{ "id": "cf871606-e0ec-4320-b9c8-7fa4e3130b53", "created_at": "2026-04-06T00:21:13.088044Z", "updated_at": "2026-04-10T03:30:33.247733Z", "deleted_at": null, "sha1_hash": "45fab3a6c80cca42ffafbf1b798c4a981db18699", "title": "GitHub - gentilkiwi/kekeo: A little toolbox to play with Microsoft Kerberos in C", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 76043, "plain_text": "GitHub - gentilkiwi/kekeo: A little toolbox to play with Microsoft\r\nKerberos in C\r\nBy gentilkiwi\r\nArchived: 2026-04-05 23:36:03 UTC\r\nkekeo is a little toolbox I have started to manipulate Microsoft Kerberos in C (and for fun)\r\nASN.1 library\r\nIn kekeo , I use an external commercial library to deal with Kerberos ASN.1 structures: OSS ASN.1/C\r\n(http://www.oss.com/asn1/products/asn1-c/asn1-c.html)\r\nIt was the only code generator/library that I've found to work easily with Microsoft C project.\r\nworks without a lots of dependencies;\r\nmagical documentation;\r\nwonderful support for my stupid questions;\r\nhad a binary that work only few hours after started my project...\r\nThey were kind enough to offer me a 1-year licence.\r\nWith this one, I'm able to let you download binaries that run in your environment.\r\nSo don't forget to thank them ( http://www.oss.com/company/contact-us.html / https://twitter.com/OSSNokalva )\r\nLimitations\r\nBinaries will work until December 21, 2017 (yeah, 1 year licence ;));\r\nYou must buy a licence from OSS ASN.1/C (or download a trial version) to build kekeo solution/adapt\r\nit.\r\nhttp://www.oss.com/asn1/products/asn1-c/asn1-c.html\r\nWhen you register for a free trial, don't forget to refer me in the description field ;) ( kekeo or\r\ngentilkiwi )\r\nBuilding kekeo with ASN.1/C\r\nYou can't build kekeo out-of-the-box, you'have to generate C files and link with OSS libraries.\r\nAfter downloading and installing a commercial/trial version of OSS ASN.1/C, Win32 and/or x64 :\r\n1. Open a command prompt in ($kekeo)\\modules\\asn1\r\n2. Adapt the ASN1C variable to your ASN.1/C configuration (architecture \u0026 version)\r\nhttps://github.com/gentilkiwi/kekeo\r\nPage 1 of 3\n\nset ASN1C=\"C:\\Program Files\\OSS Nokalva\\ossasn1\\winx64\\10.4.0\"\r\n3. Depending on the targeted lib architecture:\r\nWin32\r\n%ASN1C%\\bin\\asn1.exe ^\r\n %ASN1C%\\asn1dflt\\asn1dflt.ms.zp4 ^\r\n KerberosV5Spec2.asn KerberosV5-PK-INIT-SPEC.asn PKIX1Explicit88.asn PKINIT.asn MS-SFU-KILE.asn ^\r\n -noSampleCode -der -root -CStyleComments -externalName kekeo_asn1 -messageFormat msvc -verbose ^\r\n -headerFile kull_m_kerberos_oss_asn1_internal.h -soedFile kull_m_kerberos_oss_asn1_internal_Win3\r\nx64\r\n%ASN1C%\\bin\\asn1.exe ^\r\n %ASN1C%\\asn1dflt\\asn1dflt.msx64.zp8 ^\r\n KerberosV5Spec2.asn KerberosV5-PK-INIT-SPEC.asn PKIX1Explicit88.asn PKINIT.asn MS-SFU-KILE.asn ^\r\n -noSampleCode -der -root -CStyleComments -externalName kekeo_asn1 -messageFormat msvc -verbose ^\r\n -headerFile kull_m_kerberos_oss_asn1_internal.h -soedFile kull_m_kerberos_oss_asn1_internal_x64\r\nHeader file kull_m_kerberos_oss_asn1_internal.h is the same for both architecture.\r\n4. Copy from OSS ASN.1/C install dir (eg: C:\\Program Files\\OSS Nokalva\\ossasn1\\winx64\\10.4.0 )\r\ninclude\\ossasn1.h to ($kekeo)\\inc\r\ninclude\\osstype.h to ($kekeo)\\inc\r\nlib\\soeddefa.lib to ($kekeo)\\lib\\{Win32 or x64}\r\nlib\\ossiphlp.lib to ($kekeo)\\lib\\{Win32 or x64}\r\nYou can now build the kekeo solution in Visual Studio\r\nLicence\r\nCC BY-NC-SA 4.0 licence - https://creativecommons.org/licenses/by-nc-sa/4.0/\r\nAcknowledgements\r\nTom Maddock - Qualcomm - @ubernerdom - MS14-068 - https://www.qualcomm.com/\r\nSylvain Monné - Solucom - @BiDOrD - Author of PyKek - https://github.com/bidord/pykek\r\nTal Be'ery - Aorato / Microsoft - @TalBeerySec - http://www.aorato.com/blog/active-directory-vulnerability-disclosure-weak-encryption-enables-attacker-change-victims-password-without-logged/\r\nGrace Sigona - OSS - @OSSNokalva - http://www.oss.com/\r\nTaylor Swift - @SwiftOnSecurity - https://twitter.com/SwiftOnSecurity/status/767788634904735745\r\nSeth Moore - Microsoft - @robododo - https://datatracker.ietf.org/doc/draft-ietf-kitten-pkinit-freshness/\r\nhttps://github.com/gentilkiwi/kekeo\r\nPage 2 of 3\n\nAlberto Solino - Core Security / Impacket - @agsolino - https://github.com/CoreSecurity/impacket\r\nLaurent Gaffié - @PythonResponder / @lgandx - https://github.com/lgandx/Responder / https://g-laurent.blogspot.com/\r\nAuthor\r\nBenjamin DELPY gentilkiwi , you can contact me on Twitter ( @gentilkiwi ) or by mail ( benjamin [at]\r\ngentilkiwi.com )\r\nThis is a personal development, please respect its philosophy and don't use it for bad things!\r\nSource: https://github.com/gentilkiwi/kekeo\r\nhttps://github.com/gentilkiwi/kekeo\r\nPage 3 of 3", "extraction_quality": 1, "language": "EN", "sources": [ "MITRE" ], "references": [ "https://github.com/gentilkiwi/kekeo" ], "report_names": [ "kekeo" ], "threat_actors": [ { "id": "75108fc1-7f6a-450e-b024-10284f3f62bb", "created_at": "2024-11-01T02:00:52.756877Z", "updated_at": "2026-04-10T02:00:05.273746Z", "deleted_at": null, "main_name": "Play", "aliases": null, "source_name": "MITRE:Play", "tools": [ "Nltest", "AdFind", "PsExec", "Wevtutil", "Cobalt Strike", "Playcrypt", "Mimikatz" ], "source_id": "MITRE", "reports": null } ], "ts_created_at": 1775434873, "ts_updated_at": 1775791833, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/45fab3a6c80cca42ffafbf1b798c4a981db18699.pdf", "text": "https://archive.orkl.eu/45fab3a6c80cca42ffafbf1b798c4a981db18699.txt", "img": "https://archive.orkl.eu/45fab3a6c80cca42ffafbf1b798c4a981db18699.jpg" } }