1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
## Distro
Fedora 31
## GSSAPI Impl
Kerberos 5 release 1.18.1 with gss-ntlmssp 0.9.0
## Connection Info:
Connecting to host using FQDN and a proper SPN setup. Using explicit credentials with the Kerberos OID.
## Notes
Just a raw Kerberos token exchange, nothing too complex about it all
## Tokens
```yaml
MessageType: SPNEGO InitialContextToken
Data:
thisMech: Kerberos (1.2.840.113554.1.2.2)
innerContextToken:
MessageType: AP-REQ (14)
Data:
pvno: 5
msg-type: AP-REQ (14)
ap-options:
raw: 32
flags:
- mutual-required (32)
ticket:
tkt-vno: 5
realm: DOMAIN.LOCAL
sname:
name-type: NT-SRV-HST (3)
name-string:
- host
- dc01
enc-part:
etype: AES256_CTS_HMAC_SHA1_96 (18)
kvno: 6
cipher: 1511F4525F1BD6BF7FFBD947FD7BA0028F417F1B1B910F1893A1CF53EB4BAE12C9F030EDE258C5547D072E1684F40D93FFF7123D19F1AD2524B6E8D15825819E7A1C22F96A848BFF62D2B75DA2D008324F39BD5E1F8050E418DD0770C7D58EF232928D51FD0CBA8D2A086B395A5D90DA1B81241EBAED93CE692634EC0AA0F8BA2DE5350F5E63D3644A4BFED28411A43BA12EDF18634491883717B6A60B15CC5F42A831665B0B46798D0BBF73CAE7FF8093886FC3431B45046E9C0496D8E49D08ABEEE4DE1BC215A2054DAED843439852F93015B5F6D02FF3F9E6EC2D15BA0A45BA5BF990703944D1FB07C42D181A2E1C040D778FAD7F782F335A1096F00E52FAAD504211DDFEF2A0E5A0441E37F94EF3C9660636E0D56E4B86D789D7131D02B3CCD4922A368AC3DFF89BF25B6034651C86B852DBA4BFB7B6074FF8FF7B730C4DB81DE33E7DE4E2B23197C22DA4AFE9ED5C56A67A3E34B96656554F5CA91CD836BAB4000F9FF8B3D9CD67B6121DF10921E24F8742168538F93CEAB9E9AE205ADF3C421115A8ADEC63D265918C4FA0725C407008B27FC4BEFACD5CA8A0D3340ECDD664E21A2F26B7942A8B224A430E04E35FDCF710B9924C6CB9B08C2754F99A3DADEDE75A64081FB13975A6231076F12A5A537774EBA2540A5C4818B809F3B5B3428876B64F51E322924A1CED25B9E2A3ECA62B21675C0ED2F8682D66C4CEA80D3C075357774FBAC0F788983605F6410B4AA74BFAE95BF85713CCA87F1851372C9FA4D8A75283844F465A780FA350E1572418AE2B5718895A6627D0CBAF2B6C42BC0BB61E03A9439EB7090A83B3682B305B821EA940DCE94786C06B5963492DD940D8173F9BAEF3B96D7202282172D035B20883975AC044C818060D0A8FD846CC6786D79ED08C2C304061A89E32C4701C784D2F31E664EEE5EAF1625D7514872BAF99E2F8070A6BB33EBFB93912C159CE5C7B21D5E77DBD8915D79DEC3126B61FF5105523717F1F636256915755B11509E85D3C2AD61E96BED5D2050EE5F720FD1F59699F45A6D7FA1A4523013778022ECF748F2A001163EF0B1A1488B3A48D8B7645A5DD6A9FCC5003CE38640F74E880FC4B2106884E6A6714E84F2787EE18CDC68A3874DEC595B8A3E7335D09941B9176EBADB8EC6B8C5C658DC8938F1A3327B10D5A1E70DCF68EB08322069EF4DE08022D6550A525B4F79FFFBD054C76745C3ECC0428C95D744C860C040A932C370401D41608247FFFC08D03A3DD70905BAEDD9989ABA6E60F47470E81D8132D6AE73DDB35000036F697B9546EC3E4B7AECFC4C7675745446D9E19E58529D70D379E5BCAF7B8F8260A8DD7AAF77C1755ED29ECE18E26BB22A5D7F1E1E2B0F2264FC135752E7B52237A30A54F6D7B1ABC6C1E4D00881DBCA8B5D845579EDD097E0D0EFC0726BA23E4CDFCFD3A563CED31C4C360EA48DCDF8E77
authenticator:
etype: AES256_CTS_HMAC_SHA1_96 (18)
kvno:
cipher: 9EBCD8271829DE277ADFF187FC65AD4D05E611F0AA151F702440F67823FC48C6FBD56C93DF645126902215436282A91679C0A5CE536BEF7E4E13EA22C6518E1748DDF183B11490FBEC841A4FBA75422EEAFEAA56754F8D2CB2BBD5D23CCDD986C2527020BDD042C2AFA4F3D92314431FA70D118EFDBE8C13BA7C3CDB689D22FE21366D0FB5F104C99CD8D6B6900B4B05E8629FF28C05B5396CA228121B3A8F66BC1278F6A92E2295C763B52C86EC302775EA7BAB4657BF021E51C61EBFCCC2AF92CF581DF07CFB2C292B
RawData: 01006E82054D30820549A003020105A10302010EA20703050020000000A3820457618204533082044FA003020105A10E1B0C444F4D41494E2E4C4F43414CA2173015A003020103A10E300C1B04686F73741B0464633031A382041D30820419A003020112A103020106A282040B048204071511F4525F1BD6BF7FFBD947FD7BA0028F417F1B1B910F1893A1CF53EB4BAE12C9F030EDE258C5547D072E1684F40D93FFF7123D19F1AD2524B6E8D15825819E7A1C22F96A848BFF62D2B75DA2D008324F39BD5E1F8050E418DD0770C7D58EF232928D51FD0CBA8D2A086B395A5D90DA1B81241EBAED93CE692634EC0AA0F8BA2DE5350F5E63D3644A4BFED28411A43BA12EDF18634491883717B6A60B15CC5F42A831665B0B46798D0BBF73CAE7FF8093886FC3431B45046E9C0496D8E49D08ABEEE4DE1BC215A2054DAED843439852F93015B5F6D02FF3F9E6EC2D15BA0A45BA5BF990703944D1FB07C42D181A2E1C040D778FAD7F782F335A1096F00E52FAAD504211DDFEF2A0E5A0441E37F94EF3C9660636E0D56E4B86D789D7131D02B3CCD4922A368AC3DFF89BF25B6034651C86B852DBA4BFB7B6074FF8FF7B730C4DB81DE33E7DE4E2B23197C22DA4AFE9ED5C56A67A3E34B96656554F5CA91CD836BAB4000F9FF8B3D9CD67B6121DF10921E24F8742168538F93CEAB9E9AE205ADF3C421115A8ADEC63D265918C4FA0725C407008B27FC4BEFACD5CA8A0D3340ECDD664E21A2F26B7942A8B224A430E04E35FDCF710B9924C6CB9B08C2754F99A3DADEDE75A64081FB13975A6231076F12A5A537774EBA2540A5C4818B809F3B5B3428876B64F51E322924A1CED25B9E2A3ECA62B21675C0ED2F8682D66C4CEA80D3C075357774FBAC0F788983605F6410B4AA74BFAE95BF85713CCA87F1851372C9FA4D8A75283844F465A780FA350E1572418AE2B5718895A6627D0CBAF2B6C42BC0BB61E03A9439EB7090A83B3682B305B821EA940DCE94786C06B5963492DD940D8173F9BAEF3B96D7202282172D035B20883975AC044C818060D0A8FD846CC6786D79ED08C2C304061A89E32C4701C784D2F31E664EEE5EAF1625D7514872BAF99E2F8070A6BB33EBFB93912C159CE5C7B21D5E77DBD8915D79DEC3126B61FF5105523717F1F636256915755B11509E85D3C2AD61E96BED5D2050EE5F720FD1F59699F45A6D7FA1A4523013778022ECF748F2A001163EF0B1A1488B3A48D8B7645A5DD6A9FCC5003CE38640F74E880FC4B2106884E6A6714E84F2787EE18CDC68A3874DEC595B8A3E7335D09941B9176EBADB8EC6B8C5C658DC8938F1A3327B10D5A1E70DCF68EB08322069EF4DE08022D6550A525B4F79FFFBD054C76745C3ECC0428C95D744C860C040A932C370401D41608247FFFC08D03A3DD70905BAEDD9989ABA6E60F47470E81D8132D6AE73DDB35000036F697B9546EC3E4B7AECFC4C7675745446D9E19E58529D70D379E5BCAF7B8F8260A8DD7AAF77C1755ED29ECE18E26BB22A5D7F1E1E2B0F2264FC135752E7B52237A30A54F6D7B1ABC6C1E4D00881DBCA8B5D845579EDD097E0D0EFC0726BA23E4CDFCFD3A563CED31C4C360EA48DCDF8E77A481D83081D5A003020112A281CD0481CA9EBCD8271829DE277ADFF187FC65AD4D05E611F0AA151F702440F67823FC48C6FBD56C93DF645126902215436282A91679C0A5CE536BEF7E4E13EA22C6518E1748DDF183B11490FBEC841A4FBA75422EEAFEAA56754F8D2CB2BBD5D23CCDD986C2527020BDD042C2AFA4F3D92314431FA70D118EFDBE8C13BA7C3CDB689D22FE21366D0FB5F104C99CD8D6B6900B4B05E8629FF28C05B5396CA228121B3A8F66BC1278F6A92E2295C763B52C86EC302775EA7BAB4657BF021E51C61EBFCCC2AF92CF581DF07CFB2C292B
RawData: 6082055E06092A864886F71201020201006E82054D30820549A003020105A10302010EA20703050020000000A3820457618204533082044FA003020105A10E1B0C444F4D41494E2E4C4F43414CA2173015A003020103A10E300C1B04686F73741B0464633031A382041D30820419A003020112A103020106A282040B048204071511F4525F1BD6BF7FFBD947FD7BA0028F417F1B1B910F1893A1CF53EB4BAE12C9F030EDE258C5547D072E1684F40D93FFF7123D19F1AD2524B6E8D15825819E7A1C22F96A848BFF62D2B75DA2D008324F39BD5E1F8050E418DD0770C7D58EF232928D51FD0CBA8D2A086B395A5D90DA1B81241EBAED93CE692634EC0AA0F8BA2DE5350F5E63D3644A4BFED28411A43BA12EDF18634491883717B6A60B15CC5F42A831665B0B46798D0BBF73CAE7FF8093886FC3431B45046E9C0496D8E49D08ABEEE4DE1BC215A2054DAED843439852F93015B5F6D02FF3F9E6EC2D15BA0A45BA5BF990703944D1FB07C42D181A2E1C040D778FAD7F782F335A1096F00E52FAAD504211DDFEF2A0E5A0441E37F94EF3C9660636E0D56E4B86D789D7131D02B3CCD4922A368AC3DFF89BF25B6034651C86B852DBA4BFB7B6074FF8FF7B730C4DB81DE33E7DE4E2B23197C22DA4AFE9ED5C56A67A3E34B96656554F5CA91CD836BAB4000F9FF8B3D9CD67B6121DF10921E24F8742168538F93CEAB9E9AE205ADF3C421115A8ADEC63D265918C4FA0725C407008B27FC4BEFACD5CA8A0D3340ECDD664E21A2F26B7942A8B224A430E04E35FDCF710B9924C6CB9B08C2754F99A3DADEDE75A64081FB13975A6231076F12A5A537774EBA2540A5C4818B809F3B5B3428876B64F51E322924A1CED25B9E2A3ECA62B21675C0ED2F8682D66C4CEA80D3C075357774FBAC0F788983605F6410B4AA74BFAE95BF85713CCA87F1851372C9FA4D8A75283844F465A780FA350E1572418AE2B5718895A6627D0CBAF2B6C42BC0BB61E03A9439EB7090A83B3682B305B821EA940DCE94786C06B5963492DD940D8173F9BAEF3B96D7202282172D035B20883975AC044C818060D0A8FD846CC6786D79ED08C2C304061A89E32C4701C784D2F31E664EEE5EAF1625D7514872BAF99E2F8070A6BB33EBFB93912C159CE5C7B21D5E77DBD8915D79DEC3126B61FF5105523717F1F636256915755B11509E85D3C2AD61E96BED5D2050EE5F720FD1F59699F45A6D7FA1A4523013778022ECF748F2A001163EF0B1A1488B3A48D8B7645A5DD6A9FCC5003CE38640F74E880FC4B2106884E6A6714E84F2787EE18CDC68A3874DEC595B8A3E7335D09941B9176EBADB8EC6B8C5C658DC8938F1A3327B10D5A1E70DCF68EB08322069EF4DE08022D6550A525B4F79FFFBD054C76745C3ECC0428C95D744C860C040A932C370401D41608247FFFC08D03A3DD70905BAEDD9989ABA6E60F47470E81D8132D6AE73DDB35000036F697B9546EC3E4B7AECFC4C7675745446D9E19E58529D70D379E5BCAF7B8F8260A8DD7AAF77C1755ED29ECE18E26BB22A5D7F1E1E2B0F2264FC135752E7B52237A30A54F6D7B1ABC6C1E4D00881DBCA8B5D845579EDD097E0D0EFC0726BA23E4CDFCFD3A563CED31C4C360EA48DCDF8E77A481D83081D5A003020112A281CD0481CA9EBCD8271829DE277ADFF187FC65AD4D05E611F0AA151F702440F67823FC48C6FBD56C93DF645126902215436282A91679C0A5CE536BEF7E4E13EA22C6518E1748DDF183B11490FBEC841A4FBA75422EEAFEAA56754F8D2CB2BBD5D23CCDD986C2527020BDD042C2AFA4F3D92314431FA70D118EFDBE8C13BA7C3CDB689D22FE21366D0FB5F104C99CD8D6B6900B4B05E8629FF28C05B5396CA228121B3A8F66BC1278F6A92E2295C763B52C86EC302775EA7BAB4657BF021E51C61EBFCCC2AF92CF581DF07CFB2C292B
```
```yaml
MessageType: SPNEGO InitialContextToken
Data:
thisMech: Kerberos (1.2.840.113554.1.2.2)
innerContextToken:
MessageType: AP-REP (15)
Data:
pvno: 5
msg-type: AP-REP (15)
enc-part:
etype: AES256_CTS_HMAC_SHA1_96 (18)
kvno:
cipher: A9101C6FFD75B45AE568FBB3D06CBA7EE8F0B6A576867835F130AAB7C09F0599994640FE82426D2489B5E1DBB0B5AE8E26CCC6E653A3DDCE1E1D7D4B3E031309F6F1BB14C3D4ED3AD499F097408EFAF2D9A945B742F7FABC64C724F55944C86E96AD5950C6FB2C1C55171362B3AAA2
RawData: 02006F8189308186A003020105A10302010FA27A3078A003020112A271046FA9101C6FFD75B45AE568FBB3D06CBA7EE8F0B6A576867835F130AAB7C09F0599994640FE82426D2489B5E1DBB0B5AE8E26CCC6E653A3DDCE1E1D7D4B3E031309F6F1BB14C3D4ED3AD499F097408EFAF2D9A945B742F7FABC64C724F55944C86E96AD5950C6FB2C1C55171362B3AAA2
RawData: 60819906092A864886F71201020202006F8189308186A003020105A10302010FA27A3078A003020112A271046FA9101C6FFD75B45AE568FBB3D06CBA7EE8F0B6A576867835F130AAB7C09F0599994640FE82426D2489B5E1DBB0B5AE8E26CCC6E653A3DDCE1E1D7D4B3E031309F6F1BB14C3D4ED3AD499F097408EFAF2D9A945B742F7FABC64C724F55944C86E96AD5950C6FB2C1C55171362B3AAA2
```
|
