adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/api/Msf/Exploit/Remote/LDAP.html
T
jenkins-metasploit c3f5bd3de2 Reboot gh-pages
2026-05-08 17:08:43 +00:00

1863 lines
109 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Module: Msf::Exploit::Remote::LDAP
&mdash; Documentation by YARD 0.9.37
</title>
<link rel="stylesheet" href="../../../css/style.css" type="text/css" />
<link rel="stylesheet" href="../../../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "Msf::Exploit::Remote::LDAP";
relpath = '../../../';
</script>
<script type="text/javascript" charset="utf-8" src="../../../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../../../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../../../class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../../../_index.html">Index (L)</a> &raquo;
<span class='title'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span>
&raquo;
<span class="title">LDAP</span>
</div>
<div id="search">
<a class="full_list_link" id="class_list_link"
href="../../../class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Module: Msf::Exploit::Remote::LDAP
</h1>
<div class="box_info">
<dl>
<dt>Includes:</dt>
<dd><span class='object_link'><a href="../../../Metasploit/Framework/LDAP/Client.html" title="Metasploit::Framework::LDAP::Client (module)">Metasploit::Framework::LDAP::Client</a></span>, <span class='object_link'><a href="Kerberos/ServiceAuthenticator/Options.html" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Options (module)">Kerberos::ServiceAuthenticator::Options</a></span>, <span class='object_link'><a href="Kerberos/Ticket/Storage.html" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage (module)">Kerberos::Ticket::Storage</a></span></dd>
</dl>
<dl>
<dt>Included in:</dt>
<dd><span class='object_link'><a href="../../../Metasploit/Framework/LoginScanner/LDAP.html" title="Metasploit::Framework::LoginScanner::LDAP (class)">Metasploit::Framework::LoginScanner::LDAP</a></span>, <span class='object_link'><a href="LDAP/ActiveDirectory.html" title="Msf::Exploit::Remote::LDAP::ActiveDirectory (module)">ActiveDirectory</a></span></dd>
</dl>
<dl>
<dt>Defined in:</dt>
<dd>lib/msf/core/exploit/remote/ldap/server.rb<span class="defines">,<br />
lib/msf/core/exploit/remote/ldap.rb,<br /> lib/msf/core/exploit/remote/ldap/error.rb,<br /> lib/msf/core/exploit/remote/ldap/queries.rb,<br /> lib/msf/core/exploit/remote/ldap/entry_cache.rb,<br /> lib/msf/core/exploit/remote/ldap/active_directory.rb</span>
</dd>
</dl>
</div>
<h2>Overview</h2><div class="docstring">
<div class="discussion">
<p>This module exposes methods for querying a remote LDAP service</p>
</div>
</div>
<div class="tags">
</div><h2>Defined Under Namespace</h2>
<p class="children">
<strong class="modules">Modules:</strong> <span class='object_link'><a href="LDAP/ActiveDirectory.html" title="Msf::Exploit::Remote::LDAP::ActiveDirectory (module)">ActiveDirectory</a></span>, <span class='object_link'><a href="LDAP/EntryCache.html" title="Msf::Exploit::Remote::LDAP::EntryCache (module)">EntryCache</a></span>, <span class='object_link'><a href="LDAP/Queries.html" title="Msf::Exploit::Remote::LDAP::Queries (module)">Queries</a></span>, <span class='object_link'><a href="LDAP/Server.html" title="Msf::Exploit::Remote::LDAP::Server (module)">Server</a></span>
<strong class="classes">Classes:</strong> <span class='object_link'><a href="LDAP/Error.html" title="Msf::Exploit::Remote::LDAP::Error (class)">Error</a></span>
</p>
<h2>
Instance Method Summary
<small><a href="#" class="summary_toggle">collapse</a></small>
</h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#get_connect_opts-instance_method" title="#get_connect_opts (instance method)">#<strong>get_connect_opts</strong> &#x21d2; Hash </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Set the various connection options to use when connecting to the target LDAP server based on the current datastore options.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#initialize-instance_method" title="#initialize (instance method)">#<strong>initialize</strong>(info = {}) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Initialize the LDAP client and set up the LDAP specific datastore options to allow the client to perform authentication and timeout operations.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#ldap_connect-instance_method" title="#ldap_connect (instance method)">#<strong>ldap_connect</strong>(opts = {}, &amp;block) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>The result of whatever the block that was passed in via the “block” parameter yielded.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#ldap_escape_filter-instance_method" title="#ldap_escape_filter (instance method)">#<strong>ldap_escape_filter</strong>(string) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Return a string suitable for placement in an LDAP filter e.g.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#ldap_new-instance_method" title="#ldap_new (instance method)">#<strong>ldap_new</strong>(opts = {}) {|ldap| ... } &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Create a new LDAP connection using Rex::Proto::LDAP::Client.new and yield the resulting connection object to the caller of this method.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#ldap_open-instance_method" title="#ldap_open (instance method)">#<strong>ldap_open</strong>(connect_opts, keep_open: false, &amp;block) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Connect to the target LDAP server using the options provided, and pass the resulting connection object to the proc provided.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#peer-instance_method" title="#peer (instance method)">#<strong>peer</strong> &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Return the peer as a host:port formatted string.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#report_ldap_service-instance_method" title="#report_ldap_service (instance method)">#<strong>report_ldap_service</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#resolve_connect_opts-instance_method" title="#resolve_connect_opts (instance method)">#<strong>resolve_connect_opts</strong>(connect_opts) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#rhost-instance_method" title="#rhost (instance method)">#<strong>rhost</strong> &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Alias to return the RHOST datastore option.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#rport-instance_method" title="#rport (instance method)">#<strong>rport</strong> &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Alias to return the RPORT datastore option.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#ssl-instance_method" title="#ssl (instance method)">#<strong>ssl</strong> &#x21d2; Object </a>
(also: #ldap_client_ssl)
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#validate_bind_success!-instance_method" title="#validate_bind_success! (instance method)">#<strong>validate_bind_success!</strong>(ldap) &#x21d2; Nil </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Check whether it was possible to successfully bind to the target LDAP server.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#validate_query_result!-instance_method" title="#validate_query_result! (instance method)">#<strong>validate_query_result!</strong>(query_result, filter = nil) &#x21d2; Nil </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Validate the query result and check whether the query succeeded.</p>
</div></span>
</li>
</ul>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Metasploit/Framework/LDAP/Client.html" title="Metasploit::Framework::LDAP::Client (module)">Metasploit::Framework::LDAP::Client</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Metasploit/Framework/LDAP/Client.html#ldap_connect_opts-instance_method" title="Metasploit::Framework::LDAP::Client#ldap_connect_opts (method)">#ldap_connect_opts</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="Kerberos/ServiceAuthenticator/Options.html" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Options (module)">Kerberos::ServiceAuthenticator::Options</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Kerberos/ServiceAuthenticator/Options.html#kerberos_auth_options-instance_method" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Options#kerberos_auth_options (method)">#kerberos_auth_options</a></span>, <span class='object_link'><a href="Kerberos/ServiceAuthenticator/Options.html#kerberos_clock_skew_seconds-instance_method" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Options#kerberos_clock_skew_seconds (method)">#kerberos_clock_skew_seconds</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="Kerberos/Ticket/Storage.html" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage (module)">Kerberos::Ticket::Storage</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Kerberos/Ticket/Storage.html#kerberos_storage_options-instance_method" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage#kerberos_storage_options (method)">#kerberos_storage_options</a></span>, <span class='object_link'><a href="Kerberos/Ticket/Storage.html#kerberos_ticket_storage-instance_method" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage#kerberos_ticket_storage (method)">#kerberos_ticket_storage</a></span>, <span class='object_link'><a href="Kerberos/Ticket/Storage.html#store_ccache-class_method" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage.store_ccache (method)">store_ccache</a></span></p>
<div id="instance_method_details" class="method_details_list">
<h2>Instance Method Details</h2>
<div class="method_details first">
<h3 class="signature first" id="get_connect_opts-instance_method">
#<strong>get_connect_opts</strong> &#x21d2; <tt>Hash</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Set the various connection options to use when connecting to the target LDAP server based on the current datastore options. Returns the resulting connection configuration as a hash.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Hash</tt>)</span>
&mdash;
<div class='inline'>
<p>The options to use when connecting to the target LDAP server.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/ldap.rb', line 83</span>
<span class='kw'>def</span> <span class='id identifier rubyid_get_connect_opts'>get_connect_opts</span>
<span class='id identifier rubyid_pkcs12_storage'>pkcs12_storage</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Pkcs12.html" title="Msf::Exploit::Remote::Pkcs12 (module)">Pkcs12</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Pkcs12/Storage.html" title="Msf::Exploit::Remote::Pkcs12::Storage (class)">Storage</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="Pkcs12/Storage.html#initialize-instance_method" title="Msf::Exploit::Remote::Pkcs12::Storage#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='label'>framework:</span> <span class='id identifier rubyid_framework'>framework</span><span class='comma'>,</span> <span class='label'>framework_module:</span> <span class='kw'>self</span><span class='rparen'>)</span>
<span class='id identifier rubyid_opts'>opts</span> <span class='op'>=</span> <span class='lbrace'>{</span>
<span class='label'>username:</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAPUsername</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>password:</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAPPassword</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>domain:</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAPDomain</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>base:</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>BASE_DN</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>domain_controller_rhost:</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DomainControllerRhost</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>ldap_auth:</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP::Auth</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>ldap_pkcs12:</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP::CertFile</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>?</span> <span class='id identifier rubyid_pkcs12_storage'>pkcs12_storage</span><span class='period'>.</span><span class='id identifier rubyid_read_pkcs12_cert_path'>read_pkcs12_cert_path</span><span class='lparen'>(</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP::CertFile</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span> <span class='op'>:</span> <span class='kw'>nil</span><span class='comma'>,</span>
<span class='label'>ldap_rhostname:</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP::Rhostname</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>ldap_krb_offered_enc_types:</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP::KrbOfferedEncryptionTypes</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>ldap_krb5_cname:</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP::Krb5Ccname</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>proxies:</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Proxies</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>framework_module:</span> <span class='kw'>self</span><span class='comma'>,</span>
<span class='label'>kerberos_ticket_storage:</span> <span class='id identifier rubyid_kerberos_ticket_storage'>kerberos_ticket_storage</span><span class='comma'>,</span>
<span class='label'>kerberos_clock_skew:</span> <span class='id identifier rubyid_kerberos_clock_skew_seconds'>kerberos_clock_skew_seconds</span>
<span class='rbrace'>}</span>
<span class='kw'>case</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP::Signing</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>when</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>required</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:sign_and_seal</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='kw'>true</span>
<span class='kw'>when</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>disabled</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:sign_and_seal</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='kw'>false</span>
<span class='kw'>end</span>
<span class='kw'>begin</span>
<span class='id identifier rubyid_result'>result</span> <span class='op'>=</span> <span class='id identifier rubyid_ldap_connect_opts'>ldap_connect_opts</span><span class='lparen'>(</span><span class='id identifier rubyid_rhost'>rhost</span><span class='comma'>,</span> <span class='id identifier rubyid_rport'>rport</span><span class='comma'>,</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP::ConnectTimeout</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span> <span class='label'>ssl:</span> <span class='id identifier rubyid_ldap_client_ssl'>ldap_client_ssl</span><span class='comma'>,</span> <span class='label'>opts:</span> <span class='id identifier rubyid_opts'>opts</span><span class='rparen'>)</span>
<span class='kw'>rescue</span> <span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../ValidationError.html" title="Msf::ValidationError (class)">ValidationError</a></span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_e'>e</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#BadConfig-constant" title="Msf::Module::Failure::BadConfig (constant)">BadConfig</a></span></span><span class='comma'>,</span> <span class='id identifier rubyid_e'>e</span><span class='period'>.</span><span class='id identifier rubyid_message'>message</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='comment'># Now that the options have been resolved (including auto possibly resolving to NTLM), check whether this is a valid config
</span> <span class='kw'>if</span> <span class='id identifier rubyid_result'>result</span><span class='lbracket'>[</span><span class='symbol'>:auth</span><span class='rbracket'>]</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP::Signing</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>==</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>required</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>unless</span> <span class='qsymbols_beg'>%i[</span><span class='words_sep'> </span><span class='tstring_content'>rex_kerberos</span><span class='words_sep'> </span><span class='tstring_content'>rex_ntlm</span><span class='words_sep'> </span><span class='tstring_end'>]</span></span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='id identifier rubyid_result'>result</span><span class='lbracket'>[</span><span class='symbol'>:auth</span><span class='rbracket'>]</span><span class='lbracket'>[</span><span class='symbol'>:method</span><span class='rbracket'>]</span><span class='rparen'>)</span> <span class='op'>||</span> <span class='lparen'>(</span><span class='id identifier rubyid_result'>result</span><span class='lbracket'>[</span><span class='symbol'>:auth</span><span class='rbracket'>]</span><span class='lbracket'>[</span><span class='symbol'>:method</span><span class='rbracket'>]</span> <span class='op'>==</span> <span class='symbol'>:sasl</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_result'>result</span><span class='lbracket'>[</span><span class='symbol'>:auth</span><span class='rbracket'>]</span><span class='lbracket'>[</span><span class='symbol'>:mechanism</span><span class='rbracket'>]</span> <span class='op'>==</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>GSS-SPNEGO</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#BadConfig-constant" title="Msf::Module::Failure::BadConfig (constant)">BadConfig</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The authentication configuration does not support signing. Change either LDAP::Auth or LDAP::Signing.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='id identifier rubyid_result'>result</span><span class='lbracket'>[</span><span class='symbol'>:encryption</span><span class='rbracket'>]</span>
<span class='comment'># Domain Controllers don&#39;t seem to support signing and connection over SSL. Gotta pick one or the other.
</span> <span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#BadConfig-constant" title="Msf::Module::Failure::BadConfig (constant)">BadConfig</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SSL not supported with signing. Change either SSL or LDAP::Signing.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_result'>result</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="initialize-instance_method">
#<strong>initialize</strong>(info = {}) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Initialize the LDAP client and set up the LDAP specific datastore options to allow the client to perform authentication and timeout operations. Acts as a wrapper around the callers implementation of the initialize` method, which will usually be the modules classs implementation, such as lib/msf/core/auxiliary.rb.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>info</span>
<span class='type'>(<tt>Hash</tt>)</span>
<em class="default">(defaults to: <tt>{}</tt>)</em>
&mdash;
<div class='inline'>
<p>A hash containing information about the module using this library which includes its name, description, author, references, disclosure date, license, actions, default action, default options, and notes.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/ldap.rb', line 26</span>
<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_info'>info</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='kw'>super</span>
<span class='id identifier rubyid_register_options'>register_options</span><span class='lparen'>(</span><span class='lbracket'>[</span>
<span class='const'><span class='object_link'><a href="../../Opt.html" title="Msf::Opt (module)">Opt</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Opt.html#RHOST-constant" title="Msf::Opt::RHOST (constant)">RHOST</a></span></span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../Opt.html" title="Msf::Opt (module)">Opt</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Opt.html#RPORT-constant" title="Msf::Opt::RPORT (constant)">RPORT</a></span></span><span class='lparen'>(</span><span class='int'>389</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptBool.html" title="Msf::OptBool (class)">OptBool</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBool.html#initialize-instance_method" title="Msf::OptBool#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SSL</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Enable SSL on the LDAP connection</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='kw'>false</span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAPDomain</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The domain to authenticate to</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span> <span class='label'>fallbacks:</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DOMAIN</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAPUsername</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The username to authenticate with</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span> <span class='label'>fallbacks:</span> <span class='qwords_beg'>%w[</span><span class='tstring_content'>USERNAME</span><span class='words_sep'> </span><span class='tstring_content'>BIND_DN</span><span class='tstring_end'>]</span></span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAPPassword</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The password to authenticate with</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span> <span class='label'>fallbacks:</span> <span class='qwords_beg'>%w[</span><span class='tstring_content'>PASSWORD</span><span class='words_sep'> </span><span class='tstring_content'>BIND_PW</span><span class='tstring_end'>]</span></span><span class='rparen'>)</span>
<span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='id identifier rubyid_register_advanced_options'>register_advanced_options</span><span class='lparen'>(</span>
<span class='lbracket'>[</span>
<span class='const'><span class='object_link'><a href="../../Opt.html" title="Msf::Opt (module)">Opt</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Opt.html#Proxies-constant" title="Msf::Opt::Proxies (constant)">Proxies</a></span></span><span class='comma'>,</span>
<span class='op'>*</span><span class='id identifier rubyid_kerberos_storage_options'>kerberos_storage_options</span><span class='lparen'>(</span><span class='label'>protocol:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='op'>*</span><span class='id identifier rubyid_kerberos_auth_options'>kerberos_auth_options</span><span class='lparen'>(</span><span class='label'>protocol:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='label'>auth_methods:</span> <span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="AuthOption.html" title="Msf::Exploit::Remote::AuthOption (module)">AuthOption</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="AuthOption.html#LDAP_OPTIONS-constant" title="Msf::Exploit::Remote::AuthOption::LDAP_OPTIONS (constant)">LDAP_OPTIONS</a></span></span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../OptPkcs12Cert.html" title="Msf::OptPkcs12Cert (class)">OptPkcs12Cert</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBase.html#initialize-instance_method" title="Msf::OptBase#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP::CertFile</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The path to the PKCS12 (.pfx) certificate file to authenticate with</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span> <span class='label'>conditions:</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP::Auth</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>==</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="AuthOption.html" title="Msf::Exploit::Remote::AuthOption (module)">AuthOption</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="AuthOption.html#SCHANNEL-constant" title="Msf::Exploit::Remote::AuthOption::SCHANNEL (constant)">SCHANNEL</a></span></span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptFloat.html" title="Msf::OptFloat (class)">OptFloat</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBase.html#initialize-instance_method" title="Msf::OptBase#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP::ConnectTimeout</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>true</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Timeout for LDAP connect</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='float'>10.0</span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptEnum.html" title="Msf::OptEnum (class)">OptEnum</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptEnum.html#initialize-instance_method" title="Msf::OptEnum#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP::Signing</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>true</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Use signed and sealed (encrypted) LDAP</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>auto</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='qwords_beg'>%w[</span><span class='words_sep'> </span><span class='tstring_content'>disabled</span><span class='words_sep'> </span><span class='tstring_content'>auto</span><span class='words_sep'> </span><span class='tstring_content'>required</span><span class='words_sep'> </span><span class='tstring_end'>]</span></span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='rbracket'>]</span>
<span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="ldap_connect-instance_method">
#<strong>ldap_connect</strong>(opts = {}, &amp;block) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns The result of whatever the block that was passed in via the “block” parameter yielded.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Object</tt>)</span>
&mdash;
<div class='inline'>
<p>The result of whatever the block that was passed in via the "block" parameter yielded.</p>
</div>
</li>
</ul>
<p class="tag_title">See Also:</p>
<ul class="see">
<li><span class='object_link'><a href="#ldap_open-instance_method" title="Msf::Exploit::Remote::LDAP#ldap_open (method)">#ldap_open</a></span></li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
132
133
134</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/ldap.rb', line 132</span>
<span class='kw'>def</span> <span class='id identifier rubyid_ldap_connect'>ldap_connect</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='comma'>,</span> <span class='op'>&amp;</span><span class='id identifier rubyid_block'>block</span><span class='rparen'>)</span>
<span class='id identifier rubyid_ldap_open'>ldap_open</span><span class='lparen'>(</span><span class='id identifier rubyid_get_connect_opts'>get_connect_opts</span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='rparen'>)</span><span class='comma'>,</span> <span class='op'>&amp;</span><span class='id identifier rubyid_block'>block</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="ldap_escape_filter-instance_method">
#<strong>ldap_escape_filter</strong>(string) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Return a string suitable for placement in an LDAP filter e.g. (certificateTemplates=#ldap_escape_string(name))</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>string</span>
<span class='type'></span>
&mdash;
<div class='inline'>
<p>String The string to escape.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'></span>
<div class='inline'>
<p>The escaped string.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
344
345
346</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/ldap.rb', line 344</span>
<span class='kw'>def</span> <span class='id identifier rubyid_ldap_escape_filter'>ldap_escape_filter</span><span class='lparen'>(</span><span class='id identifier rubyid_string'>string</span><span class='rparen'>)</span>
<span class='const'>Net</span><span class='op'>::</span><span class='const'>LDAP</span><span class='op'>::</span><span class='const'>Filter</span><span class='period'>.</span><span class='id identifier rubyid_escape'>escape</span><span class='lparen'>(</span><span class='id identifier rubyid_string'>string</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="ldap_new-instance_method">
#<strong>ldap_new</strong>(opts = {}) {|ldap| ... } &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Create a new LDAP connection using Rex::Proto::LDAP::Client.new and yield the resulting connection object to the caller of this method.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>opts</span>
<span class='type'>(<tt>Hash</tt>)</span>
<em class="default">(defaults to: <tt>{}</tt>)</em>
&mdash;
<div class='inline'>
<p>A hash containing the connection options for the LDAP connection to the target server.</p>
</div>
</li>
</ul>
<p class="tag_title">Yield Parameters:</p>
<ul class="yieldparam">
<li>
<span class='name'>ldap</span>
<span class='type'>(<tt><span class='object_link'><a href="../../../Rex/Proto/LDAP/Client.html" title="Rex::Proto::LDAP::Client (class)">Rex::Proto::LDAP::Client</a></span></tt>)</span>
&mdash;
<div class='inline'>
<p>The LDAP connection handle to use for connecting to the target LDAP server.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/ldap.rb', line 177</span>
<span class='kw'>def</span> <span class='id identifier rubyid_ldap_new'>ldap_new</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='id identifier rubyid_ldap'>ldap</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto/LDAP.html" title="Rex::Proto::LDAP (module)">LDAP</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto/LDAP/Client.html" title="Rex::Proto::LDAP::Client (class)">Client</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../Rex/Proto/LDAP/Client.html#initialize-instance_method" title="Rex::Proto::LDAP::Client#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_resolve_connect_opts'>resolve_connect_opts</span><span class='lparen'>(</span><span class='id identifier rubyid_get_connect_opts'>get_connect_opts</span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='rparen'>)</span><span class='rparen'>)</span><span class='rparen'>)</span>
<span class='comment'># NASTY, but required
</span> <span class='comment'># monkey patch ldap object in order to ignore bind errors
</span> <span class='comment'># Some servers (e.g. OpenLDAP) return result even after a bind
</span> <span class='comment'># has failed, e.g. with LDAP_INAPPROPRIATE_AUTH - anonymous bind disallowed.
</span> <span class='comment'># See: https://www.openldap.org/doc/admin23/security.html#Authentication%20Methods
</span> <span class='comment'># &quot;Note that disabling the anonymous bind mechanism does not prevent anonymous
</span> <span class='comment'># access to the directory.&quot;
</span> <span class='comment'># Bug created for Net:LDAP at https://github.com/ruby-ldap/ruby-net-ldap/issues/375
</span> <span class='comment'># Also used to support multi-threading (used for keep-alive)
</span> <span class='comment'>#
</span> <span class='comment'># @yieldparam conn [Rex::Proto::LDAP::Client] The LDAP connection handle to use for connecting to
</span> <span class='comment'># the target LDAP server.
</span> <span class='comment'># @param args [Hash] A hash containing options for the ldap connection
</span> <span class='kw'>def</span> <span class='id identifier rubyid_ldap'>ldap</span><span class='period'>.</span><span class='id identifier rubyid_use_connection'>use_connection</span><span class='lparen'>(</span><span class='id identifier rubyid_args'>args</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='ivar'>@open_connection</span>
<span class='kw'>yield</span> <span class='ivar'>@open_connection</span>
<span class='id identifier rubyid_register_interaction'>register_interaction</span>
<span class='kw'>else</span>
<span class='kw'>begin</span>
<span class='id identifier rubyid_conn'>conn</span> <span class='op'>=</span> <span class='id identifier rubyid_new_connection'>new_connection</span>
<span class='id identifier rubyid_conn'>conn</span><span class='period'>.</span><span class='id identifier rubyid_bind'>bind</span><span class='lparen'>(</span><span class='id identifier rubyid_args'>args</span><span class='lbracket'>[</span><span class='symbol'>:auth</span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='ivar'>@auth</span><span class='rparen'>)</span>
<span class='comment'># Commented out vs. original
</span> <span class='comment'># result = conn.bind(args[:auth] || @auth)
</span> <span class='comment'># return result unless result.result_code == Rex::Proto::LDAP::Client::ResultCodeSuccess
</span> <span class='kw'>yield</span> <span class='id identifier rubyid_conn'>conn</span>
<span class='kw'>ensure</span>
<span class='id identifier rubyid_conn'>conn</span><span class='period'>.</span><span class='id identifier rubyid_close'>close</span> <span class='kw'>if</span> <span class='id identifier rubyid_conn'>conn</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>yield</span> <span class='id identifier rubyid_ldap'>ldap</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="ldap_open-instance_method">
#<strong>ldap_open</strong>(connect_opts, keep_open: false, &amp;block) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Connect to the target LDAP server using the options provided, and pass the resulting connection object to the proc provided. Terminate the connection once the proc finishes executing unless keep_open` is set to true</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>connect_opts</span>
<span class='type'>(<tt>Hash</tt>)</span>
&mdash;
<div class='inline'>
<p>Options for the LDAP connection.</p>
</div>
</li>
<li>
<span class='name'>keep_open</span>
<span class='type'>(<tt>Boolean</tt>)</span>
<em class="default">(defaults to: <tt>false</tt>)</em>
&mdash;
<div class='inline'>
<p>Keep the connection open or close once the block is finished</p>
</div>
</li>
<li>
<span class='name'>block</span>
<span class='type'>(<tt>Proc</tt>)</span>
&mdash;
<div class='inline'>
<p>A proc containing the functionality to execute after the LDAP connection has succeeded. The connection is closed once this proc finishes executing.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Object</tt>)</span>
&mdash;
<div class='inline'>
<p>The result of whatever the block that was passed in via the "block" parameter yielded.</p>
</div>
</li>
</ul>
<p class="tag_title">See Also:</p>
<ul class="see">
<li>Rex::Proto::LDAP::Client.open</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
149
150
151
152
153
154
155
156</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/ldap.rb', line 149</span>
<span class='kw'>def</span> <span class='id identifier rubyid_ldap_open'>ldap_open</span><span class='lparen'>(</span><span class='id identifier rubyid_connect_opts'>connect_opts</span><span class='comma'>,</span> <span class='label'>keep_open:</span> <span class='kw'>false</span><span class='comma'>,</span> <span class='op'>&amp;</span><span class='id identifier rubyid_block'>block</span><span class='rparen'>)</span>
<span class='id identifier rubyid_opts'>opts</span> <span class='op'>=</span> <span class='id identifier rubyid_resolve_connect_opts'>resolve_connect_opts</span><span class='lparen'>(</span><span class='id identifier rubyid_connect_opts'>connect_opts</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_keep_open'>keep_open</span>
<span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto/LDAP.html" title="Rex::Proto::LDAP (module)">LDAP</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto/LDAP/Client.html" title="Rex::Proto::LDAP::Client (class)">Client</a></span></span><span class='period'>.</span><span class='id identifier rubyid__open'><span class='object_link'><a href="../../../Rex/Proto/LDAP/Client.html#_open-class_method" title="Rex::Proto::LDAP::Client._open (method)">_open</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='comma'>,</span> <span class='op'>&amp;</span><span class='id identifier rubyid_block'>block</span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto/LDAP.html" title="Rex::Proto::LDAP (module)">LDAP</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto/LDAP/Client.html" title="Rex::Proto::LDAP::Client (class)">Client</a></span></span><span class='period'>.</span><span class='id identifier rubyid_open'>open</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='comma'>,</span> <span class='op'>&amp;</span><span class='id identifier rubyid_block'>block</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="peer-instance_method">
#<strong>peer</strong> &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Return the peer as a host:port formatted string.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>A string containing the peer details in RHOST:RPORT format.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
73
74
75</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/ldap.rb', line 73</span>
<span class='kw'>def</span> <span class='id identifier rubyid_peer'>peer</span>
<span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Socket</span><span class='period'>.</span><span class='id identifier rubyid_to_authority'>to_authority</span><span class='lparen'>(</span><span class='id identifier rubyid_rhost'>rhost</span><span class='comma'>,</span> <span class='id identifier rubyid_rport'>rport</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="report_ldap_service-instance_method">
#<strong>report_ldap_service</strong> &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
256
257
258
259
260
261
262
263
264
265
266
267</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/ldap.rb', line 256</span>
<span class='kw'>def</span> <span class='id identifier rubyid_report_ldap_service'>report_ldap_service</span>
<span class='id identifier rubyid_transport_srv'>transport_srv</span> <span class='op'>=</span> <span class='lbrace'>{</span> <span class='label'>name:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>tcp</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='label'>host:</span> <span class='id identifier rubyid_rhost'>rhost</span><span class='comma'>,</span> <span class='label'>port:</span> <span class='id identifier rubyid_rport'>rport</span><span class='comma'>,</span> <span class='label'>proto:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>tcp</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='label'>parents:</span> <span class='kw'>nil</span> <span class='rbrace'>}</span>
<span class='id identifier rubyid_parents'>parents</span> <span class='op'>=</span> <span class='id identifier rubyid_ssl'>ssl</span> <span class='op'>?</span> <span class='lbrace'>{</span> <span class='label'>name:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ssl</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='label'>host:</span> <span class='id identifier rubyid_rhost'>rhost</span><span class='comma'>,</span> <span class='label'>port:</span> <span class='id identifier rubyid_rport'>rport</span><span class='comma'>,</span> <span class='label'>proto:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>tcp</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='label'>parents:</span> <span class='lbracket'>[</span><span class='id identifier rubyid_transport_srv'>transport_srv</span><span class='rbracket'>]</span> <span class='rbrace'>}</span> <span class='op'>:</span> <span class='lbracket'>[</span><span class='id identifier rubyid_transport_srv'>transport_srv</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_report_service'>report_service</span><span class='lparen'>(</span>
<span class='label'>host:</span> <span class='id identifier rubyid_rhost'>rhost</span><span class='comma'>,</span>
<span class='label'>port:</span> <span class='id identifier rubyid_rport'>rport</span><span class='comma'>,</span>
<span class='label'>proto:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>tcp</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='label'>name:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ldap</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='label'>parents:</span> <span class='id identifier rubyid_parents'>parents</span>
<span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="resolve_connect_opts-instance_method">
#<strong>resolve_connect_opts</strong>(connect_opts) &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
159
160
161
162
163
164
165
166
167
168</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/ldap.rb', line 159</span>
<span class='kw'>def</span> <span class='id identifier rubyid_resolve_connect_opts'>resolve_connect_opts</span><span class='lparen'>(</span><span class='id identifier rubyid_connect_opts'>connect_opts</span><span class='rparen'>)</span>
<span class='kw'>return</span> <span class='id identifier rubyid_connect_opts'>connect_opts</span> <span class='kw'>unless</span> <span class='id identifier rubyid_connect_opts'>connect_opts</span><span class='period'>.</span><span class='id identifier rubyid_dig'>dig</span><span class='lparen'>(</span><span class='symbol'>:auth</span><span class='comma'>,</span> <span class='symbol'>:initial_credential</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_is_a?'>is_a?</span><span class='lparen'>(</span><span class='const'>Proc</span><span class='rparen'>)</span>
<span class='id identifier rubyid_opts'>opts</span> <span class='op'>=</span> <span class='id identifier rubyid_connect_opts'>connect_opts</span><span class='period'>.</span><span class='id identifier rubyid_dup'>dup</span>
<span class='comment'># For scenarios such as Kerberos, we might need to make additional calls out to a separate services to acquire an initial credential
</span> <span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:auth</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_merge!'>merge!</span><span class='lparen'>(</span>
<span class='label'>initial_credential:</span> <span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:auth</span><span class='rbracket'>]</span><span class='lbracket'>[</span><span class='symbol'>:initial_credential</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_call'>call</span>
<span class='rparen'>)</span>
<span class='id identifier rubyid_opts'>opts</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="rhost-instance_method">
#<strong>rhost</strong> &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Alias to return the RHOST datastore option.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The current value of RHOST in the datastore.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
53
54
55</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/ldap.rb', line 53</span>
<span class='kw'>def</span> <span class='id identifier rubyid_rhost'>rhost</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>RHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="rport-instance_method">
#<strong>rport</strong> &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Alias to return the RPORT datastore option.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The current value of RPORT in the datastore.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
60
61
62</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/ldap.rb', line 60</span>
<span class='kw'>def</span> <span class='id identifier rubyid_rport'>rport</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>RPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="ssl-instance_method">
#<strong>ssl</strong> &#x21d2; <tt>Object</tt>
<span class="aliases">Also known as:
<span class="names"><span id='ldap_client_ssl-instance_method'>ldap_client_ssl</span></span>
</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
64
65
66</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/ldap.rb', line 64</span>
<span class='kw'>def</span> <span class='id identifier rubyid_ssl'>ssl</span>
<span class='op'>!</span><span class='op'>!</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SSL</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="validate_bind_success!-instance_method">
#<strong>validate_bind_success!</strong>(ldap) &#x21d2; <tt>Nil</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Check whether it was possible to successfully bind to the target LDAP server. Raise a RuntimeException with an appropriate error message if not.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>ldap</span>
<span class='type'>(<tt><span class='object_link'><a href="../../../Rex/Proto/LDAP/Client.html" title="Rex::Proto::LDAP::Client (class)">Rex::Proto::LDAP::Client</a></span></tt>)</span>
&mdash;
<div class='inline'>
<p>The Rex::Proto::LDAP::Client connection handle for the current LDAP connection.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Nil</tt>)</span>
&mdash;
<div class='inline'>
<p>This function does not return any data.</p>
</div>
</li>
</ul>
<p class="tag_title">Raises:</p>
<ul class="raise">
<li>
<span class='type'>(<tt>RuntimeError</tt>)</span>
&mdash;
<div class='inline'>
<p>A RuntimeError will be raised if the LDAP bind request failed.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/ldap.rb', line 223</span>
<span class='kw'>def</span> <span class='id identifier rubyid_validate_bind_success!'>validate_bind_success!</span><span class='lparen'>(</span><span class='id identifier rubyid_ldap'>ldap</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_respond_to?'>respond_to?</span><span class='lparen'>(</span><span class='symbol'>:session</span><span class='rparen'>)</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_session'>session</span>
<span class='id identifier rubyid_vprint_good'>vprint_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Successfully bound to the LDAP server via existing SESSION!</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>return</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_bind_result'>bind_result</span> <span class='op'>=</span> <span class='id identifier rubyid_ldap'>ldap</span><span class='period'>.</span><span class='id identifier rubyid_get_operation_result'>get_operation_result</span><span class='period'>.</span><span class='id identifier rubyid_table'>table</span>
<span class='comment'># Codes taken from https://ldap.com/ldap-result-code-reference-core-ldapv3-result-codes
</span> <span class='kw'>case</span> <span class='id identifier rubyid_bind_result'>bind_result</span><span class='lbracket'>[</span><span class='symbol'>:code</span><span class='rbracket'>]</span>
<span class='kw'>when</span> <span class='int'>0</span>
<span class='id identifier rubyid_vprint_good'>vprint_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Successfully bound to the LDAP server!</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_report_ldap_service'>report_ldap_service</span>
<span class='kw'>when</span> <span class='int'>1</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#NoAccess-constant" title="Msf::Module::Failure::NoAccess (constant)">NoAccess</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>An operational error occurred, perhaps due to lack of authorization. The error was: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_bind_result'>bind_result</span><span class='lbracket'>[</span><span class='symbol'>:error_message</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_strip'>strip</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>7</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#NoTarget-constant" title="Msf::Module::Failure::NoTarget (constant)">NoTarget</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Target does not support the simple authentication mechanism!</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>8</span>
<span class='id identifier rubyid_signing_statement'>signing_statement</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_signing_statement'>signing_statement</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>May require LDAP signing to be enabled (`set LDAP::Signing auto`). </span><span class='tstring_end'>&#39;</span></span> <span class='kw'>unless</span> <span class='qwords_beg'>%w[</span><span class='words_sep'> </span><span class='tstring_content'>auto</span><span class='words_sep'> </span><span class='tstring_content'>required</span><span class='words_sep'> </span><span class='tstring_end'>]</span></span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LDAP::Signing</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#NoTarget-constant" title="Msf::Module::Failure::NoTarget (constant)">NoTarget</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Server requires a stronger form of authentication! </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_signing_statement'>signing_statement</span><span class='embexpr_end'>}</span><span class='tstring_content'>The error was: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_bind_result'>bind_result</span><span class='lbracket'>[</span><span class='symbol'>:error_message</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_strip'>strip</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>14</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#NoTarget-constant" title="Msf::Module::Failure::NoTarget (constant)">NoTarget</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Server requires additional information to complete the bind. Error was: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_bind_result'>bind_result</span><span class='lbracket'>[</span><span class='symbol'>:error_message</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_strip'>strip</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>48</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#NoAccess-constant" title="Msf::Module::Failure::NoAccess (constant)">NoAccess</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Target doesn&#39;t support the requested authentication type we sent. Try binding to the same user without a password, or providing credentials if you were doing anonymous authentication.</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>49</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#NoAccess-constant" title="Msf::Module::Failure::NoAccess (constant)">NoAccess</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Invalid credentials provided!</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#Unknown-constant" title="Msf::Module::Failure::Unknown (constant)">Unknown</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Unknown error occurred whilst binding: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_bind_result'>bind_result</span><span class='lbracket'>[</span><span class='symbol'>:error_message</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_strip'>strip</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="validate_query_result!-instance_method">
#<strong>validate_query_result!</strong>(query_result, filter = nil) &#x21d2; <tt>Nil</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Validate the query result and check whether the query succeeded. Fail with an appropriate error code if the query failed.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>query_result</span>
<span class='type'>(<tt>Hash</tt>)</span>
&mdash;
<div class='inline'>
<p>A hash containing the results of the query as a 'extended_response' representing the extended response, a 'code' with an integer representing the result code, a 'error_message' containing an optional error message as a Net::BER::BerIdentifiedString, a 'matched_dn' containing the matched DN, and a 'message' containing the query result message.</p>
</div>
</li>
<li>
<span class='name'>filter</span>
<span class='type'>(<tt>Rex::Proto::LDAP::Client::Filter</tt>)</span>
<em class="default">(defaults to: <tt>nil</tt>)</em>
&mdash;
<div class='inline'>
<p>A Rex::Proto::LDAP::Client::Filter to use to filter the results of the query.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Nil</tt>)</span>
&mdash;
<div class='inline'>
<p>This function does not return any data.</p>
</div>
</li>
</ul>
<p class="tag_title">Raises:</p>
<ul class="raise">
<li>
<span class='type'>(<tt>RuntimeError</tt>, <tt>ArgumentError</tt>)</span>
&mdash;
<div class='inline'>
<p>A RuntimeError will be raised if the LDAP request failed. Alternatively, if the query_result parameter isn't a hash, then an ArgumentError will be raised.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/ldap.rb', line 285</span>
<span class='kw'>def</span> <span class='id identifier rubyid_validate_query_result!'>validate_query_result!</span><span class='lparen'>(</span><span class='id identifier rubyid_query_result'>query_result</span><span class='comma'>,</span> <span class='id identifier rubyid_filter'>filter</span><span class='op'>=</span><span class='kw'>nil</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_query_result'>query_result</span><span class='period'>.</span><span class='id identifier rubyid_class'>class</span> <span class='op'>!=</span> <span class='const'>Hash</span>
<span class='id identifier rubyid_raise'>raise</span> <span class='const'>ArgumentError</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Parameter to &quot;validate_query_result!&quot; function was not a Hash!</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>end</span>
<span class='comment'># Codes taken from https://ldap.com/ldap-result-code-reference-core-ldapv3-result-codes
</span> <span class='kw'>case</span> <span class='id identifier rubyid_query_result'>query_result</span><span class='lbracket'>[</span><span class='symbol'>:code</span><span class='rbracket'>]</span>
<span class='kw'>when</span> <span class='int'>0</span>
<span class='id identifier rubyid_vprint_status'>vprint_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Successfully queried </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_filter'>filter</span><span class='embexpr_end'>}</span><span class='tstring_content'>.</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='id identifier rubyid_filter'>filter</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>
<span class='kw'>when</span> <span class='int'>1</span>
<span class='comment'># This is unknown as whilst we could fail on lack of authorization, this is not guaranteed with this error code.
</span> <span class='comment'># The user will need to inspect the error message to determine the root cause of the issue.
</span> <span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#Unknown-constant" title="Msf::Module::Failure::Unknown (constant)">Unknown</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>An LDAP operational error occurred. It is likely the client requires authorization! The error was: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_query_result'>query_result</span><span class='lbracket'>[</span><span class='symbol'>:error_message</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_strip'>strip</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>2</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#BadConfig-constant" title="Msf::Module::Failure::BadConfig (constant)">BadConfig</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>The LDAP protocol being used by Metasploit isn&#39;t supported. The error was </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_query_result'>query_result</span><span class='lbracket'>[</span><span class='symbol'>:error_message</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_strip'>strip</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>3</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#TimeoutExpired-constant" title="Msf::Module::Failure::TimeoutExpired (constant)">TimeoutExpired</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The LDAP server returned a timeout response to the query.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>4</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#UnexpectedReply-constant" title="Msf::Module::Failure::UnexpectedReply (constant)">UnexpectedReply</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The LDAP query was determined to result in too many entries for the LDAP server to return.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>11</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#UnexpectedReply-constant" title="Msf::Module::Failure::UnexpectedReply (constant)">UnexpectedReply</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The LDAP server indicated some administrative limit within the server whilst the request was being processed.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>16</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#NotFound-constant" title="Msf::Module::Failure::NotFound (constant)">NotFound</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The LDAP operation failed because the referenced attribute does not exist.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>18</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#BadConfig-constant" title="Msf::Module::Failure::BadConfig (constant)">BadConfig</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The LDAP search failed because some matching is not supported for the target attribute type!</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>19</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#BadConfig-constant" title="Msf::Module::Failure::BadConfig (constant)">BadConfig</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>A constraint on the operation was not satisfied</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>32</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#UnexpectedReply-constant" title="Msf::Module::Failure::UnexpectedReply (constant)">UnexpectedReply</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The LDAP search failed because the operation targeted an entity within the base DN that does not exist.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>33</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#BadConfig-constant" title="Msf::Module::Failure::BadConfig (constant)">BadConfig</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>An attempt was made to dereference an alias that didn&#39;t resolve properly.</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>34</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#BadConfig-constant" title="Msf::Module::Failure::BadConfig (constant)">BadConfig</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The request included an invalid base DN entry.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>50</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#NoAccess-constant" title="Msf::Module::Failure::NoAccess (constant)">NoAccess</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The LDAP operation failed due to insufficient access rights.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>51</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#UnexpectedReply-constant" title="Msf::Module::Failure::UnexpectedReply (constant)">UnexpectedReply</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The LDAP operation failed because the server is too busy to perform the request.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>52</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#UnexpectedReply-constant" title="Msf::Module::Failure::UnexpectedReply (constant)">UnexpectedReply</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The LDAP operation failed because the server is not currently available to process the request.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>53</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#UnexpectedReply-constant" title="Msf::Module::Failure::UnexpectedReply (constant)">UnexpectedReply</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The LDAP operation failed because the server is unwilling to perform the request.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>64</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#Unknown-constant" title="Msf::Module::Failure::Unknown (constant)">Unknown</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The LDAP operation failed due to a naming violation.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='int'>65</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#Unknown-constant" title="Msf::Module::Failure::Unknown (constant)">Unknown</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The LDAP operation failed due to an object class violation.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='kw'>if</span> <span class='id identifier rubyid_query_result'>query_result</span><span class='lbracket'>[</span><span class='symbol'>:error_message</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_blank?'>blank?</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#Unknown-constant" title="Msf::Module::Failure::Unknown (constant)">Unknown</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The LDAP operation failed but no error message was returned!</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Module/Failure.html#Unknown-constant" title="Msf::Module::Failure::Unknown (constant)">Unknown</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>The LDAP operation failed with error: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_query_result'>query_result</span><span class='lbracket'>[</span><span class='symbol'>:error_message</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_strip'>strip</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
</div>
<div id="footer">
Generated on Fri May 8 17:01:30 2026 by
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.37 (ruby-3.1.5).
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink