Bug: authentication failure due to bad spn

[nurfed1]

Hi,

I think I found a bug while testing your library in my lab.
For example using the following command:
asmbshareenum -v --url 'smb2+ntlm-password://nurfed.lab\lowpriv:password@dc01.nurfed.lab'

In the windows event log, I can see that logon succeeds but afterwards there's an 5168 File Share failure event containing the following:

Spn check for SMB/SMB2 fails.
	
...

SPN:	
	SPN Name:		cifs/dc01.nurfed.lab@nurfed.lab
	Error Code:		0xC0000022`

When I modify the code at connection.py#L683 to remove the @nurfed.lab part from the SPN, this does not happen and authentication is successful.

After some digging this seems to be related to Microsoft network server: Server SPN target name validation level.

Looking at other implementations, I think the correct might SPN format would be service/hostname, but since I'm not 100% I'd rather create an issue instead of a pull request.
Also, I'm not sure what would be the place to address this in the code. It seems the minikerberos KerberosSPN class does expect the @domain part in the SPN.

[skelsec]

There have been multiple issues in the SPN handling of minikerberos, haven't the time to track it down currently.
The cifs/dc01.nurfed.lab@nurfed.lab SPN looks perfectly valid to me, but it could easily be the case your setup indeed treats it as incorrect, which is definitely a bug on my end.
Will come back to this later