MIT Kerberos Master principal deletion

Harshawardhan Kulkarni harshawardhan.rk at gmail.com
Wed Jun 17 07:35:42 EDT 2020


Hi Jeff,

I have found the stash file, can I recover the master key from this file? Do you know any good links to follow?

Thanks
Harsh

Sent from my iPhone

> On 16 Jun 2020, at 04:07, D'Angelo, Jeff C <jcd at psu.edu> wrote:
> 
> 
> Would the stash file help here (if it exists)?
> 
> -- 
> Jeff
> 
> From: kerberos-bounces at mit.edu <kerberos-bounces at mit.edu> on behalf of Chris Hecker <checker at d6.com>
> Sent: Thursday, June 11, 2020 6:54 PM
> To: Nico Williams <nico at cryptonector.com>
> Cc: Harshawardhan Kulkarni <harshawardhan.rk at gmail.com>; kerberos at mit.edu <kerberos at mit.edu>
> Subject: Re[2]: MIT Kerberos Master principal deletion
>  
> 
>  > I don't think it would make it harder.
> 
> I just mean because you won't be able to set a breakpoint at a function 
> that uses the key, you'll have to actually chase it around in memory 
> (assuming you use something like gcore to dump it as fast as possible 
> without regard to where it is executing when it's dumped).
> 
> If I was doing this live, I'd set a breakpoint on some function that 
> used the key to decrypt and then inspect there, but with a core file 
> you'll need to make sure you can find all the structures first.
> 
> Is realm_mkey in the kdc_realm_data struct the one he wants?
> 
> Chris
> 
> ------ Original Message ------
> From: "Nico Williams" <nico at cryptonector.com>
> To: "Chris Hecker" <checker at d6.com>
> Cc: "Harshawardhan Kulkarni" <harshawardhan.rk at gmail.com>; 
> "kerberos at mit.edu" <kerberos at mit.edu>
> Sent: 2020-06-11 15:31:28
> Subject: Re: MIT Kerberos Master principal deletion
> 
> >On Thu, Jun 11, 2020 at 10:19:39PM +0000, Chris Hecker wrote:
> >>  Maybe dump the core of the running process so you don't accidentally crash
> >>  it while trying to debug it live?  But that would make finding it in memory
> >>  even harder...
> >
> >I don't think it would make it harder.
> >
> >BTW, we should make it much harder to delete important principals...
> 
> 
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmailman.mit.edu%2Fmailman%2Flistinfo%2Fkerberos&amp;data=02%7C01%7Cjcd%40psu.edu%7C5ecb0ae46a0f4206310108d80e5b131f%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C637275131630535798&amp;sdata=slErWkRJAvfE0nd%2BMESCEFY5Ucx8c79mIpMN%2BwFBMz8%3D&amp;reserved=0


More information about the Kerberos mailing list