Library ldap

Library methods for handling LDAP.

Author:

  • Patrik Karlsson

Copyright © Same as Nmap--See https://nmap.org/book/man-legal.html Credit goes out to Martin Swende who provided me with the initial code that got me started writing this. Version 0.8 Created 01/12/2010 - v0.1 - Created by Patrik Karlsson <patrik@cqure.net> Revised 01/28/2010 - v0.2 - Revised to fit better fit ASN.1 library Revised 02/02/2010 - v0.3 - Revised to fit OO ASN.1 Library Revised 09/05/2011 - v0.4 - Revised to include support for writing output to file, added decoding certain time formats Revised 10/29/2011 - v0.5 - Added support for performing wildcard searches via the substring filter. Revised 10/30/2011 - v0.6 - Added support for the ldap extensibleMatch filter type for searches Revised 04/04/2016 - v0.7 - Added support for searchRequest over upd ( udpSearchRequest ) - Tom Sellers Revised 07/11/2017 - v0.8 - Added support for decoding the objectSID Active Directory attribute - Tom Sellers

Source: https://svn.nmap.org/nmap/nselib/ldap.lua

Functions

bindRequest (socket, params)

Attempts to bind to the server using the credentials given

convertADTimeStamp (timestamp)

Convert Microsoft Active Directory timestamp format to a human readable form These values store time values in 100 nanoseconds segments from 01-Jan-1601

convertObjectSid (data, hex)

Converts the objectSid Active Directory attribute from hex to a human readable string

convertZuluTimeStamp (timestamp)

Converts a non-delimited Zulu timestamp format to a human readable form For example 20110904003302.0Z becomes 2001/09/04 00:33:02 UTC

copyTable (targetTable)

Creates a copy of a table

createFilter (filter)

Creates an ASN1 structure from a filter table

decode (encStr, pos)

Decodes an LDAP packet or a part of it according to ASN.1 basic encoding rules.

encode (val)

Encodes a given value according to ASN.1 basic encoding rules for SNMP packet creation.

extractAttribute (searchEntries, attributeName)

Extract naming context from a search response

searchRequest (socket, params)

Performs an LDAP Search request

searchResultToFile (searchEntries, filename)

Saves a search result as received from searchRequest to a file

searchResultToTable (searchEntries)

Converts a search result as received from searchRequest to a "result" table

udpSearchRequest (host, port, params)

Performs an LDAP Search request over UDP

unbindRequest (socket)

Performs an LDAP Unbind

Tables

APPNO

Application constants

Functions

bindRequest (socket, params)

Attempts to bind to the server using the credentials given

Parameters

socket
socket already connected to the ldap server
params
table containing version, username and password

Return values:

  1. success true or false
  2. err string containing error message
convertADTimeStamp (timestamp)

Convert Microsoft Active Directory timestamp format to a human readable form These values store time values in 100 nanoseconds segments from 01-Jan-1601

Parameters

timestamp
Microsoft Active Directory timestamp value

Return value:

string containing human readable form
convertObjectSid (data, hex)

Converts the objectSid Active Directory attribute from hex to a human readable string

Example: 1-5-21-542885397-2936741293-3965599772-500

Parameters

data
 
hex
string form of objectSid from LDAP response

Return value:

string containing human readable form
convertZuluTimeStamp (timestamp)

Converts a non-delimited Zulu timestamp format to a human readable form For example 20110904003302.0Z becomes 2001/09/04 00:33:02 UTC

Parameters

timestamp
in Zulu format without separators

Return value:

string containing human readable form
copyTable (targetTable)

Creates a copy of a table

Parameters

targetTable
table object to copy

Return value:

table object containing copy of original
createFilter (filter)

Creates an ASN1 structure from a filter table

Parameters

filter
table containing the filter to be created

Return value:

string containing the ASN1 byte sequence
decode (encStr, pos)

Decodes an LDAP packet or a part of it according to ASN.1 basic encoding rules.

Parameters

encStr
Encoded string.
pos
Current position in the string.

Return values:

  1. The decoded value(s).
  2. The position after decoding
encode (val)

Encodes a given value according to ASN.1 basic encoding rules for SNMP packet creation.

Parameters

val
Value to be encoded.

Return value:

Encoded value.
extractAttribute (searchEntries, attributeName)

Extract naming context from a search response

Parameters

searchEntries
table containing searchEntries from a searchResponse
attributeName
string containing the attribute to extract

Return value:

table containing the attribute values
searchRequest (socket, params)

Performs an LDAP Search request

This function has a concept of softerrors which populates the return tables error information while returning a true status. The reason for this is that LDAP may return a number of records and then finish off with an error like SIZE LIMIT EXCEEDED. We still want to return the records that were received prior to the error. In order to achieve this and not terminating the script by returning a false status a true status is returned together with a table containing all searchentries. This table has the errorMessage and resultCode entries set with the error information. As a try won't catch this error it's up to the script to do so. See ldap-search.nse for an example.

Parameters

socket
socket already connected to the ldap server
params
table containing at least scope, derefPolicy, baseObject the field maxObjects may also be included to restrict the amount of records returned

Return values:

  1. success true or false.
  2. searchResEntries containing results or a string containing error message
searchResultToFile (searchEntries, filename)

Saves a search result as received from searchRequest to a file

Does some limited decoding of LDAP attributes

TODO: Add decoding of missing attributes TODO: Add decoding of userParameters TODO: Add decoding of loginHours

Parameters

searchEntries
table as returned from searchRequest
filename
the name of a save to save results to

Return value:

table suitable for stdnse.format_output
searchResultToTable (searchEntries)

Converts a search result as received from searchRequest to a "result" table

Does some limited decoding of LDAP attributes

TODO: Add decoding of missing attributes TODO: Add decoding of userParameters TODO: Add decoding of loginHours

Parameters

searchEntries
table as returned from searchRequest

Return value:

table suitable for stdnse.format_output
udpSearchRequest (host, port, params)

Performs an LDAP Search request over UDP

This function has a concept of softerrors which populates the return tables error information while returning a true status. The reason for this is that LDAP may return a number of records and then finish off with an error like SIZE LIMIT EXCEEDED. We still want to return the records that were received prior to the error. In order to achieve this and not terminating the script by returning a false status a true status is returned together with a table containing all searchentries. This table has the errorMessage and resultCode entries set with the error information. As a try won't catch this error it's up to the script to do so. See ldap-search.nse for an example.

Parameters

host
The host to connect to
port
The port on the host
params
table containing at least scope, derefPolicy, baseObject the field maxObjects may also be included to restrict the amount of records returned

Return values:

  1. success true or false.
  2. searchResEntries containing results or a string containing error message
unbindRequest (socket)

Performs an LDAP Unbind

Parameters

socket
socket already connected to the ldap server

Return values:

  1. success true or false
  2. err string containing error message

Tables

APPNO

Application constants