implement authentication methods and change underlying connection because of bugs

2024-01-20 21:02:08 +01:00 · 2024-01-20 21:02:08 +01:00 · bd1238d27e
parent fe59057c0d
commit bd1238d27e
1 changed files with 45 additions and 16 deletions
--- a/pkg/js/libs/ldap/ldap.go
+++ b/pkg/js/libs/ldap/ldap.go
@ -4,15 +4,10 @@ import (
 	"context"
 	"crypto/tls"
 	"fmt"
-	"net"
 	"strings"
-	"time"

 	"github.com/go-ldap/ldap/v3"
-	"github.com/praetorian-inc/fingerprintx/pkg/plugins"
 	"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/protocolstate"
-
-	pluginldap "github.com/praetorian-inc/fingerprintx/pkg/plugins/services/ldap"
 )

 // Client is a client for ldap protocol in golang.
@ -43,17 +38,19 @@ func (c *LdapClient) Connect(host string, port int, ssl, istls bool) (bool, erro
 	}

 	var err error
-	var con net.Conn
 	if ssl {
-		con, err = protocolstate.Dialer.DialTLS(context.TODO(), "tcp", fmt.Sprintf("%s:%d", host, port))
+		config := &tls.Config{
+			InsecureSkipVerify: true,
+			ServerName:         host,
+		}
+		c.Conn, err = ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", host, port), config)
 	} else {
-		con, err = protocolstate.Dialer.Dial(context.TODO(), "tcp", fmt.Sprintf("%s:%d", host, port))
+		c.Conn, err = ldap.Dial("tcp", fmt.Sprintf("%s:%d", host, port))
 	}
 	if err != nil {
 		return false, err
 	}

-	c.Conn = ldap.NewConn(con, ssl)
 	if istls && !ssl {
 		// Here if it is not a valid ldap server, the StartTLS will return an error,
 		// so, if this check succeeds, there is no need to check if the host is has an LDAP Server:
@ -61,13 +58,6 @@ func (c *LdapClient) Connect(host string, port int, ssl, istls bool) (bool, erro
 		if err := c.Conn.StartTLS(&tls.Config{InsecureSkipVerify: true}); err != nil {
 			return false, err
 		}
-	} else {
-		// If the connection is unencrypted or targets LDAPS we check here if the host actually
-		// exposes an actual LDAP server
-		plugin := &pluginldap.LDAPPlugin{}
-		if service, err := plugin.Run(con, 10*time.Second, plugins.Target{Host: host}); err != nil || service == nil {
-			return false, err
-		}
 	}

 	c.Host = host
@ -77,6 +67,45 @@ func (c *LdapClient) Connect(host string, port int, ssl, istls bool) (bool, erro
 	return true, nil
 }

+func (c *LdapClient) Authenticate(realm string, username, password string) (bool, error) {
+	if c.Conn == nil {
+		return false, fmt.Errorf("no existing connection")
+	}
+
+	c.Realm = realm
+	c.BaseDN = fmt.Sprintf("dc=%s", strings.Join(strings.Split(realm, "."), ",dc="))
+
+	if err := c.Conn.NTLMBind(realm, username, password); err == nil {
+		// if bind with NTLMBind(), there is nothing
+		// else to do, you are authenticated
+		return true, nil
+	}
+
+	switch password {
+	case "":
+		if err := c.Conn.UnauthenticatedBind(username); err != nil {
+			return false, err
+		}
+	default:
+		if err := c.Conn.Bind(username, password); err != nil {
+			return false, err
+		}
+	}
+	return true, nil
+}
+
+func (c *LdapClient) AuthenticateWithNTLMHash(realm string, username, hash string) (bool, error) {
+	if c.Conn == nil {
+		return false, fmt.Errorf("no existing connection")
+	}
+	c.Realm = realm
+	c.BaseDN = fmt.Sprintf("dc=%s", strings.Join(strings.Split(realm, "."), ",dc="))
+	if err := c.Conn.NTLMBindWithHash(realm, username, hash); err != nil {
+		return false, err
+	}
+	return true, nil
+}
+
 // Search is a method that uses the already Connect()'ed client to query the LDAP
 // server, works for openldap and for Microsoft's Active Directory Ldap
 //