I have modified pwdump2 [1] to export a "standard" kerberos keytab file. This utility is called ktexport and you can download it here:
http://www.ioplex.com/utilities/ README.ktexport is inlined below but I just want to stress that currently the key is the only data within each entry that is actually correct. The vno and so on are default values that are almost certainly wrong. However, it turns out that Ethereal doesn't care. So the generated sam.keytab can be used with Ethereal to decrypt Kerberos tickets. Yeah! Mike [1] http://www.bindview.com/Services/razor/Utilities/Windows/pwdump2_readme.cfm --8<-- ktexport.exe - export Kerberos keys from Active Directory Michael B Allen <mba2000 ioplex.com> Tue May 2 21:02:02 EDT 2006 This version of pwdump2 has been modified to export Kerberos ARCFOUR keys from a Windows domain controller. INSTALLATION / RUNNING: There is no need to install the program really. Simply run the ktexport program on the desired DC (it must be executed in the same directory as the included samdump.dll). A sam.keytab file in MIT keytab format will be created in the current directory. PROBLEMS: Unfortunately most of the data in the keytab WRONG. The ARCFOUR keys are correct and the Ethereal feature to decrypt packets based on keys in a keytab only looks at the keys. So it will work with Ethereal. NOTE ABOUT RUNNING REMOTELY: Note: This program will not execute remotely over Remote Desktop or similar. As a workaround you can use the included remote.bat with the 'at' service. You must first edit the path in the remote.bat file approriately. Then you can create an 'at' job like: c:\> time The current time is: 17:19:41.10 Enter the new time: c:\> at 17:20 c:\temp\ktexport\remote.bat Thus you will need to wait for up to a minute for the job to run. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
