Fix up usage of the word columns where attributes was more appropriate. Also update the multi query logic to match new data format as it was broken before as a result of changes to file format. Finally remove extra parameters that are no longer needed.

data/auxiliary/gather/ldap_query/ldap_queries_default.yaml

@@ -3,19 +3,19 @@ queries:
   - action: ENUM_ALL_OBJECT_CLASS
     description: 'Dump all objects containing any objectClass field.'
     filter: '(objectClass=*)'
-    columns:
+    attributes:
       - dn
       - objectClass
   - action: ENUM_ALL_OBJECT_CATEGORY
     description: 'Dump all objects containing any objectCategory field.'
     filter: '(objectCategory=*)'
-    columns:
+    attributes:
       - dn
       - objectCategory
   - action: ENUM_ACCOUNTS
     description: 'Dump info about all known user accounts in the domain.'
     filter: '(|(objectClass=organizationalPerson)(sAMAccountType=805306368))'
-    columns:
+    attributes:
       - dn
       - name
       - displayName
@@ -28,7 +28,7 @@ queries:
   - action: ENUM_COMPUTERS
     description: 'Dump all objects containing an objectCategory of Computer.'
     filter: '(objectCategory=Computer)'
-    columns:
+    attributes:
       - dn
       - displayName
       - distinguishedName
@@ -41,7 +41,7 @@ queries:
   - action: ENUM_DOMAIN_CONTROLLERS
     description: 'Dump all known domain controllers.'
     filter: '(&(objectCategory=Computer)(userAccountControl:1.2.840.113556.1.4.803:=8192))'
-    columns:
+    attributes:
       - dn
       - displayName
       - distinguishedName
@@ -54,7 +54,7 @@ queries:
   - action: ENUM_EXCHANGE_SERVERS
     description: 'Dump info about all known Exchange servers.'
     filter: '(&(objectClass=msExchExchangeServer)(!(objectClass=msExchExchangeServerPolicy)))'
-    columns:
+    attributes:
       - dn
       - displayName
       - distinguishedName
@@ -67,7 +67,7 @@ queries:
   - action: ENUM_EXCHANGE_RECIPIENTS
     description: 'Dump info about all known Exchange recipients.'
     filter: '(|(mailNickname=*)(proxyAddresses=FAX:*))'
-    columns:
+    attributes:
       - dn
       - mailNickname
       - proxyAddresses
@@ -75,7 +75,7 @@ queries:
   - action: ENUM_GROUPS
     description: 'Dump info about all known groups in the LDAP environment.'
     filter: '(|(objectClass=group)(objectClass=groupOfNames)(groupType:1.2.840.113556.1.4.803:=2147483648)(objectClass=posixGroup))'
-    columns:
+    attributes:
       - dn
       - name
       - groupType
@@ -83,7 +83,7 @@ queries:
   - action: ENUM_ORGUNITS
     description: 'Dump info about all known organizational roles in the LDAP environment.'
     filter: '(objectClass=organizationalUnit)'
-    columns:
+    attributes:
       - dn
       - displayName
       - name
@@ -91,8 +91,8 @@ queries:
   - action: ENUM_ORGROLES
     description: 'Dump info about all known organization units in the LDAP environment.'
     filter: '(objectClass=organizationalRole)'
-    columns:
+    attributes:
       - dn
       - displayName
       - name
-      - description
+      - description

modules/auxiliary/gather/ldap_query.rb

@@ -20,7 +20,7 @@ class MetasploitModule < Msf::Auxiliary
 
     begin
       @default_settings_file_path = user_config_file
-      @default_settings = YAML.safe_load_file(@default_settings_file_path)
+      @default_settings = YAML.safe_load(File.binread(@default_settings_file_path))
     rescue StandardError => e
       print_error("Couldn't parse #{@default_settings_file_path}, error was: #{e}")
       return
@@ -134,7 +134,7 @@ class MetasploitModule < Msf::Auxiliary
     end
   end
 
-  def output_json_data(entries, _columns)
+  def output_json_data(entries)
     entries.each do |entry|
       result = ''
       data = {}
@@ -148,41 +148,41 @@ class MetasploitModule < Msf::Auxiliary
     end
   end
 
-  def output_data_table(entries, _columns)
+  def output_data_table(entries)
     generate_rex_tables(entries, 'table')
   end
 
-  def output_data_csv(entries, _columns)
+  def output_data_csv(entries)
     generate_rex_tables(entries, 'csv')
   end
 
   def perform_multiple_queries_from_file(ldap, parsed_file)
     parsed_file['queries'].each do |query|
-      unless query['name'] && query['filter'] && query['columns']
-        print_error("Each query in the query file must at least contain a 'name', 'filter' and 'columns' attribute!")
+      unless query['action'] && query['filter'] && query['attributes']
+        print_error("Each query in the query file must at least contain a 'action', 'filter' and 'attributes' attribute!")
         break
       end
-      attributes = query['columns']
+      attributes = query['attributes']
       if attributes.nil? || attributes.empty?
         print_warning('At least one attribute needs to be specified per query in the query file for entries to work!')
         break
       end
       filter = Net::LDAP::Filter.construct(query['filter'])
-      print_status("Running #{query['name']}...")
+      print_status("Running #{query['action']}...")
       entries = perform_ldap_query(ldap, filter, attributes)
 
       if entries.nil?
-        print_warning("Query #{query['filter']} from #{query['name']} didn't return any results!")
+        print_warning("Query #{query['filter']} from #{query['action']} didn't return any results!")
         next
       end
 
       case datastore['OUTPUT_FORMAT']
       when 'csv'
-        output_data_csv(entries, attributes)
+        output_data_csv(entries)
       when 'table'
-        output_data_table(entries, attributes)
+        output_data_table(entries)
       when 'json'
-        output_json_data(entries, attributes)
+        output_json_data(entries)
       else
         print_error('Supported OUTPUT_FORMAT values are csv, table, and json')
         break
@@ -192,7 +192,6 @@ class MetasploitModule < Msf::Auxiliary
 
   def run
     entries = nil
-    columns = []
     begin
       ldap_connect do |ldap|
         bind_result = ldap.as_json['result']['ldap_result']
@@ -234,7 +233,7 @@ class MetasploitModule < Msf::Auxiliary
           print_status("Loading queries from #{datastore['QUERY_FILE_PATH']}...")
 
           begin
-            parsed_file = YAML.safe_load_file(datastore['QUERY_FILE_PATH'])
+            parsed_file = YAML.safe_load(File.read(datastore['QUERY_FILE_PATH']))
           rescue StandardError => e
             print_error("Couldn't parse #{datastore['QUERY_FILE_PATH']}, error was: #{e}")
             return
@@ -248,21 +247,20 @@ class MetasploitModule < Msf::Auxiliary
           return
         else
           filter_string = nil
-          columns = nil
+          attributes = nil
           for entry in @default_settings['queries'] do
             next unless entry['action'] == datastore['ACTION']
 
             filter_string = entry['filter']
-            columns = entry['columns']
+            attributes = entry['attributes']
             break
           end
 
-          if columns&.empty? || filter_string&.empty?
-            print_error("Couldn't find and/or load the columns and filter string for #{datastore['ACTION']}. Check the validity of the YAML file at #{@default_settings_file_path}!")
+          if attributes&.empty? || filter_string&.empty?
+            print_error("Couldn't find and/or load the attributes and filter string for #{datastore['ACTION']}. Check the validity of the YAML file at #{@default_settings_file_path}!")
           end
 
           filter = Net::LDAP::Filter.construct(filter_string)
-          attributes = columns
           entries = perform_ldap_query(ldap, filter, attributes)
         end
       end
@@ -274,11 +272,11 @@ class MetasploitModule < Msf::Auxiliary
 
     case datastore['OUTPUT_FORMAT']
     when 'csv'
-      output_data_csv(entries, columns)
+      output_data_csv(entries)
     when 'table'
-      output_data_table(entries, columns)
+      output_data_table(entries)
     when 'json'
-      output_json_data(entries, columns)
+      output_json_data(entries)
     else
       print_error('Supported OUTPUT_FORMAT values are csv, table and json')
       return