From 25bd5d736cfdb9eb7dec7fb9eb10a4e6f08bcb7a Mon Sep 17 00:00:00 2001
From: Christophe De La Fuente <christophe_delafuente@rapid7.com>
Date: Fri, 24 Jan 2025 14:26:58 +0100
Subject: [PATCH] Fix comparision case for service name hostname

---
 .../exploit/remote/kerberos/service_authenticator/base.rb     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb b/lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb
index daef70e9fb63..a2c3a04742b3 100644
--- a/lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb
+++ b/lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb
@@ -1088,8 +1088,8 @@ def load_credential_from_file(file_path, options = {})
       end
 
       unless !sname_hostname ||
-        sname_hostname.to_s.downcase == credential.server.components[1] ||
-        sname_hostname.to_s.downcase.ends_with?('.' + credential.server.components[1])
+          sname_hostname.to_s.downcase == credential.server.components[1].downcase ||
+          sname_hostname.to_s.downcase.ends_with?('.' + credential.server.components[1].downcase)
         wlog("Filtered credential #{file_path} ##{index} reason: SPN (#{sname_hostname}) hostname does not match (spn: #{credential.server.components.snapshot.join('/')})")
         next
       end