Class: Rex::Post::LDAP::Ui::Console::CommandDispatcher::Client

Inherits:

Object

• Object
• Rex::Post::LDAP::Ui::Console::CommandDispatcher::Client

Includes:

Msf::Exploit::Remote::LDAP::Queries, Rex::Post::LDAP::Ui::Console::CommandDispatcher

Defined in:

lib/rex/post/ldap/ui/console/command_dispatcher/client.rb

Overview

Core LDAP client commands

Constant Summary

OUTPUT_FORMATS =

%w[table csv json]

VALID_SCOPES =

%w[base single whole]

@@query_opts =

Rex::Parser::Arguments.new(
  %w[-h --help] => [false, 'Help menu' ],
  %w[-f --filter] => [true, 'Filter string for the query (default: (objectclass=*))'],
  %w[-a --attributes] => [true, 'Comma separated list of attributes for the query'],
  %w[-b --base-dn] => [true, 'Base dn for the query'],
  %w[-s --scope] => [true, 'Scope for the query: `base`, `single`, `whole` (default: whole)'],
  %w[-o --output-format] => [true, 'Output format: `table`, `csv` or `json` (default: table)']
)

Constants included from Msf::Exploit::Remote::LDAP::Queries

Msf::Exploit::Remote::LDAP::Queries::FLAG_ATTR_IS_CONSTRUCTED, Msf::Exploit::Remote::LDAP::Queries::FLAG_ATTR_IS_OPERATIONAL, Msf::Exploit::Remote::LDAP::Queries::FLAG_ATTR_IS_RDN, Msf::Exploit::Remote::LDAP::Queries::FLAG_ATTR_REQ_PARTIAL_SET_MEMBER, Msf::Exploit::Remote::LDAP::Queries::FLAG_CONFIG_ALLOW_LIMITED_MOVE, Msf::Exploit::Remote::LDAP::Queries::FLAG_CONFIG_ALLOW_MOVE, Msf::Exploit::Remote::LDAP::Queries::FLAG_CONFIG_ALLOW_RENAME, Msf::Exploit::Remote::LDAP::Queries::FLAG_DISALLOW_DELETE, Msf::Exploit::Remote::LDAP::Queries::FLAG_DISALLOW_MOVE_ON_DELETE, Msf::Exploit::Remote::LDAP::Queries::FLAG_DOMAIN_DISALLOW_MOVE, Msf::Exploit::Remote::LDAP::Queries::FLAG_DOMAIN_DISALLOW_RENAME, Msf::Exploit::Remote::LDAP::Queries::FLAG_NOT_REPLICATED, Msf::Exploit::Remote::LDAP::Queries::FLAG_SCHEMA_BASE_OBJECT

Instance Attribute Summary

Attributes included from Ui::Text::DispatcherShell::CommandDispatcher

#shell, #tab_complete_items

Instance Method Summary

• #cmd_getuid ⇒ Object
• #cmd_query(*args) ⇒ Object

  Query the LDAP server.

• #cmd_query_help ⇒ Object
• #cmd_query_tabs(_str, words) ⇒ Object
• #commands ⇒ Object

  List of supported commands.

• #name ⇒ Object

  Client.

Methods included from Msf::Exploit::Remote::LDAP::Queries

#convert_nt_timestamp_to_time_string, #convert_pwd_age_to_time_string, #convert_system_flags_to_string, #generate_rex_tables, #normalize_entry, #output_data_csv, #output_data_table, #output_json_data, #perform_ldap_query, #perform_ldap_query_streaming, #query_attributes_data, #read_der_certificate_file, #run_queries_from_file, #safe_load_queries, #show_output, #validate_result!

Methods included from Rex::Post::LDAP::Ui::Console::CommandDispatcher

#client, #docs_dir, #filter_commands, #initialize, #log_error, #msf_loaded?, #session, #unknown_command

Methods included from Msf::Ui::Console::CommandDispatcher::Session

#cmd_background, #cmd_background_help, #cmd_exit, #cmd_irb, #cmd_irb_help, #cmd_irb_tabs, #cmd_pry, #cmd_pry_help, #cmd_resource, #cmd_resource_help, #cmd_resource_tabs, #cmd_sessions, #cmd_sessions_help

Methods included from Ui::Text::DispatcherShell::CommandDispatcher

#cmd_help, #cmd_help_help, #cmd_help_tabs, #deprecated_cmd, #deprecated_commands, #deprecated_help, #docs_dir, #help_to_s, included, #initialize, #print, #print_error, #print_good, #print_line, #print_status, #print_warning, #tab_complete_directory, #tab_complete_filenames, #tab_complete_generic, #tab_complete_source_address, #unknown_command, #update_prompt

Instance Method Details

#cmd_getuid ⇒ Object

# File 'lib/rex/post/ldap/ui/console/command_dispatcher/client.rb', line 106

def cmd_getuid
  begin
    username = client.ldapwhoami
  rescue Net::LDAP::Error => e
    print_error(e.message)
    return
  end
  username.delete_prefix!('u:')
  print_status("Server username: #{username}")
end

#cmd_query(*args) ⇒ Object

Query the LDAP server

# File 'lib/rex/post/ldap/ui/console/command_dispatcher/client.rb', line 54

def cmd_query(*args)
  if args.include?('-h') || args.include?('--help')
    cmd_query_help
    return
  end

  attributes = []
  filter = '(objectclass=*)'
  base_dn = client.base_dn
  schema_dn = client.schema_dn
  scope = Net::LDAP::SearchScope_WholeSubtree
  output_format = 'table'
  @@query_opts.parse(args) do |opt, _idx, val|
    case opt
    when '-a', '--attributes'
      attributes.push(*val.split(','))
    when '-f', '--filter'
      filter = val
    when '-b', '--base-dn'
      base_dn = val
    when '-s', '--scope'
      scope = parse_scope(val)
      raise ArgumentError, "Invalid scope provided: #{scope}, must be one of #{VALID_SCOPES}" if scope.nil?
    when '-o', '--output-format'
      if OUTPUT_FORMATS.include?(val)
        output_format = val
      else
        raise ArgumentError, "Invalid output format: #{val}, must be one of #{OUTPUT_FORMATS}"
      end
    end
  rescue StandardError => e
    handle_error(e)
  end

  perform_ldap_query_streaming(client, filter, attributes, base_dn, schema_dn, scope: scope) do |result, attribute_properties|
    show_output(normalize_entry(result, attribute_properties), output_format)
  end
end

#cmd_query_help ⇒ Object

# File 'lib/rex/post/ldap/ui/console/command_dispatcher/client.rb', line 99

def cmd_query_help
  print_line 'Usage: query -f <filter string> -a <attributes>'
  print_line
  print_line 'Run the query against the session.'
  print @@query_opts.usage
end

#cmd_query_tabs(_str, words) ⇒ Object

# File 'lib/rex/post/ldap/ui/console/command_dispatcher/client.rb', line 93

def cmd_query_tabs(_str, words)
  return [] if words.length > 1

  @@query_opts.option_keys
end

#commands ⇒ Object

List of supported commands.

# File 'lib/rex/post/ldap/ui/console/command_dispatcher/client.rb', line 33

def commands
  cmds = {
    'query' => 'Run an LDAP query',
    'getuid' => 'Get the user that the connection is running as'
  }

  reqs = {}

  filter_commands(cmds, reqs)
end

#name ⇒ Object

Client

# File 'lib/rex/post/ldap/ui/console/command_dispatcher/client.rb', line 47

def name
  'Client'
end