Decrypting a kerberos session

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Decrypting a kerberos session

x_coder
Hi,
I wish to intercept traffic from the client to a server and decrypt it.



The messages are encrypted (keys are setup via kerberos KR5).


To do the decryption, I would need the server's long term key (the long



term key that is stored in and maintained by the kerberos key
distribution center KDC).


On windows server operating systems, how can I get a server's (say file



server's) long term key from the KDC (domain controller)?  This is the
key that would have been generated when the file server joined the
domain.


Obviously I am assuming I have admin access to the domain controller...



Thanks
Lyle

________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|

Re: Decrypting a kerberos session

Mukul Gandhi-2
Hi Lyle,
  I guess the following information will be helpful to
you..

http://www.hsc.fr/ressources/presentations/ad_proto_traffic/win_net_proto_trafic_en.html

Regards,
Mukul

--- [hidden email] wrote:

> Hi,
> I wish to intercept traffic from the client to a
> server and decrypt it.
>
>
>
> The messages are encrypted (keys are setup via
> kerberos KR5).
>
>
> To do the decryption, I would need the server's long
> term key (the long
>
>
>
> term key that is stored in and maintained by the
> kerberos key
> distribution center KDC).
>
>
> On windows server operating systems, how can I get a
> server's (say file
>
>
>
> server's) long term key from the KDC (domain
> controller)?  This is the
> key that would have been generated when the file
> server joined the
> domain.
>
>
> Obviously I am assuming I have admin access to the
> domain controller...
>
>
>
> Thanks
> Lyle
>
> ________________________________________________
> Kerberos mailing list           [hidden email]
> https://mailman.mit.edu/mailman/listinfo/kerberos
>


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com 
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|

Re: Decrypting a kerberos session

x_coder
In reply to this post by x_coder
Thanks Mukul.. but that didnt help much... what I really need to get at
is how one can get the principal's long term key so as to decrypt the
kerberos session ticket and get the underlying ticket to decrypt the
rest of the kerberized stream

Thanks
Lyle

________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos