Script ldap-novell-getpass

Script types: portrule
Categories: discovery, safe
Download: https://svn.nmap.org/nmap/scripts/ldap-novell-getpass.nse

Script Summary

Universal Password enables advanced password policies, including extended characters in passwords, synchronization of passwords from eDirectory to other systems, and a single password for all access to eDirectory.

In case the password policy permits administrators to retrieve user passwords ("Allow admin to retrieve passwords" is set in the password policy) this script can retrieve the password.

Script Arguments

ldap-novell-getpass.password

The LDAP password to use when connecting to the server

ldap-novell-getpass.account

The name of the account to retrieve the password for

ldap-novell-getpass.username

The LDAP username to use when connecting to the server

Example Usage

nmap -p 636 --script ldap-novell-getpass --script-args \
'ldap-novell-getpass.username="CN=admin,O=cqure", \
ldap-novell-getpass.password=pass1234, \
ldap-novell-getpass.account="CN=paka,OU=hr,O=cqure"'

Script Output

PORT    STATE SERVICE REASON
636/tcp open  ldapssl syn-ack
| ldap-novell-getpass:
|   Account: CN=patrik,OU=security,O=cqure
|_  Password: foobar

Requires


Author:

  • Patrik Karlsson

License: Same as Nmap--See https://nmap.org/book/man-legal.html