class Rex::Proto::Kerberos::Pac::LogonInfo

@todo Make more fields user controllable, instead of constants. This class provides a representation of a PAC_LOGON_INFO structure, which contains the credential information for the client of the Kerberos ticket.

Attributes

effective_name[RW]

@!attribute effective_name

@return [String] The client's Windows 2000 user name
group_ids[RW]

@!attribute group_ids

@return [Array<Fixnum>] Array of relative Ids of the groups which the client is a member
logon_domain_id[RW]

@!attribute logon_domain_sid

@return [String] The SID of the client's domain
logon_domain_name[RW]

@!attribute logon_domain_name

@return [String] The netbios name of the client's domain
logon_time[RW]

@!attribute logon_time

@return [Time] The time the client last logged on
primary_group_id[RW]

@!attribute primary_group_id

@return [Fixnum] The relative ID for the client's primary group
user_id[RW]

@!attribute user_id

@return [Fixnum] The relative ID for the client

Public Instance Methods

encode() click to toggle source

Encodes the Rex::Proto::Kerberos::Pac::LogonInfo

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 36
def encode
  elements = []
  elements[0] = ''
  elements[0] << encode_element_id
  elements[0] << encode_logon_time
  elements[0] << encode_logoff_time
  elements[0] << encode_kickoff_time
  elements[0] << encode_password_last_set
  elements[0] << encode_password_can_change
  elements[0] << encode_password_must_change
  elements[0] << encode_effective_name
  elements << encode_effective_name_info
  elements[0] << encode_full_name
  elements << encode_full_name_info
  elements[0] << encode_logon_script
  elements << encode_logon_script_info
  elements[0] << encode_profile_path
  elements << encode_profile_path_info
  elements[0] << encode_home_directory
  elements << encode_home_directory_info
  elements[0] << encode_home_directory_drive
  elements << encode_home_directory_drive_info
  elements[0] << encode_logon_count
  elements[0] << encode_bad_password_count
  elements[0] << encode_user_id
  elements[0] << encode_primary_group_id
  elements[0] << encode_group_count
  elements[0] << encode_group_ids
  elements << encode_group_ids_info
  elements[0] << encode_user_flags
  elements[0] << encode_user_session_key
  elements[0] << encode_logon_server
  elements << encode_logon_server_info
  elements[0] << encode_logon_domain_name
  elements << encode_logon_domain_name_info
  elements[0] << encode_logon_domain_id
  elements << encode_logon_domain_id_info
  elements[0] << encode_reserved_one
  elements[0] << encode_user_account_control
  elements[0] << encode_reserved_three
  elements[0] << encode_sid_count
  elements[0] << encode_extra_sids
  elements[0] << encode_resource_group_domain_sid
  elements[0] << encode_resource_group_count
  elements[0] << encode_resource_group_ids

  decoded = ''
  elements.each do |elem|
    decoded << elem
    decoded << "\x00" * ((elem.length + 3) / 4 * 4 - elem.length)
  end

  header = "\x01\x10\x08\x00\xcc\xcc\xcc\xcc"
  header << [decoded.length, 0].pack('VV')

  header + decoded
end

Private Instance Methods

encode_bad_password_count() click to toggle source

Encodes the bad_password_count (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 341
def encode_bad_password_count
  [0].pack('v')
end
encode_effective_name() click to toggle source

Encodes the effective_name id field

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 152
def encode_effective_name
  unicode = Rex::Text.to_unicode(effective_name)

  encoded = ''
  encoded << [
    unicode.length,
    unicode.length,
    0x20004
  ].pack('vvV')

  encoded
end
encode_effective_name_info() click to toggle source

Encodes the effective_name info field

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 168
def encode_effective_name_info
  unicode = Rex::Text.to_unicode(effective_name)

  encoded = ''
  encoded << [
    effective_name.length,
    effective_name.length
  ].pack('Q<V')
  encoded << unicode
end
encode_element_id() click to toggle source

Encodes the netlogon type

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 99
def encode_element_id
  [NETLOGON_FLAG].pack('V')
end
encode_extra_sids() click to toggle source

Encodes the extra_sids (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 537
def encode_extra_sids
  [0].pack('V')
end
encode_full_name() click to toggle source

Encodes the full_name id

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 182
def encode_full_name
  unicode = Rex::Text.to_unicode('')
  encoded = ''
  encoded << [
    unicode.length,
    unicode.length,
    0x20008
  ].pack('vvV')

  encoded
end
encode_full_name_info() click to toggle source

Encodes the full_name_info (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 197
def encode_full_name_info
  unicode = Rex::Text.to_unicode('')
  encoded = ''
  encoded << [
    ''.length,
    ''.length
  ].pack('Q<V')
  encoded << unicode
  encoded
end
encode_group_count() click to toggle source

Encodes the group_count field

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 362
def encode_group_count
  [group_ids.length].pack('V')
end
encode_group_ids() click to toggle source

Encodes the group_ids id

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 369
def encode_group_ids
  encoded = ''
  encoded << [0x2001c].pack('V')

  encoded
end
encode_group_ids_info() click to toggle source

Encodes the group_ids info

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 379
def encode_group_ids_info
  encoded = ''
  encoded << [group_ids.length].pack('V')
  group_ids.each do |group|
    encoded << [
      group,
      SE_GROUP_ALL
    ].pack('VV')
  end

  encoded
end
encode_home_directory() click to toggle source

Encodes the home_directory id

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 273
def encode_home_directory
  unicode = Rex::Text.to_unicode('')

  encoded = ''
  encoded << [
    unicode.length,
    unicode.length,
    0x20014
  ].pack('vvV')

  encoded
end
encode_home_directory_drive() click to toggle source

Encodes hte home_directory_drive id

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 304
def encode_home_directory_drive
  unicode = Rex::Text.to_unicode('')

  encoded = ''
  encoded << [
    unicode.length,
    unicode.length,
    0x20018
  ].pack('vvV')
  encoded
end
encode_home_directory_drive_info() click to toggle source

Encodes the home_directory_drive info (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 319
def encode_home_directory_drive_info
  unicode = Rex::Text.to_unicode('')
  encoded = ''
  encoded << [
      ''.length,
      ''.length
  ].pack('Q<V')
  encoded << unicode

  encoded
end
encode_home_directory_info() click to toggle source

Encodes the home_directory info (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 289
def encode_home_directory_info
  unicode = Rex::Text.to_unicode('')
  encoded = ''
  encoded << [
      ''.length,
      ''.length
  ].pack('Q<V')
  encoded << unicode

  encoded
end
encode_kickoff_time() click to toggle source

Encodes the kickoff time (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 124
def encode_kickoff_time
  [NEVER_EXPIRE].pack('Q<')
end
encode_logoff_time() click to toggle source

Encodes the logoff time (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 117
def encode_logoff_time
  [NEVER_EXPIRE].pack('Q<')
end
encode_logon_count() click to toggle source

Encodes the logon_count (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 334
def encode_logon_count
  [0].pack('v')
end
encode_logon_domain_id() click to toggle source

Encodes the logon_domain_id id

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 470
def encode_logon_domain_id
  encoded = ''
  encoded << [0x20028].pack('V')

  encoded
end
encode_logon_domain_id_info() click to toggle source

Encodes the logon_domain_id info field

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 480
def encode_logon_domain_id_info
  components = logon_domain_id.split('-')
  unless components[0] == 'S'
    raise ::RuntimeError, 'PAC-LOGON-INFO encoding failed: incorrect LogonDomainId'
  end
  components.slice!(0) # Delete the 'S' component

  encoded = ''
  encoded << [
      components.length - 2,
      components[0].to_i,
      components.length - 2
  ].pack('VCC')

  encoded << [
      components[1].to_i >> 16,
      components[1].to_i & 0xffff
  ].pack('Nn')

  components[2, components.length].each do |c|
    encoded << [c.to_i].pack('V')
  end

  encoded
end
encode_logon_domain_name() click to toggle source

Encodes the logon_domain_name id

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 439
def encode_logon_domain_name
  unicode = Rex::Text.to_unicode(logon_domain_name)

  encoded = ''
  encoded << [
    unicode.length,
    unicode.length,
    0x20024
  ].pack('vvV')

  encoded
end
encode_logon_domain_name_info() click to toggle source

Encodes the logon_domain_name info field

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 455
def encode_logon_domain_name_info
  unicode = Rex::Text.to_unicode(logon_domain_name)
  encoded = ''
  encoded << [
    logon_domain_name.length,
    logon_domain_name.length
  ].pack('Q<V')
  encoded << unicode

  encoded
end
encode_logon_script() click to toggle source

Encodes the logon_script id

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 211
def encode_logon_script
  unicode = Rex::Text.to_unicode('')

  encoded = ''
  encoded << [
    unicode.length,
    unicode.length,
    0x2000c
  ].pack('vvV')

  encoded
end
encode_logon_script_info() click to toggle source

Encodes the logon_script info (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 227
def encode_logon_script_info
  unicode = Rex::Text.to_unicode('')
  encoded = ''
  encoded << [
    ''.length,
    ''.length
  ].pack('Q<V')
  encoded << unicode

  encoded
end
encode_logon_server() click to toggle source

Encodes the logon_server id

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 409
def encode_logon_server
  unicode = Rex::Text.to_unicode('')

  encoded = ''
  encoded << [
    unicode.length,
    unicode.length,
    0x20020
  ].pack('vvV')
  encoded
end
encode_logon_server_info() click to toggle source

Encodes the logon_server info (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 424
def encode_logon_server_info
  unicode = Rex::Text.to_unicode('')
  encoded = ''
  encoded << [
    ''.length,
    ''.length
  ].pack('Q<V')
  encoded << unicode

  encoded
end
encode_logon_time() click to toggle source

Encodes the logon_time attribute

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 106
def encode_logon_time
  file_time = (logon_time.to_i + SEC_TO_UNIX_EPOCH) * WINDOWS_TICK
  encoded = ''
  encoded << [file_time].pack('Q<')

  encoded
end
encode_password_can_change() click to toggle source

Encodes the password_can_change (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 138
def encode_password_can_change
  [0].pack('Q<')
end
encode_password_last_set() click to toggle source

Encodes the password_last_set (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 131
def encode_password_last_set
  [0].pack('Q<')
end
encode_password_must_change() click to toggle source

Encodes the password_must_change (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 145
def encode_password_must_change
  [NEVER_EXPIRE].pack('Q<')
end
encode_primary_group_id() click to toggle source

Encodes the primary_group_id field

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 355
def encode_primary_group_id
  [primary_group_id].pack('V')
end
encode_profile_path() click to toggle source

Encodes the profile_path id

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 242
def encode_profile_path
  unicode = Rex::Text.to_unicode('')

  encoded = ''
  encoded << [
    unicode.length,
    unicode.length,
    0x20010
  ].pack('vvV')

  encoded
end
encode_profile_path_info() click to toggle source

Encodes the profile_path info (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 258
def encode_profile_path_info
  unicode = Rex::Text.to_unicode('')
  encoded = ''
  encoded << [
    ''.length,
    ''.length
  ].pack('Q<V')
  encoded << unicode

  encoded
end
encode_reserved_one() click to toggle source

Encodes the reserved_one (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 509
def encode_reserved_one
  [0, 0].pack('VV')
end
encode_reserved_three() click to toggle source

Encodes the reserved_three (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 523
def encode_reserved_three
  [0, 0, 0, 0, 0, 0, 0].pack('V*')
end
encode_resource_group_count() click to toggle source

Encodes the resource_group_count (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 551
def encode_resource_group_count
  [0].pack('V')
end
encode_resource_group_domain_sid() click to toggle source

Encodes the resource_group_domain_sid (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 544
def encode_resource_group_domain_sid
  [0].pack('V')
end
encode_resource_group_ids() click to toggle source

Encodes the resource_group_ids (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 558
def encode_resource_group_ids
  [0].pack('V')
end
encode_sid_count() click to toggle source

Encodes the sid_count (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 530
def encode_sid_count
  [0].pack('V')
end
encode_user_account_control() click to toggle source

Encodes the user_account_control (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 516
def encode_user_account_control
  [USER_NORMAL_ACCOUNT | USER_DONT_EXPIRE_PASSWORD].pack('V')
end
encode_user_flags() click to toggle source

Encodes the user_flags (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 395
def encode_user_flags
  [0].pack('V')
end
encode_user_id() click to toggle source

Encodes the user_id field

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 348
def encode_user_id
  [user_id].pack('V')
end
encode_user_session_key() click to toggle source

Encodes the user_session_key (constant)

@return [String]

# File lib/rex/proto/kerberos/pac/logon_info.rb, line 402
def encode_user_session_key
  [0, 0].pack('Q<Q<')
end