Penetration Testing mailing list archives
Re: [PEN-TEST] Ldap Server on Windows NT 4.0
From: Sacha Faust <sfaust () ITEMUS COM>
Date: Mon, 26 Mar 2001 10:29:23 -0500
I am currently working on some LDAP security tools. One of them will soon be available on : http://ldapminer.sourceforge.net Here is a output of the tools againts a Netscape Directory Server on Nt 4.0 : checking if server is alive Connected to : 10.1.10.80 server type is : netscape Netscape Checks enabled Netscape Admin server checks ============================ Netscape Admin server port is : 33042 Netscape Admin server ip is : 10.1.10.80 Netscape Admin server host allow rules: 1. *.msp.com Netscape Admin server users : uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot Netscape Admin server build number : 2000.180.0437 Netscape server checks ============================ Netscape version : 4.12 Netscape build number : 00.195.0645 Netscape operating system : Windows NT4.0 (Build 1381) Netscape cpu architecture : Intel Netscape security build type : domestic Netscape base checks ============================ Netscape users o=msp.com: uid=sacha,ou=People, o=msp.com uid=iportal,ou=People, o=msp.com uid=tarantella,ou=People, o=msp.com uid=xappserv,ou=People, o=msp.com uid=register,ou=People, o=msp.com uid=Administrator,ou=People, o=msp.com o=NetscapeRoot: uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot Netscape groups : o=msp.com: ou=Directory Administrators, o=msp.com cn=Accounting Managers,ou=groups,o=msp.com cn=HR Managers,ou=groups,o=msp.com cn=QA Managers,ou=groups,o=msp.com cn=PD Managers,ou=groups,o=msp.com cn=servers,ou=Groups, o=msp.com user[0] : uid=iportal,ou=People, o=msp.com user[1] : uid=tarantella,ou=People, o=msp.com user[2] : uid=xappserv,ou=People, o=msp.com cn=Users-3fourteen.com,ou=Groups, o=msp.com o=NetscapeRoot: cn=Configuration Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot user[0] : uid=admin,ou=Administrators, ou=TopologyManagement, o=NetscapeRoot cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot user[0] : cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot user[0] : cn=Netscape Directory Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot user[1] : cn=Netscape Administration Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot cn=Netscape Directory Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot user[0] : cn=slapd-ldap, cn=Netscape Directory Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot cn=slapd-ldap, cn=Netscape Directory Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot user[0] : cn=slapd-ldap, cn=Netscape Directory Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot user[1] : cn=admin-serv-ldap, cn=Netscape Administration Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot cn=Netscape Administration Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot user[0] : cn=admin-serv-ldap, cn=Netscape Administration Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot cn=admin-serv-ldap, cn=Netscape Administration Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot user[0] : cn=admin-serv-ldap, cn=Netscape Administration Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot Netscape ACL : dn : o=msp.com (targetattr = "*")(version 3.0; acl "Configuration Adminstrator"; allow (all) userdn = "ldap:///uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot";) (targetattr ="*")(version 3.0;acl "Configuration Administrators Group";allow (all) (groupdn = "ldap:///cn=Configuration Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot");) (targetattr ="*")(version 3.0;acl "Directory Administrators Group";allow (all) (groupdn = "ldap:///ou=Directory Administrators, o=msp.com");) (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all)groupdn = "ldap:///cn=slapd-ldap, cn=Netscape Directory Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot";) dn : ou=People, o=msp.com (targetattr ="userpassword || telephonenumber || facsimiletelephonenumber")(version 3.0;acl "Allow self entry modification";allow (write)(userdn = "ldap:///self");) (target="ldap:///ou=People, o=msp.com")(targetattr="*")(version 3.0; acl "Server Access"; allow (compare,read,search) groupdn = "ldap:///cn=servers,ou=groups,o=msp.com"; ) (target="ldap:///ou=People, o=msp.com")(targetattr="*")(version 3.0; acl "Registration Server Access"; allow (write, add) userdn = "ldap:///uid=register,ou=people,o=msp.com"; ) dn : o=NetscapeRoot (targetattr="*")(version 3.0; acl "Enable Configuration Administrator Group modification"; allow (all) groupdn = "ldap:///cn=Configuration Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot";) dn : ou=TopologyManagement, o=NetscapeRoot (targetattr!=userpassword)(version 3.0; acl "Default user access"; allow (read,search) userdn="ldap:///all";) dn : ou=Global Preferences, ou=msp.com, o=NetscapeRoot (targetattr=*)(version 3.0; acl "Enable user access"; allow(read,search) userdn="ldap:///all";) dn : cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot (targetattr=*)(version 3.0; acl "Enable delegated access"; allow (read,search,compare) userdn="ldap:///cn=admin-serv-ldap, cn=Netscape Administration Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot";) dn : cn=slapd-ldap, cn=Netscape Directory Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot (targetattr=*)(version 3.0; acl "Enable delegated access"; allow (read, search, compare) groupdn="ldap:///cn=slapd-ldap, cn=Netscape Directory Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot";) (targetattr="uniquemember || serverProductName || administratorContactInfo || userpassword || description")(targetfilter=(objectclass=netscapeServer))(version 3.0; acl "Enable access delegation"; allow (write) groupdn="ldap:///cn=slapd-ldap, cn=Netscape Directory Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot";) dn : cn=configuration,cn=slapd-ldap, cn=Netscape Directory Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot (targetattr=*)(version 3.0; acl "Enable Server configuration"; allow (all) groupdn="ldap:///cn=slapd-ldap, cn=Netscape Directory Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot";) dn : cn=admin-serv-ldap, cn=Netscape Administration Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot (targetattr=*)(version 3.0; acl "Enable delegated access"; allow (read, search, compare) groupdn="ldap:///cn=admin-serv-ldap, cn=Netscape Administration Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot";) (targetattr="uniquemember || serverProductName || administratorContactInfo || userpassword || description")(targetfilter=(objectclass=netscapeServer))(version 3.0; acl "Enable access delegation"; allow (write) groupdn="ldap:///cn=admin-serv-ldap, cn=Netscape Administration Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot";) dn : cn=configuration,cn=admin-serv-ldap, cn=Netscape Administration Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot (targetattr=*)(version 3.0; acl "Enable delegated admin to access configuration"; allow (read,search) groupdn="ldap:///cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot";) (targetattr=*)(version 3.0; acl "Enable Server configuration"; allow (all) groupdn="ldap:///cn=admin-serv-ldap, cn=Netscape Administration Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot";) dn : ou=UserPreferences, ou=msp.com, o=NetscapeRoot (targetattr = "*")(version 3.0; acl "Allow saving of User Preferences"; allow (add) userdn = "ldap:///all";) dn : ou="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=msp.com, o=NetscapeRoot (targetattr=*)(version 3.0; acl "UserDNControl"; allow (all) userdnattr="creatorsname";) dn : ou="cn=admin-serv-ldap, cn=Netscape Administration Server, cn=Server Group, cn=ldap.msp.com, ou=msp.com, o=NetscapeRoot",ou=UserPreferences, ou=msp.com, o=NetscapeRoot (targetattr=*)(version 3.0; acl "UserDNControl"; allow (all) userdnattr="creatorsname";) more stuff ..... -----Original Message----- From: Fabio Pietrosanti (naif) [mailto:naif () INET IT] Sent: Friday, March 23, 2001 12:03 PM To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] Ldap Server on Windows NT 4.0 Using OpenLdap client under Linux, what can i do on a Windows NT Server with LDAP port open? I never used ldap before, i know only that it's a directory server, but i think that usefull information could be retrived from nt ldap server... any advice? -- Pietrosanti Fabio I.NET SpA, High Quality Access to the Internet e-mail: naif () inet it ( Direzione Tecnica, Security Staff ) firewall () inet it PGP Key (DSS) http://naif.itapac.net/naif.asc Home Page URL: http://www.inet.it Sede: Via Darwin, 85 20019 Settimo Milanese (MI) Tel: 02-328631 Fax: 02-328637701 -- Free advertising: www.openbsd.org - Multiplatform Ultra-secure OS
Current thread:
- [PEN-TEST] Ldap Server on Windows NT 4.0 Fabio Pietrosanti (naif) (Mar 23)
- Re: [PEN-TEST] Ldap Server on Windows NT 4.0 Javier Fernandez-Sanguino Peña (Mar 26)
- <Possible follow-ups>
- Re: [PEN-TEST] Ldap Server on Windows NT 4.0 Sacha Faust (Mar 26)