Kekeo – A Little Toolbox To Play With Microsoft Kerberos In C

kekeo is a little toolbox I have started to manipulate Microsoft Kerberos in C (and for fun)

ASN.1 library

In kekeo, I use an external commercial library to deal with Kerberos ASN.1 structures: OSS ASN.1/C (http://www.oss.com/asn1/products/asn1-c/asn1-c.html)
It was the only code generator/library that I’ve found to work easily with Microsoft C project.

  • works without a lots of dependencies;
  • magical documentation;
  • wonderful support for my stupid questions;
  • had a binary that work only few hours after started my project…

They were kind enough to offer me a 1-year licence.
With this one, I’m able to let you download binaries that run in your environment.
So don’t forget to thank them ( http://www.oss.com/company/contact-us.html / https://twitter.com/OSSNokalva )

Limitations

  • Binaries will work until December 21, 2017 (yeah, 1 year licence ;));
  • You must buy a licence from OSS ASN.1/C (or download a trial version) to build kekeo solution/adapt it.

Building kekeo with ASN.1/C

You can’t build kekeo out-of-the-box, you’have to generate C files and link with OSS libraries.

After downloading and installing a commercial/trial version of OSS ASN.1/C, Win32 and/or x64:

  1. Open a command prompt in ($kekeo)modulesasn1

  2. Adapt the ASN1C variable to your ASN.1/C configuration (architecture & version)

    set ASN1C="C:Program FilesOSS Nokalvaossasn1winx6410.4.0"
  3. Depending on the targeted lib architecture:

    • Win32
      %ASN1C%binasn1.exe ^
      %ASN1C%asn1dfltasn1dflt.ms.zp4 ^
      KerberosV5Spec2.asn KerberosV5-PK-INIT-SPEC.asn PKIX1Explicit88.asn PKINIT.asn MS-SFU-KILE.asn ^
      -noSampleCode -der -root -CStyleComments -externalName kekeo_asn1 -messageFormat msvc -verbose ^
      -headerFile kull_m_kerberos_oss_asn1_internal.h -soedFile kull_m_kerberos_oss_asn1_internal_Win32.c
    • x64
      %ASN1C%binasn1.exe ^
      %ASN1C%asn1dfltasn1dflt.msx64.zp8 ^
      KerberosV5Spec2.asn KerberosV5-PK-INIT-SPEC.asn PKIX1Explicit88.asn PKINIT.asn MS-SFU-KILE.asn ^
      -noSampleCode -der -root -CStyleComments -externalName kekeo_asn1 -messageFormat msvc -verbose ^
      -headerFile kull_m_kerberos_oss_asn1_internal.h -soedFile kull_m_kerberos_oss_asn1_internal_x64.c

    Header file kull_m_kerberos_oss_asn1_internal.h is the same for both architecture.

  4. Copy from OSS ASN.1/C install dir (eg: C:Program FilesOSS Nokalvaossasn1winx6410.4.0)

    • includeossasn1.h to ($kekeo)inc
    • includeosstype.h to ($kekeo)inc
    • libsoeddefa.libto ($kekeo)lib{Win32 or x64}
    • libossiphlp.libto ($kekeo)lib{Win32 or x64}

You can now build the kekeo solution in Visual Studio

Licence

CC BY-NC-SA 4.0 licence – https://creativecommons.org/licenses/by-nc-sa/4.0/

Acknowledgements

Author

Benjamin DELPY gentilkiwi, you can contact me on Twitter ( @gentilkiwi ) or by mail ( benjamin [at] gentilkiwi.com )

This is a personal development, please respect its philosophy and don’t use it for bad things!

79MeWbwODY4

click here to read full Article

Read More on Pentesting Tools

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: