Fix authentication from CCACHE when using kerberos S4U over SMB

[Eliotsehr]

Description

The S4U login method when using a CCACHE file is not working. The bug comes from a bug that leads to an arror being always raised. Moreover, the code currently search for a ticket for the CIFS service when it should search for a KRBTGT ticket.

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Deprecation of feature or functionality
• This change requires a documentation update
• This requires a third party update (such as Impacket, Dploot, lsassy, etc)
• This PR was created with the assistance of AI (list what type of assistance, tool(s)/model(s) in the description)

Setup guide for the review

To trigger the bug ask for a machine account TGT then export it :

 export KRB5CCNAME=ticket.ccache

Then use the delegate technique to access the remote computer :
nxc smb TARGET --use-kcache -k --delegate Administrator --self -u 'TARGET$'

You should either see a netexec stack trace or an error saying preauth failed.

Checklist:

Insert an "x" inside the brackets for completed and relevant items (do not delete options)

• I have ran Ruff against my changes (poetry: poetry run ruff check ., use --fix to automatically fix what it can)
• I have added or updated the tests/e2e_commands.txt file if necessary (new modules or features are required to be added to the e2e tests)
• If reliant on changes of third party dependencies, such as Impacket, dploot, lsassy, etc, I have linked the relevant PRs in those projects
• I have linked relevant sources that describes the added technique (blog posts, documentation, etc)
• I have performed a self-review of my own code (not an AI review)
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation (PR here: https://github.com/Pennyw0rth/NetExec-Wiki)

[NeffIsBack]

Thanks for the bug fix PR! I'll take a look at it soon.

[NeffIsBack]

LGTM:

For reference, also moved the "get username from ccache file" logic to the connection object so we always have it in the login method. Now you don't have to supply the username because we pull it from the TGT: