-
Notifications
You must be signed in to change notification settings - Fork 45
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
klist - Bad format in credentials cache #3
Comments
Here be dragons!
Two things:
1. The examples are not up to date with the current code, I am actively modifying them, should be updated in a few days.
2. The CCACHE file format was only tested with impacket library so far, so it was expected to give an error with another kerberos app/lib. You may thank the nonexistent documentation on this file format :(
Nevertheless, I will look into it when I get some time.
Will get back on this in a few days.
… On 21 Apr 2019, at 11:04, jerer ***@***.***> wrote:
TGT retreived with sample code cannot be read with klist command.
Below is python code to get TGT:
`
from minikerberos.common import *
from minikerberos.communication import *
ccred = KerberosCredential()
ccred.username = 'administrator'
ccred.domain = 'KB.COM'
ccred.password = 'password'
ksoc = KerberosSocket('krb.kb.com', soc_type = KerberosSocketType.TCP)
kc = KerbrosComm(ccred, ksoc)
kc.get_TGT()
kc.ccache.to_file('/tmp/krb5cc_0')
`
Below is krb5.conf:
`
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
pkinit_anchors = /etc/pki/tls/certs/ca-bundle.crt
default_ccache_name = FILE:/tmp/krb5cc_%{uid}
default_realm = KB.COM
[realms]
KB.COM = {
}
[domain_realm]
kb.com = KB.COM
.kb.com = KB.COM
`
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
Okay, updated a LOT of code just now. |
Yes, now |
TGT retreived with sample code cannot be read with klist command (klist returns error "Bad format in credentials cache").
Below is python code to get TGT:
Below is krb5.conf:
The text was updated successfully, but these errors were encountered: