[Samba] Keytab extraction for tshark analyze
Lapin Blanc
fabien.toune at lapin-blanc.com
Sat May 12 14:28:52 UTC 2018
Hi, i'm trying to analyze kerberos traffic using tshark (Samba 4.8.1 on
Centos 7).
I can't figure out how to extract keytab with password/keys.
I follow precisely the instructions at
https://wiki.samba.org/index.php/Keytab_Extraction
But it seems like I only get slot, kvno and principal, can't find a way to
get passwords or keys.
Any idea someone ?
ktutil: rkt decode.keytab
ktutil: l
slot KVNO Principal
---- ----
---------------------------------------------------------------------
1 1 Administrator at WONDERLAND.INFRA
2 1 Administrator at WONDERLAND.INFRA
3 1 Administrator at WONDERLAND.INFRA
4 1 Administrator at WONDERLAND.INFRA
5 1 Administrator at WONDERLAND.INFRA
6 2 alice at WONDERLAND.INFRA
7 2 alice at WONDERLAND.INFRA
8 2 alice at WONDERLAND.INFRA
9 2 alice at WONDERLAND.INFRA
10 2 alice at WONDERLAND.INFRA
11 2 whiterabbit at WONDERLAND.INFRA
12 2 whiterabbit at WONDERLAND.INFRA
...
More information about the samba
mailing list