aiseChild: fix PAC buffer preservation and add AES support for modern Windows#2164
Open
plur1bu5 wants to merge 1 commit intofortra:masterfrom
Open
aiseChild: fix PAC buffer preservation and add AES support for modern Windows#2164plur1bu5 wants to merge 1 commit intofortra:masterfrom
plur1bu5 wants to merge 1 commit intofortra:masterfrom
Conversation
…n Windows Two bugs fixed: 1. makeGolden() hardcoded exactly 4 PAC buffers, discarding all others. Windows Server 2022 with CVE-2021-42287 patches requires PAC_REQUESTOR (type 18) to be present. Stripping it causes KDC_ERR_TGT_REVOKED. Fix: preserve all original PAC buffers, only update modified ones. 2. getKerberosTGT() called with aesKey=None hardcoded, ignoring -aesKey. Fix: pass aesKey, try AES first then fall back to RC4. Additional improvements: - Auto-retry golden ticket with AES if RC4 is rejected by KDC - Fix signature zeroing to use actual length instead of hardcoded 12/16 - Updated help text with AES key usage examples Tested against Windows Server 2022 Build 20348. Backward compatible.
anadrianmanrique
added
the
in review
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Two bugs fixed:
makeGolden() hardcoded exactly 4 PAC buffers, discarding all others.
Windows Server 2022 with CVE-2021-42287 patches requires PAC_REQUESTOR (type 18) to be present. Stripping it causes KDC_ERR_TGT_REVOKED.
Fix: preserve all original PAC buffers, only update modified ones.
getKerberosTGT() called with aesKey=None hardcoded, ignoring -aesKey.
Fix: pass aesKey, try AES first then fall back to RC4.
Additional improvements:
Tested against Windows Server 2022 Build 20348. Backward compatible.