Fix up usage of the word columns where attributes was more appropriate. Also update the multi query logic to match new data format as it was broken before as a result of changes to file format. Finally remove extra parameters that are no longer needed.
This commit is contained in:
parent
8c236e789e
commit
c5f2507ee0
|
@ -3,19 +3,19 @@ queries:
|
|||
- action: ENUM_ALL_OBJECT_CLASS
|
||||
description: 'Dump all objects containing any objectClass field.'
|
||||
filter: '(objectClass=*)'
|
||||
columns:
|
||||
attributes:
|
||||
- dn
|
||||
- objectClass
|
||||
- action: ENUM_ALL_OBJECT_CATEGORY
|
||||
description: 'Dump all objects containing any objectCategory field.'
|
||||
filter: '(objectCategory=*)'
|
||||
columns:
|
||||
attributes:
|
||||
- dn
|
||||
- objectCategory
|
||||
- action: ENUM_ACCOUNTS
|
||||
description: 'Dump info about all known user accounts in the domain.'
|
||||
filter: '(|(objectClass=organizationalPerson)(sAMAccountType=805306368))'
|
||||
columns:
|
||||
attributes:
|
||||
- dn
|
||||
- name
|
||||
- displayName
|
||||
|
@ -28,7 +28,7 @@ queries:
|
|||
- action: ENUM_COMPUTERS
|
||||
description: 'Dump all objects containing an objectCategory of Computer.'
|
||||
filter: '(objectCategory=Computer)'
|
||||
columns:
|
||||
attributes:
|
||||
- dn
|
||||
- displayName
|
||||
- distinguishedName
|
||||
|
@ -41,7 +41,7 @@ queries:
|
|||
- action: ENUM_DOMAIN_CONTROLLERS
|
||||
description: 'Dump all known domain controllers.'
|
||||
filter: '(&(objectCategory=Computer)(userAccountControl:1.2.840.113556.1.4.803:=8192))'
|
||||
columns:
|
||||
attributes:
|
||||
- dn
|
||||
- displayName
|
||||
- distinguishedName
|
||||
|
@ -54,7 +54,7 @@ queries:
|
|||
- action: ENUM_EXCHANGE_SERVERS
|
||||
description: 'Dump info about all known Exchange servers.'
|
||||
filter: '(&(objectClass=msExchExchangeServer)(!(objectClass=msExchExchangeServerPolicy)))'
|
||||
columns:
|
||||
attributes:
|
||||
- dn
|
||||
- displayName
|
||||
- distinguishedName
|
||||
|
@ -67,7 +67,7 @@ queries:
|
|||
- action: ENUM_EXCHANGE_RECIPIENTS
|
||||
description: 'Dump info about all known Exchange recipients.'
|
||||
filter: '(|(mailNickname=*)(proxyAddresses=FAX:*))'
|
||||
columns:
|
||||
attributes:
|
||||
- dn
|
||||
- mailNickname
|
||||
- proxyAddresses
|
||||
|
@ -75,7 +75,7 @@ queries:
|
|||
- action: ENUM_GROUPS
|
||||
description: 'Dump info about all known groups in the LDAP environment.'
|
||||
filter: '(|(objectClass=group)(objectClass=groupOfNames)(groupType:1.2.840.113556.1.4.803:=2147483648)(objectClass=posixGroup))'
|
||||
columns:
|
||||
attributes:
|
||||
- dn
|
||||
- name
|
||||
- groupType
|
||||
|
@ -83,7 +83,7 @@ queries:
|
|||
- action: ENUM_ORGUNITS
|
||||
description: 'Dump info about all known organizational roles in the LDAP environment.'
|
||||
filter: '(objectClass=organizationalUnit)'
|
||||
columns:
|
||||
attributes:
|
||||
- dn
|
||||
- displayName
|
||||
- name
|
||||
|
@ -91,8 +91,8 @@ queries:
|
|||
- action: ENUM_ORGROLES
|
||||
description: 'Dump info about all known organization units in the LDAP environment.'
|
||||
filter: '(objectClass=organizationalRole)'
|
||||
columns:
|
||||
attributes:
|
||||
- dn
|
||||
- displayName
|
||||
- name
|
||||
- description
|
||||
- description
|
||||
|
|
|
@ -20,7 +20,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
|
||||
begin
|
||||
@default_settings_file_path = user_config_file
|
||||
@default_settings = YAML.safe_load_file(@default_settings_file_path)
|
||||
@default_settings = YAML.safe_load(File.binread(@default_settings_file_path))
|
||||
rescue StandardError => e
|
||||
print_error("Couldn't parse #{@default_settings_file_path}, error was: #{e}")
|
||||
return
|
||||
|
@ -134,7 +134,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
end
|
||||
end
|
||||
|
||||
def output_json_data(entries, _columns)
|
||||
def output_json_data(entries)
|
||||
entries.each do |entry|
|
||||
result = ''
|
||||
data = {}
|
||||
|
@ -148,41 +148,41 @@ class MetasploitModule < Msf::Auxiliary
|
|||
end
|
||||
end
|
||||
|
||||
def output_data_table(entries, _columns)
|
||||
def output_data_table(entries)
|
||||
generate_rex_tables(entries, 'table')
|
||||
end
|
||||
|
||||
def output_data_csv(entries, _columns)
|
||||
def output_data_csv(entries)
|
||||
generate_rex_tables(entries, 'csv')
|
||||
end
|
||||
|
||||
def perform_multiple_queries_from_file(ldap, parsed_file)
|
||||
parsed_file['queries'].each do |query|
|
||||
unless query['name'] && query['filter'] && query['columns']
|
||||
print_error("Each query in the query file must at least contain a 'name', 'filter' and 'columns' attribute!")
|
||||
unless query['action'] && query['filter'] && query['attributes']
|
||||
print_error("Each query in the query file must at least contain a 'action', 'filter' and 'attributes' attribute!")
|
||||
break
|
||||
end
|
||||
attributes = query['columns']
|
||||
attributes = query['attributes']
|
||||
if attributes.nil? || attributes.empty?
|
||||
print_warning('At least one attribute needs to be specified per query in the query file for entries to work!')
|
||||
break
|
||||
end
|
||||
filter = Net::LDAP::Filter.construct(query['filter'])
|
||||
print_status("Running #{query['name']}...")
|
||||
print_status("Running #{query['action']}...")
|
||||
entries = perform_ldap_query(ldap, filter, attributes)
|
||||
|
||||
if entries.nil?
|
||||
print_warning("Query #{query['filter']} from #{query['name']} didn't return any results!")
|
||||
print_warning("Query #{query['filter']} from #{query['action']} didn't return any results!")
|
||||
next
|
||||
end
|
||||
|
||||
case datastore['OUTPUT_FORMAT']
|
||||
when 'csv'
|
||||
output_data_csv(entries, attributes)
|
||||
output_data_csv(entries)
|
||||
when 'table'
|
||||
output_data_table(entries, attributes)
|
||||
output_data_table(entries)
|
||||
when 'json'
|
||||
output_json_data(entries, attributes)
|
||||
output_json_data(entries)
|
||||
else
|
||||
print_error('Supported OUTPUT_FORMAT values are csv, table, and json')
|
||||
break
|
||||
|
@ -192,7 +192,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
|
||||
def run
|
||||
entries = nil
|
||||
columns = []
|
||||
begin
|
||||
ldap_connect do |ldap|
|
||||
bind_result = ldap.as_json['result']['ldap_result']
|
||||
|
@ -234,7 +233,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
print_status("Loading queries from #{datastore['QUERY_FILE_PATH']}...")
|
||||
|
||||
begin
|
||||
parsed_file = YAML.safe_load_file(datastore['QUERY_FILE_PATH'])
|
||||
parsed_file = YAML.safe_load(File.read(datastore['QUERY_FILE_PATH']))
|
||||
rescue StandardError => e
|
||||
print_error("Couldn't parse #{datastore['QUERY_FILE_PATH']}, error was: #{e}")
|
||||
return
|
||||
|
@ -248,21 +247,20 @@ class MetasploitModule < Msf::Auxiliary
|
|||
return
|
||||
else
|
||||
filter_string = nil
|
||||
columns = nil
|
||||
attributes = nil
|
||||
for entry in @default_settings['queries'] do
|
||||
next unless entry['action'] == datastore['ACTION']
|
||||
|
||||
filter_string = entry['filter']
|
||||
columns = entry['columns']
|
||||
attributes = entry['attributes']
|
||||
break
|
||||
end
|
||||
|
||||
if columns&.empty? || filter_string&.empty?
|
||||
print_error("Couldn't find and/or load the columns and filter string for #{datastore['ACTION']}. Check the validity of the YAML file at #{@default_settings_file_path}!")
|
||||
if attributes&.empty? || filter_string&.empty?
|
||||
print_error("Couldn't find and/or load the attributes and filter string for #{datastore['ACTION']}. Check the validity of the YAML file at #{@default_settings_file_path}!")
|
||||
end
|
||||
|
||||
filter = Net::LDAP::Filter.construct(filter_string)
|
||||
attributes = columns
|
||||
entries = perform_ldap_query(ldap, filter, attributes)
|
||||
end
|
||||
end
|
||||
|
@ -274,11 +272,11 @@ class MetasploitModule < Msf::Auxiliary
|
|||
|
||||
case datastore['OUTPUT_FORMAT']
|
||||
when 'csv'
|
||||
output_data_csv(entries, columns)
|
||||
output_data_csv(entries)
|
||||
when 'table'
|
||||
output_data_table(entries, columns)
|
||||
output_data_table(entries)
|
||||
when 'json'
|
||||
output_json_data(entries, columns)
|
||||
output_json_data(entries)
|
||||
else
|
||||
print_error('Supported OUTPUT_FORMAT values are csv, table and json')
|
||||
return
|
||||
|
|
Loading…
Reference in New Issue