hi list I just checked in a tiny patch for telnet to dissect some authentication options for (kerberized) telnet. currently only SEND and NAME suboptions are dissected but soon also, hopefully, the REPLY suboptions containing kerberos tickets.
Please test. attached capture contain a kerberized telnet session to authenticate and login. attached is also the keytab file containing both the host/curie keytab entry for the server and also a few user principals (all user principals are joe-accounts => password==account-name) No fear, the kerberos realm where these captures/keytabs were taken from was a completely private network built from scratch to generate this capture and this keytab and nothing else. It was never attached to a real network. all systems have been scrubbed and hteir storage destroyed since. The non decrypted parts of the telnet options contain kerberos tickets and stuff, something we can use to test any keytab driven open ticket and extract the session key. It would be very useful to continue this work and the other kerberos work done to allow parsing of keytab files and opening of tickets to extract the session keys to make it easier to reverse engineer various modern protocols. Anyone with knowledge on how MIT kerberos keytab files are structured are more than welcome to email me. For our purposes we could get by with a very simple non-threaded/non-recursive parsing of these files and we dont need the complexity to link with any kerberos libs. best regards ronnie s.
krb5.keytab
Description: Binary data
krb5-8.cap
Description: Binary data
_______________________________________________ Ethereal-dev mailing list [EMAIL PROTECTED] http://www.ethereal.com/mailman/listinfo/ethereal-dev
