# -*- coding: binary -*-

#
# This mixin is a wrapper around Net::LDAP
#

require 'net-ldap'

module Msf
module Exploit::Remote::LDAP

  def initialize(info = {})
    super

    register_options([
      Opt::RHOST,
      Opt::RPORT(389)
    ])
  end

  def rhost
    datastore['RHOST']
  end

  def rport
    datastore['RPORT']
  end

  def peer
    "#{rhost}:#{rport}"
  end

  def discover_base_dn(ldap)
    print_status('Searching root DSE for base DN')

    unless (root_dse = ldap.search_root_dse)
      print_error('Could not retrieve root DSE')
      return
    end

    vprint_line(root_dse.to_ldif)

    # NOTE: Net::LDAP converts attribute names to lowercase
    unless root_dse[:namingcontexts]
      print_error('Could not find namingContexts attribute')
      return
    end

    if root_dse[:namingcontexts].empty?
      print_error('Could not find base DN')
      return
    end

    # NOTE: We assume the first namingContexts value is the base DN
    base_dn = root_dse[:namingcontexts].first

    print_good("Discovered base DN: #{base_dn}")
    base_dn
  rescue Net::LDAP::Error => e
    print_error("#{e.class}: #{e.message}")
    nil
  end

end
end