Module: Msf::OptionalSession::LDAP

Includes:

Msf::OptionalSession

Defined in:

lib/msf/core/optional_session/ldap.rb

Constant Summary

RHOST_GROUP_OPTIONS =

%w[RHOSTS RPORT DOMAIN USERNAME PASSWORD THREADS]

REQUIRED_OPTIONS =

%w[RHOSTS RPORT USERNAME PASSWORD THREADS]

Instance Attribute Summary

Attributes included from SessionCompatibility

#passive, #session_types

Attributes included from Module::HasActions

#actions, #default_action, #passive, #passive_actions

Instance Method Summary

• #initialize(info = {}) ⇒ Object
• #ldap_connect(opts = {}, &block) ⇒ Object

  The result of whatever the block that was passed in via the “block” parameter yielded.

• #ldap_new(opts = {}) {|ldap| ... } ⇒ Object

  Create a new LDAP connection using Rex::Proto::LDAP::Client.new and yield the resulting connection object to the caller of this method.

• #optional_session_enabled? ⇒ Boolean

Methods included from Msf::OptionalSession

#session, #validate, #validate_group, #validate_rhost, #validate_session

Methods included from SessionCompatibility

#check_for_session_readiness, #cleanup, #command_names_for, #compatible_sessions, #meterpreter_session_incompatibility_reasons, #passive?, #post_commands, #session, #session_changed?, #session_compatible?, #session_display_info, #session_incompatibility_reasons, #setup, #sysinfo

Methods included from Post::Common

#clear_screen, #cmd_exec, #cmd_exec_get_pid, #cmd_exec_with_result, #command_exists?, #get_env, #get_envs, #peer, #report_virtualization, #rhost, #rport

Methods included from Module::HasActions

#action, #find_action, #passive?, #passive_action?

Methods included from Auxiliary::Report

#active_db?, #create_cracked_credential, #create_credential, #create_credential_and_login, #create_credential_login, #db, #db_warning_given?, #get_client, #get_host, #inside_workspace_boundary?, #invalidate_login, #mytask, #myworkspace, #myworkspace_id, #report_auth_info, #report_client, #report_exploit, #report_host, #report_loot, #report_note, #report_service, #report_vuln, #report_web_form, #report_web_page, #report_web_site, #report_web_vuln, #store_cred, #store_local, #store_loot

Methods included from Metasploit::Framework::Require

optionally, optionally_active_record_railtie, optionally_include_metasploit_credential_creation, #optionally_include_metasploit_credential_creation, optionally_require_metasploit_db_gem_engines

Instance Method Details

#initialize(info = {}) ⇒ Object

# File 'lib/msf/core/optional_session/ldap.rb', line 11

def initialize(info = {})
  super(
    update_info(
      info,
      'SessionTypes' => %w[ldap]
    )
  )

  if optional_session_enabled?
    register_option_group(name: 'SESSION',
                          description: 'Used when connecting via an existing SESSION',
                          option_names: ['SESSION'])
    register_option_group(name: 'RHOST',
                          description: 'Used when making a new connection via RHOSTS',
                          option_names: RHOST_GROUP_OPTIONS,
                          required_options: REQUIRED_OPTIONS)

    register_options(
      [
        Msf::OptInt.new('SESSION', [ false, 'The session to run this module on' ]),
        Msf::Opt::RHOST(nil, false),
        Msf::Opt::RPORT(389, false)
      ]
    )

    add_info('New in Metasploit 6.4 - This module can target a %grnSESSION%clr or an %grnRHOST%clr')
  end
end

#ldap_connect(opts = {}, &block) ⇒ Object

Returns The result of whatever the block that was passed in via the “block” parameter yielded.

Returns:

• (Object) —

  The result of whatever the block that was passed in via the “block” parameter yielded.

See Also:

• #ldap_open

# File 'lib/msf/core/optional_session/ldap.rb', line 47

def ldap_connect(opts = {}, &block)
  if session && !opts[:base].blank?
    session.client.base = opts[:base]
  end
  return yield session.client if session

  ldap_open(get_connect_opts.merge(opts), &block)
rescue ::StandardError => e
  handle_error(e)
end

#ldap_new(opts = {}) {|ldap| ... } ⇒ Object

Create a new LDAP connection using Rex::Proto::LDAP::Client.new and yield the resulting connection object to the caller of this method.

Parameters:

• opts (Hash) (defaults to: {}) —

  A hash containing the connection options for the LDAP connection to the target server.

Yield Parameters:

• ldap (Rex::Proto::LDAP::Client) —

  The LDAP connection handle to use for connecting to the target LDAP server.

# File 'lib/msf/core/optional_session/ldap.rb', line 65

def ldap_new(opts = {})
  if session && !opts[:base].blank?
    session.client.base = opts[:base]
  end
  return yield session.client if session

  super
rescue ::StandardError => e
  handle_error(e)
end

#optional_session_enabled? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/msf/core/optional_session/ldap.rb', line 40

def optional_session_enabled?
  framework.features.enabled?(Msf::FeatureManager::LDAP_SESSION_TYPE)
end