diff --git a/data/auxiliary/gather/ldap_query/ldap_queries_default.yaml b/data/auxiliary/gather/ldap_query/ldap_queries_default.yaml index 69775f64f4..ec7b24f9b9 100644 --- a/data/auxiliary/gather/ldap_query/ldap_queries_default.yaml +++ b/data/auxiliary/gather/ldap_query/ldap_queries_default.yaml @@ -3,19 +3,19 @@ queries: - action: ENUM_ALL_OBJECT_CLASS description: 'Dump all objects containing any objectClass field.' filter: '(objectClass=*)' - columns: + attributes: - dn - objectClass - action: ENUM_ALL_OBJECT_CATEGORY description: 'Dump all objects containing any objectCategory field.' filter: '(objectCategory=*)' - columns: + attributes: - dn - objectCategory - action: ENUM_ACCOUNTS description: 'Dump info about all known user accounts in the domain.' filter: '(|(objectClass=organizationalPerson)(sAMAccountType=805306368))' - columns: + attributes: - dn - name - displayName @@ -28,7 +28,7 @@ queries: - action: ENUM_COMPUTERS description: 'Dump all objects containing an objectCategory of Computer.' filter: '(objectCategory=Computer)' - columns: + attributes: - dn - displayName - distinguishedName @@ -41,7 +41,7 @@ queries: - action: ENUM_DOMAIN_CONTROLLERS description: 'Dump all known domain controllers.' filter: '(&(objectCategory=Computer)(userAccountControl:1.2.840.113556.1.4.803:=8192))' - columns: + attributes: - dn - displayName - distinguishedName @@ -54,7 +54,7 @@ queries: - action: ENUM_EXCHANGE_SERVERS description: 'Dump info about all known Exchange servers.' filter: '(&(objectClass=msExchExchangeServer)(!(objectClass=msExchExchangeServerPolicy)))' - columns: + attributes: - dn - displayName - distinguishedName @@ -67,7 +67,7 @@ queries: - action: ENUM_EXCHANGE_RECIPIENTS description: 'Dump info about all known Exchange recipients.' filter: '(|(mailNickname=*)(proxyAddresses=FAX:*))' - columns: + attributes: - dn - mailNickname - proxyAddresses @@ -75,7 +75,7 @@ queries: - action: ENUM_GROUPS description: 'Dump info about all known groups in the LDAP environment.' filter: '(|(objectClass=group)(objectClass=groupOfNames)(groupType:1.2.840.113556.1.4.803:=2147483648)(objectClass=posixGroup))' - columns: + attributes: - dn - name - groupType @@ -83,7 +83,7 @@ queries: - action: ENUM_ORGUNITS description: 'Dump info about all known organizational roles in the LDAP environment.' filter: '(objectClass=organizationalUnit)' - columns: + attributes: - dn - displayName - name @@ -91,8 +91,8 @@ queries: - action: ENUM_ORGROLES description: 'Dump info about all known organization units in the LDAP environment.' filter: '(objectClass=organizationalRole)' - columns: + attributes: - dn - displayName - name - - description \ No newline at end of file + - description diff --git a/modules/auxiliary/gather/ldap_query.rb b/modules/auxiliary/gather/ldap_query.rb index ad4623f207..fc4c1c500e 100644 --- a/modules/auxiliary/gather/ldap_query.rb +++ b/modules/auxiliary/gather/ldap_query.rb @@ -20,7 +20,7 @@ class MetasploitModule < Msf::Auxiliary begin @default_settings_file_path = user_config_file - @default_settings = YAML.safe_load_file(@default_settings_file_path) + @default_settings = YAML.safe_load(File.binread(@default_settings_file_path)) rescue StandardError => e print_error("Couldn't parse #{@default_settings_file_path}, error was: #{e}") return @@ -134,7 +134,7 @@ class MetasploitModule < Msf::Auxiliary end end - def output_json_data(entries, _columns) + def output_json_data(entries) entries.each do |entry| result = '' data = {} @@ -148,41 +148,41 @@ class MetasploitModule < Msf::Auxiliary end end - def output_data_table(entries, _columns) + def output_data_table(entries) generate_rex_tables(entries, 'table') end - def output_data_csv(entries, _columns) + def output_data_csv(entries) generate_rex_tables(entries, 'csv') end def perform_multiple_queries_from_file(ldap, parsed_file) parsed_file['queries'].each do |query| - unless query['name'] && query['filter'] && query['columns'] - print_error("Each query in the query file must at least contain a 'name', 'filter' and 'columns' attribute!") + unless query['action'] && query['filter'] && query['attributes'] + print_error("Each query in the query file must at least contain a 'action', 'filter' and 'attributes' attribute!") break end - attributes = query['columns'] + attributes = query['attributes'] if attributes.nil? || attributes.empty? print_warning('At least one attribute needs to be specified per query in the query file for entries to work!') break end filter = Net::LDAP::Filter.construct(query['filter']) - print_status("Running #{query['name']}...") + print_status("Running #{query['action']}...") entries = perform_ldap_query(ldap, filter, attributes) if entries.nil? - print_warning("Query #{query['filter']} from #{query['name']} didn't return any results!") + print_warning("Query #{query['filter']} from #{query['action']} didn't return any results!") next end case datastore['OUTPUT_FORMAT'] when 'csv' - output_data_csv(entries, attributes) + output_data_csv(entries) when 'table' - output_data_table(entries, attributes) + output_data_table(entries) when 'json' - output_json_data(entries, attributes) + output_json_data(entries) else print_error('Supported OUTPUT_FORMAT values are csv, table, and json') break @@ -192,7 +192,6 @@ class MetasploitModule < Msf::Auxiliary def run entries = nil - columns = [] begin ldap_connect do |ldap| bind_result = ldap.as_json['result']['ldap_result'] @@ -234,7 +233,7 @@ class MetasploitModule < Msf::Auxiliary print_status("Loading queries from #{datastore['QUERY_FILE_PATH']}...") begin - parsed_file = YAML.safe_load_file(datastore['QUERY_FILE_PATH']) + parsed_file = YAML.safe_load(File.read(datastore['QUERY_FILE_PATH'])) rescue StandardError => e print_error("Couldn't parse #{datastore['QUERY_FILE_PATH']}, error was: #{e}") return @@ -248,21 +247,20 @@ class MetasploitModule < Msf::Auxiliary return else filter_string = nil - columns = nil + attributes = nil for entry in @default_settings['queries'] do next unless entry['action'] == datastore['ACTION'] filter_string = entry['filter'] - columns = entry['columns'] + attributes = entry['attributes'] break end - if columns&.empty? || filter_string&.empty? - print_error("Couldn't find and/or load the columns and filter string for #{datastore['ACTION']}. Check the validity of the YAML file at #{@default_settings_file_path}!") + if attributes&.empty? || filter_string&.empty? + print_error("Couldn't find and/or load the attributes and filter string for #{datastore['ACTION']}. Check the validity of the YAML file at #{@default_settings_file_path}!") end filter = Net::LDAP::Filter.construct(filter_string) - attributes = columns entries = perform_ldap_query(ldap, filter, attributes) end end @@ -274,11 +272,11 @@ class MetasploitModule < Msf::Auxiliary case datastore['OUTPUT_FORMAT'] when 'csv' - output_data_csv(entries, columns) + output_data_csv(entries) when 'table' - output_data_table(entries, columns) + output_data_table(entries) when 'json' - output_json_data(entries, columns) + output_json_data(entries) else print_error('Supported OUTPUT_FORMAT values are csv, table and json') return