[NSE] ldap-search.nse - added ability to perform custom searches

[Tom Sellers <nmap () fadedcode net>]

All,


        I have just committed the following changes:


ldap.lua - Added support for LDAP substring searches.  These can now be performed alone or in conjunction with other 
LDAP query types.
The change allows the programmatic equivalent of LDAP searches such as (operatingSystem=Windows*Server*).


ldap-search.nse - Added a new quick filter named 'custom'.  This filter allows the user to specify, on the command 
line, an attribute and corresponding
value to search the LDAP directory for.  The use of the asterisk '*' as a wildcard is permitted in the value parameter. 
 This should provide
a bit more flexibility when searching LDAP via nmap.  Unfortunately only one attribute/value pair is supported at this 
time.

nmap -p 389 --script ldap-search --script-args
'ldap.username="cn=ldaptest,cn=users,dc=BigMos,dc=net",ldap.password="ldaptest",ldap.qfilter=custom,ldap.searchattrib="operatingSystem",ldap.searchvalue="Windows*Server*",ldap.attrib={operatingSystem,whencreated,OperatingSystemServicePack}'
<host>


Unfortunately I have only been able to test these changes with Windows.  Any additional testing, particularly against 
non-Windows LDAP
implementations would be greatly appreciated.

Thanks much,

Tom
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/