATION(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_PACKET object>, <ASN1F_SEQUENCE_OF lastReq>, <scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_FLAGS object>, <scapy.asn1fields.ASN1F_GENERALIZED_TIME object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_GENERALIZED_TIME object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_GENERAL_STRING object>, <scapy.asn1fields.ASN1F_PACKET object>, <scapy.asn1fields.ASN1F_optional object>, <ASN1F_SEQUENCE_OF encryptedPaData>)>,)>¶
- aliastypes¶
- fields_desc¶
EncASRepPart fields¶ key
None
lastReq
[]
nonce
0x0 <ASN1_INTEGER[0]>
keyExpiration
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
flags
0
authtime
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
starttime
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
endtime
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
renewTill
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
srealm
<ASN1_GENERAL_STRING['']>
sname
<PrincipalName |>
caddr
[]
encryptedPaData
[]
- class scapy.layers.kerberos.EncKeyPack(_pkt, /, *, encKeyPack=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <scapy.asn1fields.ASN1F_STRING object>¶
- aliastypes¶
- class scapy.layers.kerberos.EncTGSRepPart(_pkt, /, *, key=None, lastReq=[], nonce=0x0 <ASN1_INTEGER[0]>, keyExpiration=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, flags=0, authtime=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, starttime=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, endtime=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, renewTill=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, srealm=<ASN1_GENERAL_STRING['']>, sname=<PrincipalName |>, caddr=[], encryptedPaData=[])[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_KRB_APPLICATION(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_PACKET object>, <ASN1F_SEQUENCE_OF lastReq>, <scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_FLAGS object>, <scapy.asn1fields.ASN1F_GENERALIZED_TIME object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_GENERALIZED_TIME object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_GENERAL_STRING object>, <scapy.asn1fields.ASN1F_PACKET object>, <scapy.asn1fields.ASN1F_optional object>, <ASN1F_SEQUENCE_OF encryptedPaData>)>,)>¶
- aliastypes¶
- fields_desc¶
EncTGSRepPart fields¶ key
None
lastReq
[]
nonce
0x0 <ASN1_INTEGER[0]>
keyExpiration
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
flags
0
authtime
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
starttime
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
endtime
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
renewTill
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
srealm
<ASN1_GENERAL_STRING['']>
sname
<PrincipalName |>
caddr
[]
encryptedPaData
[]
- class scapy.layers.kerberos.EncTicketPart(_pkt, /, *, flags=0, key=None, crealm=<ASN1_GENERAL_STRING['']>, cname=None, transited=<TransitedEncoding |>, authtime=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, starttime=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, endtime=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, renewTill=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, addresses=[], authorizationData=None)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_KRB_APPLICATION(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_FLAGS object>, <scapy.asn1fields.ASN1F_PACKET object>, <scapy.asn1fields.ASN1F_GENERAL_STRING object>, <scapy.asn1fields.ASN1F_PACKET object>, <scapy.asn1fields.ASN1F_PACKET object>, <scapy.asn1fields.ASN1F_GENERALIZED_TIME object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_GENERALIZED_TIME object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>)>,)>¶
- aliastypes¶
- fields_desc¶
EncTicketPart fields¶ flags
0
key
None
crealm
<ASN1_GENERAL_STRING['']>
cname
None
transited
<TransitedEncoding |>
authtime
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
starttime
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
endtime
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
renewTill
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
addresses
[]
authorizationData
None
- class scapy.layers.kerberos.EncryptedData(_pkt, /, *, etype=0x1 <ASN1_INTEGER[1]>, kvno=0x0 <ASN1_INTEGER[0]>, cipher=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_STRING object>)>¶
- aliastypes¶
- decrypt(key, key_usage_number=None, cls=None)[source]¶
Decrypt and return the data contained in cipher.
- Parameters:
key – the key to use for decryption
key_usage_number – (optional) specify the key usage number. Guessed otherwise
cls – (optional) the class of the decrypted payload Guessed otherwise (or bytes)
- encrypt(key, text, confounder=None, key_usage_number=None)[source]¶
Encrypt text and set it into cipher.
- Parameters:
key – the key to use for encryption
text – the bytes value to encode
confounder – (optional) specify the confounder bytes. Random otherwise
key_usage_number – (optional) specify the key usage number. Guessed otherwise
- class scapy.layers.kerberos.EncryptionKey(_pkt, /, *, keytype=0x0 <ASN1_INTEGER[0]>, keyvalue=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_STRING object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.ExternalPrincipalIdentifier(_pkt, /, *, subjectName=<ASN1_STRING['']>, issuerAndSerialNumber=<ASN1_STRING['']>, subjectKeyIdentifier=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.HostAddress(_pkt, /, *, addrType=0x0 <ASN1_INTEGER[0]>, address=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_STRING object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.KRB5_GSS_Delete_sec_context_RFC1964(_pkt, /, *, TOK_ID=b'\x01\x02', SGN_ALG=0, reserved=4294967295, SND_SEQ=b'', SGN_CKSUM=b'')[source]¶
Bases:
Packet
- aliastypes¶
- fields_desc¶
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | TOK ID | SGN ALG | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RESERVED | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SND SEQ | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SGN CKSUM | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. KRB5_GSS_Delete_sec_context_RFC1964
KRB5_GSS_Delete_sec_context_RFC1964 fields¶ TOK_ID
b'\x01\x02'
SGN_ALG
0
reserved
4294967295
SND_SEQ
b''
SGN_CKSUM
b''
- class scapy.layers.kerberos.KRB5_GSS_GetMIC(_pkt, /, *, TOK_ID=b'\x04\x04', Flags=<Flag 8 (?)>, reserved=4294967295, SND_SEQ=b'', SGN_CKSUM=b'')[source]¶
Bases:
Packet
- aliastypes¶
- fields_desc¶
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | TOK ID |FLAG| RESERVED | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | SND SEQ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | SGN CKSUM | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. KRB5_GSS_GetMIC
KRB5_GSS_GetMIC fields¶ TOK_ID
b'\x04\x04'
Flags
<Flag 8 (?)>
reserved
4294967295
SND_SEQ
b''
SGN_CKSUM
b''
- class scapy.layers.kerberos.KRB5_GSS_GetMIC_RFC1964(_pkt, /, *, TOK_ID=b'\x01\x01', SGN_ALG=0, reserved=4294967295, SND_SEQ=b'', SGN_CKSUM=b'')[source]¶
Bases:
Packet
- aliastypes¶
- fields_desc¶
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | TOK ID | SGN ALG | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RESERVED | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SND SEQ | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SGN CKSUM | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. KRB5_GSS_GetMIC_RFC1964
KRB5_GSS_GetMIC_RFC1964 fields¶ TOK_ID
b'\x01\x01'
SGN_ALG
0
reserved
4294967295
SND_SEQ
b''
SGN_CKSUM
b''
- class scapy.layers.kerberos.KRB5_GSS_Wrap(_pkt, /, *, TOK_ID=b'\x05\x04', Flags=<Flag 8 (?)>, reserved=255, EC=0, RRC=0, SND_SEQ=b'', SGN_CKSUM=b'')[source]¶
Bases:
Packet
- aliastypes¶
- fields_desc¶
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | TOK ID |FLAG| RESERVED | EC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | RRC | SND SEQ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | | + +-+-+-+-+-+-+-+-+ | | SGN CKSUM | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | | + +-+-+-+-+-+-+-+-+ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. KRB5_GSS_Wrap
KRB5_GSS_Wrap fields¶ TOK_ID
b'\x05\x04'
Flags
<Flag 8 (?)>
reserved
255
EC
0
RRC
0
SND_SEQ
b''
SGN_CKSUM
b''
- class scapy.layers.kerberos.KRB5_GSS_Wrap_RFC1964(_pkt, /, *, TOK_ID=b'\x02\x01', SGN_ALG=0, SEAL_ALG=0, reserved=65535, SND_SEQ=b'', SGN_CKSUM=b'', CONFOUNDER=b'')[source]¶
Bases:
Packet
- aliastypes¶
- fields_desc¶
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | TOK ID | SGN ALG | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SEAL ALG | RESERVED | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SND SEQ | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SGN CKSUM | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CONFOUNDER | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. KRB5_GSS_Wrap_RFC1964
KRB5_GSS_Wrap_RFC1964 fields¶ TOK_ID
b'\x02\x01'
SGN_ALG
0
SEAL_ALG
0
reserved
65535
SND_SEQ
b''
SGN_CKSUM
b''
CONFOUNDER
b''
- class scapy.layers.kerberos.KRB5_InitialContextToken_innerContextToken(_pkt, /, *, TOK_ID=b'\x01\x01')[source]¶
Bases:
Packet
- aliastypes¶
- fields_desc¶
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | TOK ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. KRB5_InitialContextToken_innerContextToken
KRB5_InitialContextToken_innerContextToken fields¶ TOK_ID
b'\x01\x01'
- class scapy.layers.kerberos.KRB_AP_REP(_pkt, /, *, pvno=0x5 <ASN1_INTEGER[5]>, msgType=0xf <ASN1_INTEGER[15]>, encPart=None)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_KRB_APPLICATION(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_PACKET object>)>,)>¶
- aliastypes¶
- class scapy.layers.kerberos.KRB_AP_REQ(_pkt, /, *, pvno=0x5 <ASN1_INTEGER[5]>, msgType=0xe <ASN1_INTEGER[14]>, apOptions=<ASN1_BIT_STRING[]=b'' (0 unused bit)>, ticket=None, authenticator=None)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_KRB_APPLICATION(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_FLAGS object>, <scapy.asn1fields.ASN1F_PACKET object>, <scapy.asn1fields.ASN1F_PACKET object>)>,)>¶
- aliastypes¶
- class scapy.layers.kerberos.KRB_AS_REP(_pkt, /, *, pvno=0x5 <ASN1_INTEGER[5]>, msgType=0xb <ASN1_INTEGER[11]>, padata=[], crealm=<ASN1_GENERAL_STRING['']>, cname=None, ticket=None, encPart=None)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_KRB_APPLICATION(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_GENERAL_STRING object>, <scapy.asn1fields.ASN1F_PACKET object>, <scapy.asn1fields.ASN1F_PACKET object>, <scapy.asn1fields.ASN1F_PACKET object>)>,)>¶
- aliastypes¶
- class scapy.layers.kerberos.KRB_AS_REQ(_pkt, /, *, pvno=0x5 <ASN1_INTEGER[5]>, msgType=0xa <ASN1_INTEGER[10]>, padata=[], reqBody=<KRB_KDC_REQ_BODY |>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_KRB_APPLICATION(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_PACKET object>)>,)>¶
- aliastypes¶
- class scapy.layers.kerberos.KRB_Authenticator(_pkt, /, *, authenticatorPvno=0x5 <ASN1_INTEGER[5]>, crealm=<ASN1_GENERAL_STRING['']>, cname=None, checksumtype=0x0 <ASN1_INTEGER[0]>, checksum=<ASN1_STRING['']>, cusec=0x0 <ASN1_INTEGER[0]>, ctime=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, subkey=None, seqNumber=0x0 <ASN1_INTEGER[0]>, encAuthorizationData=None)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_KRB_APPLICATION(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_GENERAL_STRING object>, <scapy.asn1fields.ASN1F_PACKET object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_GENERALIZED_TIME object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>)>,)>¶
- aliastypes¶
- fields_desc¶
KRB_Authenticator fields¶ authenticatorPvno
0x5 <ASN1_INTEGER[5]>
crealm
<ASN1_GENERAL_STRING['']>
cname
None
checksumtype
0x0 <ASN1_INTEGER[0]>
checksum
<ASN1_STRING['']>
cusec
0x0 <ASN1_INTEGER[0]>
ctime
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
subkey
None
seqNumber
0x0 <ASN1_INTEGER[0]>
encAuthorizationData
None
- class scapy.layers.kerberos.KRB_ERROR(_pkt, /, *, pvno=0x5 <ASN1_INTEGER[5]>, msgType=0x1e <ASN1_INTEGER[30]>, ctime=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, cusec=0x0 <ASN1_INTEGER[0]>, stime=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, susec=0x0 <ASN1_INTEGER[0]>, errorCode=0x0 <ASN1_INTEGER[0]>, crealm=<ASN1_GENERAL_STRING['']>, cname=None, realm=<ASN1_GENERAL_STRING['']>, sname=None, eText=<ASN1_GENERAL_STRING['']>, eData=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_KRB_APPLICATION(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_GENERALIZED_TIME object>, <scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_GENERAL_STRING object>, <scapy.asn1fields.ASN1F_PACKET object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>)>,)>¶
- aliastypes¶
- fields_desc¶
KRB_ERROR fields¶ pvno
0x5 <ASN1_INTEGER[5]>
msgType
0x1e <ASN1_INTEGER[30]>
ctime
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
cusec
0x0 <ASN1_INTEGER[0]>
stime
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
susec
0x0 <ASN1_INTEGER[0]>
errorCode
0x0 <ASN1_INTEGER[0]>
crealm
<ASN1_GENERAL_STRING['']>
cname
None
realm
<ASN1_GENERAL_STRING['']>
sname
None
eText
<ASN1_GENERAL_STRING['']>
eData
_KRBERROR_data_Field
<ASN1_STRING['']>
- class scapy.layers.kerberos.KRB_InitialContextToken(_pkt, /, *, MechType=<ASN1_OID['Kerberos 5']>, innerContextToken=<KRB5_InitialContextToken_innerContextToken |>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_KRB_APPLICATION(<scapy.asn1fields.ASN1F_OID object>, <scapy.asn1fields.ASN1F_PACKET object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.KRB_KDC_REQ_BODY(_pkt, /, *, kdcOptions=<ASN1_BIT_STRING[]=b'' (0 unused bit)>, cname=None, realm=<ASN1_GENERAL_STRING['']>, sname=None, from_=None, till=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, rtime=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, nonce=0x0 <ASN1_INTEGER[0]>, etype=[], addresses=[], encAuthorizationData=None, additionalTickets=[])[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_FLAGS object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_GENERAL_STRING object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_GENERALIZED_TIME object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_INTEGER object>, <ASN1F_SEQUENCE_OF etype>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>)>¶
- aliastypes¶
- fields_desc¶
KRB_KDC_REQ_BODY fields¶ kdcOptions
<ASN1_BIT_STRING[]=b'' (0 unused bit)>
cname
None
realm
<ASN1_GENERAL_STRING['']>
sname
None
from_
None
till
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
rtime
20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>
nonce
0x0 <ASN1_INTEGER[0]>
etype
[]
addresses
[]
encAuthorizationData
None
additionalTickets
[]
- class scapy.layers.kerberos.KRB_TGS_REP(_pkt, /, *, pvno=0x5 <ASN1_INTEGER[5]>, msgType=0xb <ASN1_INTEGER[11]>, padata=[], crealm=<ASN1_GENERAL_STRING['']>, cname=None, ticket=None, encPart=None)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_KRB_APPLICATION(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_GENERAL_STRING object>, <scapy.asn1fields.ASN1F_PACKET object>, <scapy.asn1fields.ASN1F_PACKET object>, <scapy.asn1fields.ASN1F_PACKET object>)>,)>¶
- aliastypes¶
- class scapy.layers.kerberos.KRB_TGS_REQ(_pkt, /, *, pvno=0x5 <ASN1_INTEGER[5]>, msgType=0xa <ASN1_INTEGER[10]>, padata=[], reqBody=<KRB_KDC_REQ_BODY |>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_KRB_APPLICATION(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_PACKET object>)>,)>¶
- aliastypes¶
- class scapy.layers.kerberos.KRB_Ticket(_pkt, /, *, tktVno=0x0 <ASN1_INTEGER[0]>, realm=<ASN1_GENERAL_STRING['']>, sname=None, encPart=None)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_KRB_APPLICATION(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_GENERAL_STRING object>, <scapy.asn1fields.ASN1F_PACKET object>, <scapy.asn1fields.ASN1F_PACKET object>)>,)>¶
- aliastypes¶
- class scapy.layers.kerberos.Kerberos(_pkt, /, *, root=None)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <scapy.asn1fields.ASN1F_CHOICE object>¶
- aliastypes¶
- class scapy.layers.kerberos.KerberosClient(self, debug: int = 0, store: int = 1, **kargs: Any)[source]¶
Bases:
Automaton
- BEGIN(*args: ATMT, **kargs: Any) NewStateRequested [source]¶
- FINAL(*args: ATMT, **kargs: Any) NewStateRequested [source]¶
- SENT_AP_REQ(*args: ATMT, **kargs: Any) NewStateRequested [source]¶
- actions: Dict[str, List[_StateWrapper]] = {'receive_ap_rep': [<function KerberosClient.decrypt_ap_rep>], 'receive_krb_error_ap_req': [], 'should_send_ap_req': [<function KerberosClient.send_ap_req>]}¶
- breakpoints: Set[_StateWrapper]¶
- conditions: Dict[str, List[_StateWrapper]] = {'BEGIN': [<function KerberosClient.should_send_ap_req>], 'FINAL': [], 'SENT_AP_REQ': []}¶
- initial_states: List[_StateWrapper] = [<function ATMT.state.<locals>.deco.<locals>._state_wrapper>]¶
- interception_points: Set[_StateWrapper]¶
- ioevents: Dict[str, List[_StateWrapper]] = {'BEGIN': [], 'FINAL': [], 'SENT_AP_REQ': []}¶
- ionames: List[str] = []¶
- iosupersockets: List[SuperSocket] = []¶
- packets: PacketList¶
- recv_conditions: Dict[str, List[_StateWrapper]] = {'BEGIN': [], 'FINAL': [], 'SENT_AP_REQ': [<function KerberosClient.receive_krb_error_ap_req>, <function KerberosClient.receive_ap_rep>]}¶
- states: Dict[str, _StateWrapper] = {'BEGIN': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'FINAL': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SENT_AP_REQ': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>}¶
- stop_states: List[_StateWrapper] = []¶
- threadid: int | None¶
- timeout: Dict[str, _TimerList] = {'BEGIN': [], 'FINAL': [], 'SENT_AP_REQ': []}¶
- class scapy.layers.kerberos.KerberosTCPHeader(_pkt, /, *, len=None)[source]¶
Bases:
Packet
- aliastypes¶
- fields_desc¶
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LEN | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. KerberosTCPHeader
KerberosTCPHeader fields¶ len
None
- class scapy.layers.kerberos.KrbFastArmor(_pkt, /, *, armorType=0x1 <ASN1_INTEGER[1]>, armorValue=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.layers.kerberos._KrbFastArmor_value_Field object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.KrbFastArmoredRep(_pkt, /, *, encFastRep=None)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_PACKET object>,)>,)>¶
- aliastypes¶
- class scapy.layers.kerberos.KrbFastArmoredReq(_pkt, /, *, armor=<KrbFastArmor |>, checksumtype=0x0 <ASN1_INTEGER[0]>, checksum=<ASN1_STRING['']>, encFastReq=None)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_optional object>, <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_STRING object>)>, <scapy.asn1fields.ASN1F_PACKET object>)>,)>¶
- aliastypes¶
- class scapy.layers.kerberos.KrbFastFinished(_pkt, /, *, timestamp=0x0 <ASN1_INTEGER[0]>, usec=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, crealm=<ASN1_GENERAL_STRING['']>, cname=None, checksumtype=0x0 <ASN1_INTEGER[0]>, checksum=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_GENERALIZED_TIME object>, <scapy.asn1fields.ASN1F_GENERAL_STRING object>, <scapy.asn1fields.ASN1F_PACKET object>, <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.asn1fields.ASN1F_STRING object>)>)>¶
- aliastypes¶
- class scapy.layers.kerberos.KrbFastReq(_pkt, /, *, fastOptions=<ASN1_BIT_STRING[]=b'' (0 unused bit)>, padata=[<PADATA |>], reqBody=None)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_FLAGS object>, <ASN1F_SEQUENCE_OF padata>, <scapy.asn1fields.ASN1F_PACKET object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.KrbFastResponse(_pkt, /, *, padata=[<PADATA |>], stengthenKey=None, finished=<KrbFastFinished |>, nonce=0x0 <ASN1_INTEGER[0]>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<ASN1F_SEQUENCE_OF padata>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_INTEGER object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.LastReqItem(_pkt, /, *, lrType=0x0 <ASN1_INTEGER[0]>, lrValue=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_GENERALIZED_TIME object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.MethodData(_pkt, /, *, seq=[<PADATA |>])[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE_OF seq>¶
- aliastypes¶
- class scapy.layers.kerberos.PADATA(_pkt, /, *, padataType=0x0 <ASN1_INTEGER[0]>, padataValue=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_enum_INTEGER object>, <scapy.layers.kerberos._PADATA_value_Field object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.PA_AUTHENTICATION_SET(_pkt, /, *, elems=[<PA_AUTHENTICATION_SET_ELEM |>])[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE_OF elems>¶
- aliastypes¶
- class scapy.layers.kerberos.PA_AUTHENTICATION_SET_ELEM(_pkt, /, *, paType=0x0 <ASN1_INTEGER[0]>, paHint=<ASN1_STRING['']>, paValue=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.PA_ENC_TS_ENC(_pkt, /, *, patimestamp=20230203222246Z [invalid generalized time] <ASN1_GENERALIZED_TIME[<GeneralizedTime>]>, pausec=0x0 <ASN1_INTEGER[0]>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_GENERALIZED_TIME object>, <scapy.asn1fields.ASN1F_optional object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.PA_FX_FAST_REPLY(_pkt, /, *, armoredData=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <scapy.asn1fields.ASN1F_CHOICE object>¶
- aliastypes¶
- class scapy.layers.kerberos.PA_FX_FAST_REQUEST(_pkt, /, *, armoredData=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <scapy.asn1fields.ASN1F_CHOICE object>¶
- aliastypes¶
- class scapy.layers.kerberos.PA_PAC_OPTIONS(_pkt, /, *, options=0)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_FLAGS object>,)>¶
- aliastypes¶
- class scapy.layers.kerberos.PA_PAC_REQUEST(_pkt, /, *, includePac=True <ASN1_BOOLEAN[True]>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_BOOLEAN object>,)>¶
- aliastypes¶
- class scapy.layers.kerberos.PA_PK_AS_REP(_pkt, /, *, rep=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <scapy.asn1fields.ASN1F_CHOICE object>¶
- aliastypes¶
- class scapy.layers.kerberos.PA_PK_AS_REQ(_pkt, /, *, signedAuthpack=<ASN1_STRING['']>, trustedCertifiers=[<ExternalPrincipalIdentifier |>], kdcPkId=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_STRING object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>)>¶
- aliastypes¶
- class scapy.layers.kerberos.PA_SUPPORTED_ENCTYPES(_pkt, /, *, flags=<Flag 0 ()>)[source]¶
Bases:
Packet
- aliastypes¶
- fields_desc¶
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | FLAGS | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. PA_SUPPORTED_ENCTYPES
PA_SUPPORTED_ENCTYPES fields¶ flags
<Flag 0 ()>
- class scapy.layers.kerberos.PrincipalName(_pkt, /, *, nameType=0x0 <ASN1_INTEGER[0]>, nameString=[])[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_enum_INTEGER object>, <ASN1F_SEQUENCE_OF nameString>)>¶
- aliastypes¶
- class scapy.layers.kerberos.TransitedEncoding(_pkt, /, *, trType=0x0 <ASN1_INTEGER[0]>, contents=<ASN1_STRING['']>)[source]¶
Bases:
ASN1_Packet
- ASN1_codec = <ASN1Codec BER[1]>¶
- ASN1_root = <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <scapy.asn1fields.ASN1F_STRING object>)>¶
- aliastypes¶
- scapy.layers.kerberos.krb_as_req(upn, ip, key=None, password=None, **kwargs)[source]¶
Kerberos AS-Req
- Parameters:
upn – the user principal name formatted as “DOMAINuser” or “user@DOMAIN”
ip – the KDC ip
key – (optional) pass the Key object
password – (optional) otherwise, pass the user’s password
- Returns:
returns a named tuple (asrep=<…>, sessionkey=<…>)
Example:
>>> # The KDC is on 192.168.122.17, we ask a TGT for user1 >>> krb_as_req("user1@DOMAIN.LOCAL", "192.168.122.17", password="Password1")
Equivalent:
>>> from scapy.libs.rfc3961 import Key, EncryptionType >>> key = Key(EncryptionType.AES256, key=hex_bytes("6d0748c546f4e99205 ...: e78f8da7681d4ec5520ae4815543720c2a647c1ae814c9")) >>> krb_as_req("user1@DOMAIN.LOCAL", "192.168.122.17", key=key)