klist - Bad format in credentials cache #3
Comments
|
Here be dragons!
Two things:
1. The examples are not up to date with the current code, I am actively modifying them, should be updated in a few days.
2. The CCACHE file format was only tested with impacket library so far, so it was expected to give an error with another kerberos app/lib. You may thank the nonexistent documentation on this file format :(
Nevertheless, I will look into it when I get some time.
Will get back on this in a few days.
… On 21 Apr 2019, at 11:04, jerer ***@***.***> wrote:
TGT retreived with sample code cannot be read with klist command.
Below is python code to get TGT:
`
from minikerberos.common import *
from minikerberos.communication import *
ccred = KerberosCredential()
ccred.username = 'administrator'
ccred.domain = 'KB.COM'
ccred.password = 'password'
ksoc = KerberosSocket('krb.kb.com', soc_type = KerberosSocketType.TCP)
kc = KerbrosComm(ccred, ksoc)
kc.get_TGT()
kc.ccache.to_file('/tmp/krb5cc_0')
`
Below is krb5.conf:
`
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
pkinit_anchors = /etc/pki/tls/certs/ca-bundle.crt
default_ccache_name = FILE:/tmp/krb5cc_%{uid}
default_realm = KB.COM
[realms]
KB.COM = {
}
[domain_realm]
kb.com = KB.COM
.kb.com = KB.COM
`
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
Okay, updated a LOT of code just now. |
|
Yes, now |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
TGT retreived with sample code cannot be read with klist command (klist returns error "Bad format in credentials cache").
Below is python code to get TGT:
Below is krb5.conf:
The text was updated successfully, but these errors were encountered: