From 1becf51a5673acf0eab38c2abe568ca23b3da680 Mon Sep 17 00:00:00 2001 From: Nat Lasseter Date: Thu, 20 Feb 2025 09:14:12 +0000 Subject: [5.1] Tickets no longer double encrypted --- 5.1/get_mail.rb | 118 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 118 insertions(+) create mode 100755 5.1/get_mail.rb (limited to '5.1/get_mail.rb') diff --git a/5.1/get_mail.rb b/5.1/get_mail.rb new file mode 100755 index 0000000..4df3024 --- /dev/null +++ b/5.1/get_mail.rb @@ -0,0 +1,118 @@ +#!/usr/bin/env ruby + +require 'net/http' +require 'uri' +require 'json' + +def encrypt(obj, key) + cipher = OpenSSL::Cipher::AES.new(256, :CBC).encrypt + cipher.key = Digest::SHA2.digest(key) + s = cipher.update(obj) + cipher.final + s.unpack('H*')[0].upcase +end + +def decrypt(obj, key) + ticket = [obj].pack("H*").unpack("C*").pack("c*") + cipher = OpenSSL::Cipher::AES.new(256, :CBC).decrypt + cipher.key = Digest::SHA2.digest(key) + cipher.update(ticket) + cipher.final +end + +def gen_auth(un, ws, sk) + ts = Time.now.to_i + encrypt("#{un},#{ws},120,#{ts}", sk) +end + +def get_ticket(un, wsa, tgt, sv, sk) + uri = URI.parse("http://localhost:4567/ticket") + header = {'Content-Type': 'text/json'} + + login = { + "username": un, + "ticket": tgt, + "authenticator": gen_auth(un, wsa, sk), + "service": sv + } + + http = Net::HTTP.new(uri.host, uri.port) + request = Net::HTTP::Post.new(uri.request_uri, header) + request.body = login.to_json + + response = http.request(request) + response.body +end + +def ticket_valid?(ticket) + now = Time.now.to_i + timeStart = ticket["timestamp"] + timeEnd = ticket["timestamp"] + ticket["lifespan"] + now >= timeStart && now < timeEnd +end + +def update_keytab! + File.open(".keytab", "w") do |f| + f.puts Tickets.map { |s, p| [ + s, + p["sessionkey"], + p["ws_address"], + p["lifespan"], + p["timestamp"], + p["ticket"] + ].join(?,) } + end +end + +print "Username: "; un = gets.strip +print "Mailserver: "; ms = gets.strip + +unless File.exist?(".keytab") + puts "No keytab, please kinit" + exit 1 +end + +Tickets = File.readlines(".keytab").map { |l| + a = l.strip.split(?,) + [a[0], { + "sessionkey" => a[1], + "ws_address" => a[2], + "lifespan" => a[3].to_i, + "timestamp" => a[4].to_i, + "ticket" => a[5] + }] +}.to_h + +unless Tickets.keys.include?(ms) && ticket_valid?(Tickets[ms]) + if Tickets.keys.include?("_TGS") && ticket_valid?(Tickets["_TGS"]) + eanc, svt = get_ticket(un, Tickets["_TGS"]["ws_address"], + Tickets["_TGS"]["ticket"], + ms, Tickets["_TGS"]["sessionkey"]).split(?,) + anc = decrypt(eanc, Tickets["_TGS"]["sessionkey"]).split(?,) + Tickets[ms] = { + "sessionkey" => anc[0], + "ws_address" => anc[1], + "lifespan" => anc[2].to_i, + "timestamp" => anc[3].to_i, + "ticket" => svt + } + update_keytab! + else + puts "No Ticket Granting Ticket, please kinit" + exit 1 + end +end + +uri = URI.parse("http://localhost:4568/login") +header = {'Content-Type': 'text/json'} + +login = { + "username": un, + "ticket": Tickets[ms]["ticket"], + "authenticator": gen_auth(un, Tickets[ms]["ws_address"], Tickets[ms]["sessionkey"]) +} + +http = Net::HTTP.new(uri.host, uri.port) +request = Net::HTTP::Post.new(uri.request_uri, header) +request.body = login.to_json + +response = http.request(request) +puts response.body -- cgit v1.2.1