By capturing possible connection errors when SSL cannot be
negotiated, this update prevents early exit due to failure of a
single IP when scanning a range of IPs
author Hynek Petrak <hynek.petrak@gmail.com> 1595628792 +0200
committer Spencer McIntyre <Spencer_McIntyre@rapid7.com> 1598532753 -0400
Added module to dump hashes from LDAP
added hash formatters, documentation, ldap authentication
typo
sanitizing
added scenario for NASDeluxe
added few hash attribute examples
typo correction
Co-authored-by: bcoles <bcoles@gmail.com>
typo correction
Co-authored-by: bcoles <bcoles@gmail.com>
typo correction
Co-authored-by: bcoles <bcoles@gmail.com>
avoid option name conflicts
added test scenario
linted
linted
Dump all nameContexts, not just the first one. Search creds in multiple attributes.
attemt to dump special and operational attributes
check if ldap bind succeeded
sanitize the ldap hashes, skip invalid, remove {crypt} prefix
memory optimization for large LDAP servers
spaces at eols
put header to the ldif loot
added other LDAP hash formats, don't save empty ldif, dump root DSE
now we handle vmdir case too
explictly set md5crypt for $
Converted to scanner to improve performance on large networks
krbprincipalkey, memory optimization for ldap.search
handle additional hash types
be verbose about search errors
added per host timeout
catch exception from Net::Ldap
shorten the param value
handle pwdhistory entries
added comment about sambapwdhistory value
reject shorter empty sambapassordhistory entries
reject null nt and lm hashes
report assumed clear text passwords
refactored timeout for the sake of the loot
ignore {SASL} pass-trough auth entries
distinguish unresolved hashes from clear passwords
print ldap server error message, meaningful loot name
correct exception handling
handle hashes with eol
remove debug line
handle pkcs12 in binary form
attemt to control timeout on bind operation
leave LDAP#bind to be called implicitly in #search
remove debug line
fixed bug, when pillage broke the outer LDAP#search
learning ruby
monkey patched ldap connection handling, ignoring bind errors
commenting the net:LDAP misbehaviour
review fixes
review fixes
moving ldap.search into a function
remove fail_with, store loot from one place, print statistics
linting
consolidated ldap_new and connect, don't catch exceptions in the mixin
Complete the credential creation
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
cgranleese-r7