Kerberos5 ticket to ascii converter?

Wendy Lin wendlin1974 at gmail.com
Tue Sep 30 14:56:12 EDT 2014


On 30 September 2014 18:32, ronnie sahlberg <ronniesahlberg at gmail.com> wrote:
> On Tue, Sep 30, 2014 at 9:17 AM, Wendy Lin <wendlin1974 at gmail.com> wrote:
>> On 30 September 2014 17:55, ronnie sahlberg <ronniesahlberg at gmail.com> wrote:
>>> On Tue, Sep 30, 2014 at 8:25 AM, Wendy Lin <wendlin1974 at gmail.com> wrote:
>>>> On 30 September 2014 15:25, Rick van Rein <rick at openfortress.nl> wrote:
>>>>> Hi,
>>>>>
>>>>>>>> Does Kerberos5 have a ticket to ascii converter so someone can see
>>>>>>>> what a ticket looks like in plain text?
>>>>>>>
>>>>>>> You might use any ASN.1 parser to see the structure, without it actually being spelled out in terms of the Kerberos field names.
>>>>>>
>>>>>> Is the file format of the ticket cache in ASN.1?
>>>>>
>>>>> That would depend on its implementation.
>>>>
>>>> MIT kerberos 1.12, DIR: cache
>>>>
>>>>> You asked for tickets ;-) which are defined in ASN.1 in the RFCs.  I think the WireShark suggestion is better than mine, but it won’t do what you are asking.
>>>>
>>>> Why?
>>>
>>> One reason is because most of the ticket are encrypted blobs. Without
>>> decryption these blobs will just look like huge piles of random bytes,
>>> so there is not really much interesting to see in the ticket.
>>> If you want to look at the interesting parts of a ticket you really
>>> want to decrypt these blobs.
>>
>> OK
>>
>> is there a C function in libkrb5 which takes a keytab and the data
>> blob as parameter, and returns the decrypted data blob?
>
> In wireshark I use krb5_c_decrypt(). It takes a key, not a keytab, so
> you may need to iterate over all keys in the keytab.
>
> See:
> https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=asn1/kerberos/packet-kerberos-template.c;h=9eb82ab37f8d89ef57f691df656e063d8ad6c713;hb=HEAD#l400
>
> (We iterate over all the keys in wireshark and try them one by one
> because it was easier than tracking SPN->key mappings.)
>
>

What is a SPN?
>
>
>>
>> Wendy



Wendy



More information about the Kerberos mailing list