Re: LDAP scripts

[Patrik Karlsson <patrik () cqure net>]

On 21 jan 2010, at 02.01, Ron wrote:

> On 01/20/2010 04:36 PM, Patrik Karlsson wrote:
> > I've updated the scripts to support SSL and added a ldap-brute script.
> > Due to a number of annoying reasons I didn't get the chance to test the ldap-brute against anything else than my 
> > Active Directory. So if anyone has OpenLdap running and can test it, I would much appreciate to hear of the results.
> >
> > The new scripts are available from here:
> > http://www.cqure.net/wp/nmap-scripts/
> >
> > Don't forget to grab the ldap.lua library as well as it's no longer included in the zip.
> >
> > //Patrik
>
> I haven't looked at your code, but just to be sure -- don't ever assume that you have OpenSSL support in Nmap. Some 
> builds are compiled without it.
Thanks for the heads up. This is how I'm doing it:

        -- first attempt to connect over SSL and then fallback to TCP
        if nmap.have_ssl() then
                status = socket:connect(host.ip, port.number, "ssl")
        
                -- no dice, SSL ain't available
                if not status then
                        try( socket:connect(host.ip, port.number, "tcp") )
                end
        else
                -- no ssl is available in Nmap
                try( socket:connect(host.ip, port.number, "tcp") )
        end

Let me know if there is a better way.

> That was a "lesson learned" for me at one point, because none of my stuff would work on certain builds and that was 
> why.
>
> Ron
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/


//Patrik

--
Patrik Karlsson
http://www.cqure.net




_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/