From 293e9a91641ee7a056a0bc8b19c2d9788fd701d9 Mon Sep 17 00:00:00 2001 From: spyr0 Date: Thu, 11 Aug 2022 10:54:05 +0100 Subject: [PATCH] Added SamAccountName option, more attributes and error handling --- cme/modules/whoami.py | 40 +++++++++++++++++++++++++++++++++------- 1 file changed, 33 insertions(+), 7 deletions(-) diff --git a/cme/modules/whoami.py b/cme/modules/whoami.py index 0d3e0a7f..251439fc 100644 --- a/cme/modules/whoami.py +++ b/cme/modules/whoami.py @@ -13,9 +13,11 @@ class CMEModule: def options(self, context, module_options): ''' - No options requireds + USER Enumerate information about a different SamAccountName ''' - pass + self.username = None + if 'USER' in module_options: + self.username = module_options['USER'] def on_login(self, context, connection): @@ -31,21 +33,42 @@ class CMEModule: # https://github.com/pycontribs/python3-ldap/blob/master/python3-ldap/ldap3/protocol/rfc4512.py searchBase = ldapServer.info.naming_contexts[0] - searchFilter = f'(sAMAccountName={connection.username})' + if self.username is None: + searchFilter = f'(sAMAccountName={connection.username})' + else: + searchFilter = f'(sAMAccountName={format(self.username)})' + context.log.debug(f'Using naming context: {searchBase} and {searchFilter} as search filter') # Confirm login / get username - context.log.highlight(f'Username: {ldapConn.extend.standard.who_am_i().replace("u:","")}') + context.log.debug(f'Running LDAP queries as: {ldapConn.extend.standard.who_am_i().replace("u:","")}') # Get attributes of provided user - ldapConn.search(search_base=searchBase,search_filter=searchFilter,attributes=['description','distinguishedName', 'memberOf', 'name', 'pwdLastSet']) + ldapConn.search(search_base=searchBase,search_filter=searchFilter, + attributes=['name','sAmAccountName','description','distinguishedName','pwdLastSet','logonCount','lastLogon','userAccountControl','memberOf']) for response in ldapConn.response: - context.log.highlight(f"Distinguished name: {response['attributes']['distinguishedName']}") context.log.highlight(f"Human name: {response['attributes']['name']}") + context.log.highlight(f"Username: {response['attributes']['sAmAccountName']}") context.log.highlight(f"Description: {response['attributes']['description']}") + context.log.highlight(f"Distinguished name: {response['attributes']['distinguishedName']}") context.log.highlight(f"Password last set: {response['attributes']['pwdLastSet']}") + context.log.highlight(f"Logon count: {response['attributes']['logonCount']}") + context.log.highlight(f"Last logon: {response['attributes']['lastLogon']}") + + if response['attributes']['userAccountControl'] == 512: + context.log.highlight(f"Enabled: Yes") + context.log.highlight(f"Password Never Expires: No") + if response['attributes']['userAccountControl'] == 514: + context.log.highlight(f"Enabled: No") + context.log.highlight(f"Password Never Expires: No") + if response['attributes']['userAccountControl'] == 66048: + context.log.highlight(f"Enabled: Yes") + context.log.highlight(f"Password Never Expires: Yes") + if response['attributes']['userAccountControl'] == 66050: + context.log.highlight(f"Enabled: No") + context.log.highlight(f"Password Never Expires: Yes") for group in response['attributes']['memberOf']: context.log.highlight(f'Member of: {group}') @@ -53,5 +76,8 @@ class CMEModule: # Only want output from first response break + except KeyError: + context.log.error(f'Username does not exist') + except Exception as e: - context.log.error(f'UNEXPECTED ERROR: {e}') \ No newline at end of file + context.log.error(f'UNEXPECTED ERROR: {repr(e)}')