LDAP library and scripts

[Patrik Karlsson <patrik () cqure net>]

Hi all,

I just finished some LDAP code that allow nmap to search an LDAP directory.
The code has been split up into two libraries (ldap.lua and asn1.lua) where asn1 is largely ripped from snmp.lua and 
contains the ASN1 encoding code. The reason for this is that it needed a few LDAP adaptions and it felt awkward placing 
them in the snmp library.

I have written two scripts that make use of the library:
* ldap-get-baseobject.nse - retrieves the baseobject and prints the attributes
* ldap-search.nse - provides simple search functionality against the LDAP directory

The library currently supports the LDAP operations SearchRequest, BindRequest and UnbindRequest. It also parses the 
response received from these operations. The LDAP library also has some code that does  formatting of the response into 
tables suitable for the stdnse.format_output function. The library still has the following shortcomings (in my opinion):

* At the moment it only supports simple bind but I'm looking into the possibility of implementing other mechanisms too.

* The library lacks filter parsing support. That said, it supports filters, but they need to be supplied using tables 
rather than their textual representation as described in RFC 2254. Whether this will change in the future or not 
depends on the need and the efforts needed to implement it.

* SSL is currently not supported mainly because I didn't have an SSL enabled LDAP server running, I'm guessing it's a 
quite small change to make it working once I do. I'll try to get to this in a near future.

* Parsing of some attributes returned by AD fails and returns a blob of hex characters. I need to look into this and 
find some supporting documentation on how they should be decoded.

* There's an annoying bug (probably me doing stuff the wrong way) that breaks indentation when using the format_output 
function for tables having a single element. The current (ugly) workaround is simply adding an empty element adding an 
extra empty row (but correctly) indented in the result.

Despite these shortcomings I'm releasing a first version of the library and scripts. The scripts have undergone limited 
testing against both OpenLDAP and ActiveDirectory.

A zip file containing both libraries and scripts are available from my blog:
http://www.cqure.net/wp/nmap-scripts/

All feedback (good and bad) is welcome. Let me know of any other bugs or shortcomings you may encounter.

//Patrik
--
Patrik Karlsson
http://www.cqure.net




_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/