Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-13 20:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Add krb unit test

Browse source
This commit is contained in:
Julien Wallior 2018-05-08 14:46:35 -04:00
parent ae7625bb2b
commit afac2ac20f
4 changed files with 20 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

19
testing/btest/scripts/base/protocols/krb/smb2_krb.test Normal file
View file

@ -0,0 +1,19 @@
# This test verifies that given the proper keytab file, the
# Kerberos analyzer can open the AD ticket in the Negociate
# Protocol Request and find the user.
# @TEST-COPY-FILE: ${TRACES}/krb/smb2_krb.keytab
# @TEST-EXEC: bro -b -C -r $TRACES/krb/smb2_krb.pcap %INPUT
# @TEST-EXEC: btest-diff .stdout
redef KRB::keytab = "smb2_krb.keytab";
global monitor_ports: set[port] = { 445/tcp, 139/tcp } &redef;
event bro_init() &priority=5{
Analyzer::register_for_ports(Analyzer::ANALYZER_SMB, monitor_ports);
}
event krb_ap_request(c: connection, ticket: KRB::Ticket, opts: KRB::AP_Options){
print ticket$authenticationinfo;
}