infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added custom LDAP filter to ad_groups and ad_users to save having to use meterpreter's adsi interface

bug/bundler_fix
Stuart Morgan 2015-12-16 10:38:38 +00:00
parent b78f7b4d55
commit c9c1dd22ee
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
modules/post/windows/gather/enum_ad_groups.rb
View File

@ -32,6 +32,7 @@ class Metasploit3 < Msf::Post
register_options([
OptString.new('ADDITIONAL_FIELDS', [false, 'Additional fields to retrieve, comma separated', nil]),
OptString.new('FILTER', [false, 'Customised LDAP filter', nil]),
], self.class)
end
@ -46,7 +47,9 @@ class Metasploit3 < Msf::Post
max_search = datastore['MAX_SEARCH']
begin
q = query('(objectClass=group)', max_search, @user_fields)
f = ""
f = "(#{datastore['FILTER']})" if datastore['FILTER']
q = query("(&(objectClass=group)#{f})", max_search, @user_fields)
rescue ::RuntimeError, ::Rex::Post::Meterpreter::RequestError => e
# Can't bind or in a network w/ limited accounts
print_error(e.message)

2
modules/post/windows/gather/enum_ad_users.rb
View File

@ -47,6 +47,7 @@ class Metasploit3 < Msf::Post
OptBool.new('EXCLUDE_LOCKED', [true, 'Exclude in search locked accounts..', false]),
OptBool.new('EXCLUDE_DISABLED', [true, 'Exclude from search disabled accounts.', false]),
OptString.new('ADDITIONAL_FIELDS', [false, 'Additional fields to retrieve, comma separated', nil]),
OptString.new('FILTER', [false, 'Customised LDAP filter', nil]),
OptString.new('GROUP_MEMBER', [false, 'Recursively list users that are effectve members of the group DN specified.', nil]),
OptEnum.new('UAC', [true, 'Filter on User Account Control Setting.', 'ANY',
[
@ -146,6 +147,7 @@ class Metasploit3 < Msf::Post
inner_filter << '(!(lockoutTime>=1))' if datastore['EXCLUDE_LOCKED']
inner_filter << '(!(userAccountControl:1.2.840.113556.1.4.803:=2))' if datastore['EXCLUDE_DISABLED']
inner_filter << "(memberof:1.2.840.113556.1.4.1941:=#{datastore['GROUP_MEMBER']})" if datastore['GROUP_MEMBER']
inner_filter << "(#{datastore['FILTER']})" if datastore['FILTER']
case datastore['UAC']
when 'ANY'
when 'NO_PASSWORD'