​

Class: Client

kerberos.Client

Known Issues: Hardcoded timeout in gokrb5 library TGT / Session Handling not exposed Client is kerberos client

Example

const kerberos = require('nuclei/kerberos');
// if controller is empty a dns lookup for default kdc server will be performed
const client = new kerberos.Client('acme.com', 'kdc.acme.com');

​

Table of contents

​

Constructors

• constructor

​

Properties

• Krb5Config
• Realm
• controller
• domain

​

Methods

• EnumerateUser
• GetServiceTicket
• SetConfig

​

Constructors

​

constructor

• new Client(domain, controller?): Client

​

Parameters

​

Returns

Client

​

Defined in

kerberos.ts:90

​

Properties

​

Krb5Config

• Optional Krb5Config: Config

​

Defined in

kerberos.ts:82

​

Realm

• Optional Realm: string

​

Defined in

kerberos.ts:86

​

controller

• Optional controller: string

​

Defined in

kerberos.ts:90

​

domain

• domain: string

​

Defined in

kerberos.ts:90

​

Methods

​

EnumerateUser

▸ EnumerateUser(username): EnumerateUserResponse

EnumerateUser and attempt to get AS-REP hash by disabling PA-FX-FAST

​

Parameters

​

Returns

EnumerateUserResponse

Example

const kerberos = require('nuclei/kerberos');
const client = new kerberos.Client('acme.com', 'kdc.acme.com');
const resp = client.EnumerateUser('pdtm');
log(resp);

​

Defined in

kerberos.ts:122

​

GetServiceTicket

▸ GetServiceTicket(User): TGS

GetServiceTicket returns a TGS for a given user, password and SPN

​

Parameters

​

Returns

TGS

Example

const kerberos = require('nuclei/kerberos');
const client = new kerberos.Client('acme.com', 'kdc.acme.com');
const resp = client.GetServiceTicket('pdtm', 'password', 'HOST/CLIENT1');
log(resp);

​

Defined in

kerberos.ts:137

​

SetConfig

▸ SetConfig(cfg): void

SetConfig sets additional config for the kerberos client Note: as of now ip and timeout overrides are only supported in EnumerateUser due to fastdialer but can be extended to other methods currently

​

Parameters

​

Returns

void

Example

const kerberos = require('nuclei/kerberos');
const client = new kerberos.Client('acme.com', 'kdc.acme.com');
const cfg = new kerberos.Config();
cfg.SetIPAddress('192.168.100.22');
cfg.SetTimeout(5);
client.SetConfig(cfg);

​

Defined in

kerberos.ts:107