feat(keytabextract): add keytabextract.py module

[sttlr]

Description

Added keytabextract module to extract keys/hashes from .keytab files (usually /etc/krb5.keytab). This is used to obtain machine account credentials for Linux hosts joined to an AD domain.

Useful when doing Vulnlab Chains with Linux AD hosts.

Original project where the code for the actual extraction was taken - https://github.com/ZephrFish/KeyTabExtract

Used Gemini Thinking to write NXCModule class. Tidied up after it.

Type of change

Insert an "x" inside the brackets for relevant items (do not delete options)

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Deprecation of feature or functionality
• This change requires a documentation update
• This requires a third party update (such as Impacket, Dploot, lsassy, etc)
• This PR was created with the assistance of AI (list what type of assistance, tool(s)/model(s) in the description)

Setup guide for the review

To test the module a valid krb5.keytab file is needed.

I used Tengu chain from Vulnlab to test that the module works accordingly.

NOTE: user must have required privileges to read the /etc/krb5.keytab (usually root).

Screenshots (if appropriate):

Checklist:

Insert an "x" inside the brackets for completed and relevant items (do not delete options)

• I have ran Ruff against my changes (poetry: poetry run ruff check ., use --fix to automatically fix what it can)
• I have added or updated the tests/e2e_commands.txt file if necessary (new modules or features are required to be added to the e2e tests)
• If reliant on changes of third party dependencies, such as Impacket, dploot, lsassy, etc, I have linked the relevant PRs in those projects
• I have linked relevant sources that describes the added technique (blog posts, documentation, etc)
• I have performed a self-review of my own code (not an AI review)
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation (PR here: https://github.com/Pennyw0rth/NetExec-Wiki)

[NeffIsBack]

Thanks for the PR, and indeed this looks cool, but...

• As common with AI, this code is absolutely bloated. Just a few examples: I see a logging implementation for some reason, print statements, empty functions and many nearly empty classes.
• Although i am a fan of doc-strings, don't overdo it. E.g. Classes such as enums that are self explanatory by its name and content don't need a doc string

Please heavily strip down this code, until there is just the core logic of extracting the keytab files. Also please try to not make unnecessary line breaks, e.g. just a logging call containing a string should always be a one-liner.

[sttlr]

I didn't use AI other than for the NXCModule class.

All code for the actual extraction was pretty much copied directly from the project linked in the PR.

But yeah, I agree that it needed to be significantly stripped down.

Will work on it.