corrections based on feedback
Thomas Ring
parent
10713dd440
commit
37f159d80a
|
|
@ -27,82 +27,63 @@ def initialize(info={})
|
||||||
))
|
))
|
||||||
|
|
||||||
register_options([
|
register_options([
|
||||||
OptString.new('FIELDS', [true, 'Fields to retrieve.', 'sn,givenName,st,postalCode,physicalDeliveryOfficeName,telephoneNumber,mobile,facsimileTelephoneNumber,displayName,title,department,company, streetAddress,sAMAccountName,userAccountControl,comment,description']),
|
OptString.new('FIELDS', [false, 'Fields to retrieve (ie, sn, givenName, displayName, description, comment)', '']),
|
||||||
OptString.new('FILTER', [true, 'Search filter.','(&(objectClass=organizationalPerson)(objectClass=user)(objectClass=person)(!(objectClass=computer)))']),
|
], self.class)
|
||||||
], self.class)
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def run
|
def run
|
||||||
fields = datastore['FIELDS'].gsub(/\s+/,"").split(',')
|
|
||||||
search_filter = datastore['FILTER']
|
fields = []
|
||||||
|
if(datastore['FIELDS'] == '')
|
||||||
|
field_str = 'sn,givenName,state,postalCode,physicalDeliveryOfficeName,telephoneNumber,mobile,facsimileTelephoneNumber,displayName,'
|
||||||
|
field_str << 'title,department,company, streetAddress,sAMAccountName,userAccountControl,comment,description'
|
||||||
|
fields = field_str.gsub!(/\s+/,'').split(',')
|
||||||
|
else
|
||||||
|
fields = datastore['FIELDS'].gsub(/\s+/,"").split(',')
|
||||||
|
end
|
||||||
|
search_filter = '(&(objectClass=organizationalPerson)(objectClass=user)(objectClass=person)(!(objectClass=computer)))'
|
||||||
max_search = datastore['MAX_SEARCH']
|
max_search = datastore['MAX_SEARCH']
|
||||||
begin
|
begin
|
||||||
q = query(search_filter, max_search, fields)
|
q = query(search_filter, max_search, fields)
|
||||||
if q.nil? or q[:results].empty?
|
return if !q or q[:results].empty?
|
||||||
return
|
|
||||||
end
|
|
||||||
rescue ::RuntimeError, ::Rex::Post::Meterpreter::RequestError => e
|
rescue ::RuntimeError, ::Rex::Post::Meterpreter::RequestError => e
|
||||||
# Can't bind or in a network w/ limited accounts
|
# Can't bind or in a network w/ limited accounts
|
||||||
print_error(e.message)
|
print_error(e.message)
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
|
||||||
wordlist = Hash.new()
|
wordlist = Hash.new(0)
|
||||||
q[:results].each do |result|
|
q[:results].each do |result|
|
||||||
result.each do |field|
|
result.each do |field|
|
||||||
next if field.nil?
|
next unless field.present?
|
||||||
next if field =~ /^\s*$/ or field == '-' or field == '' or field.length < 3
|
next if field =~ /^\s*$/ or field == '-' or field == '' or field.length < 3
|
||||||
|
|
||||||
field.gsub!(/[\(\)\"]/, '') # clear up common punctuation in descriptions
|
field.gsub!(/[\(\)\"]/, '') # clear up common punctuation in descriptions
|
||||||
field.downcase! # clear up case
|
field.downcase! # clear up case
|
||||||
add = 1
|
|
||||||
|
|
||||||
tmp = Array.new()
|
tmp = []
|
||||||
if(field =~ /\s+/)
|
parts = field.split(/\s+/)
|
||||||
tmp.push(field.split(/\s+/))
|
tmp = tmp + parts + [ parts.join ] unless parts.empty?
|
||||||
add=0
|
parts = field.split('-')
|
||||||
end
|
tmp = tmp + parts + [ parts.join ] unless parts.empty?
|
||||||
field.gsub!(/\s+/, '')
|
parts = field.split(',')
|
||||||
|
tmp = tmp + parts + [ parts.join ] unless parts.empty?
|
||||||
|
parts = field.split('+')
|
||||||
|
tmp = tmp + parts + [ parts.join ] unless parts.empty?
|
||||||
|
|
||||||
if(field =~ /-/)
|
# add the entire field if its not too long
|
||||||
tmp.push(field.split(/-/))
|
wordlist[field] += 1 if field.length < 24
|
||||||
tmp.push(field.gsub(/-/, ''))
|
|
||||||
end
|
|
||||||
field.gsub!(/-/, '')
|
|
||||||
|
|
||||||
if(field =~ /,/)
|
|
||||||
tmp.push(field.split(/,/))
|
|
||||||
add=0
|
|
||||||
end
|
|
||||||
field.gsub!(/,/, '')
|
|
||||||
|
|
||||||
if(field =~ /\+/)
|
|
||||||
tmp.push(field.split(/\+/))
|
|
||||||
end
|
|
||||||
field.gsub!(/\+/, '')
|
|
||||||
|
|
||||||
if wordlist.has_key?(field) and field.length < 24 and add == 1
|
|
||||||
wordlist[field] = wordlist[field]+1
|
|
||||||
else
|
|
||||||
wordlist[field] = 1
|
|
||||||
end
|
|
||||||
|
|
||||||
if tmp.length > 0
|
if tmp.length > 0
|
||||||
tmp = tmp.flatten
|
tmp = tmp.flatten
|
||||||
tmp.each do |r|
|
tmp.each do |r|
|
||||||
next if r.length < 3 or r.length > 24
|
next if r.length < 3 or r.length > 24
|
||||||
# sub fields can still have unwanted characters due to not chained if (ie, it has dashes and commas)
|
# sub fields can still have unwanted characters due to not chained if (ie, it has dashes and commas)
|
||||||
r.gsub!(/s/, '')
|
r.gsub!(/[\s\,\-\+]/, '')
|
||||||
r.gsub!(/,/, '')
|
wordlist[r] += 1 if r.length < 24
|
||||||
r.gsub!(/-/, '')
|
|
||||||
r.gsub!(/\+/, '')
|
|
||||||
if wordlist.has_key?(r) and r.length < 24
|
|
||||||
wordlist[r] = wordlist[r]+1
|
|
||||||
else
|
|
||||||
wordlist[r] = 1
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end # result.each
|
end # result.each
|
||||||
end # q.each
|
end # q.each
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue