Added /debug option

CHANGELOG.md

@@ -4,6 +4,18 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.0.3]
+
+### Added
+
+* A `/debug` flag that outputs base64 encodings of the inputs to/outputs from the ASN.1 decoding/encoding functions
+* `/createnetonly` parameter to S4U (@tyranid)
+* `/ticket` option to createnetonly to import a ticket into the new process without requiring privileges (@tyranid)
+
+### Fixed
+
+* Handling for KERB_ERRORs
+
 ## [2.0.2]
 
 ### Added

README.md

@@ -79,7 +79,7 @@ Rubeus is licensed under the BSD 3-Clause license.
       | |  \ \| |_| | |_) ) ____| |_| |___ |
       |_|   |_|____/|____/|_____)____/(___/
 
-      v2.0.2
+      v2.0.3
 
 
      Ticket requests and renewals:
@@ -261,6 +261,8 @@ Rubeus is licensed under the BSD 3-Clause license.
 
         The "/nowrap" flag prevents any base64 ticket blobs from being column wrapped for any function.
 
+        The "/debug" flag outputs ASN.1 debugging information.
+
 
      NOTE: Base64 ticket blobs can be decoded with :
 

Rubeus/Asn1/AsnElt.cs

@@ -404,6 +404,10 @@ public static AsnElt Decode(byte[] buf, bool exactLength)
 	public static AsnElt Decode(byte[] buf, int off, int len,
 		bool exactLength)
 	{
+		if (Rubeus.Program.Debug)
+		{
+			Console.WriteLine("\n[DECODE] {0} {1}\n", exactLength, Convert.ToBase64String(buf));
+		}
 		int tc, tv, valOff, valLen, objLen;
 		bool cons;
 		objLen = Decode(buf, off, len,
@@ -602,6 +606,11 @@ public byte[] Encode()
 	{
 		byte[] r = new byte[EncodedLength];
 		Encode(r, 0);
+
+		if (Rubeus.Program.Debug)
+		{
+			Console.WriteLine("\n[ENCODE] {0}\n", Convert.ToBase64String(r));
+		}
 		return r;
 	}
 

Rubeus/Domain/Info.cs

@@ -12,7 +12,7 @@ public static void ShowLogo()
             Console.WriteLine("  |  __  /| | | |  _ \\| ___ | | | |/___)");
             Console.WriteLine("  | |  \\ \\| |_| | |_) ) ____| |_| |___ |");
             Console.WriteLine("  |_|   |_|____/|____/|_____)____/(___/\r\n");
-            Console.WriteLine("  v2.0.2 \r\n");
+            Console.WriteLine("  v2.0.3 \r\n");
         }
 
         public static void ShowUsage()
@@ -191,6 +191,8 @@ Rubeus.exe currentluid
 
     The ""/nowrap"" flag prevents any base64 ticket blobs from being column wrapped for any function.
 
+    The ""/debug"" flag outputs ASN.1 debugging information.
+
 
  NOTE: Base64 ticket blobs can be decoded with :
 

Rubeus/Program.cs

@@ -10,6 +10,8 @@ public class Program
         // global that specifies if ticket output should be wrapped or not
         public static bool wrapTickets = true;
 
+        public static bool Debug = false;
+
         private static void FileExecute(string commandName, Dictionary<string, string> parsedArgs)
         {
             // execute w/ stdout/err redirected to a file
@@ -110,6 +112,11 @@ public static void Main(string[] args)
                 wrapTickets = false;
             }
 
+            if (parsed.Arguments.ContainsKey("/debug"))
+            {
+                Debug = true;
+            }
+
             if (parsed.Arguments.ContainsKey("/consoleoutfile")) {
                 // redirect output to a file specified
                 FileExecute(commandName, parsed.Arguments);