Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modules enumeration ldap #133

Merged
merged 6 commits into from
Dec 17, 2023
Merged

Modules enumeration ldap #133

merged 6 commits into from
Dec 17, 2023

Conversation

Syzik
Copy link
Contributor

@Syzik Syzik commented Nov 30, 2023

Ldap modules to enumerate userPassword & unixUserPassword attribute

image

NeffIsBack
NeffIsBack reviewed Dec 8, 2023
View reviewed changes
Copy link
Contributor

@NeffIsBack NeffIsBack left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR! Code looks good, i will test them soon

nxc/modules/get-unixUserPassword.py Outdated Show resolved Hide resolved
nxc/modules/get-userPassword.py Outdated Show resolved Hide resolved
@NeffIsBack NeffIsBack added the reviewed code Label for when a static code review was done label Dec 8, 2023
@NeffIsBack
Copy link
Contributor

How did you configure the GOAD Lab to have these attributes set? Any tips, so i can test it properly?

@Syzik
Copy link
Contributor Author

Syzik commented Dec 11, 2023
edited
Loading

How did you configure the GOAD Lab to have these attributes set? Any tips, so i can test it properly?

  1. Connect to DC03 with the domain admin "meereen\daenerys.targaryen" and the password "BurnThemAll!"
  2. Create or choose a user
  3. Then feed the attribute like that

image
image
image

image

  1. Encode a password in hexa :
print('WhatASuperPassword'.encode('utf-8').hex())
  1. Feed the hexa password

image

  1. Repeat the 5. to add multiple userPassword and unixUserPassword. these attributes are arrays.

image

@NeffIsBack
Copy link
Contributor

Awesome, thanks for the detailed guide! I will test it at the weekend

@NeffIsBack NeffIsBack self-assigned this Dec 16, 2023
@NeffIsBack
Copy link
Contributor

NeffIsBack commented Dec 16, 2023
edited
Loading

Working flawlessly on my side. Really cool PR! :)
image

@NeffIsBack
Copy link
Contributor

Gonna reset the lock file tho, or was there a specific reason you updated the packages @Syzik?

@Syzik
Copy link
Contributor Author

Syzik commented Dec 17, 2023

Gonna reset the lock file tho, or was there a specific reason you updated the packages @Syzik?
There is no reason you can delete it ;)

NeffIsBack
NeffIsBack approved these changes Dec 17, 2023
View reviewed changes
Copy link
Contributor

@NeffIsBack NeffIsBack left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@NeffIsBack NeffIsBack merged commit 8899c00 into Pennyw0rth:main Dec 17, 2023
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@NeffIsBack NeffIsBack NeffIsBack approved these changes

@zblurx zblurx Awaiting requested review from zblurx zblurx is a code owner

@Marshall-Hallenbeck Marshall-Hallenbeck Awaiting requested review from Marshall-Hallenbeck Marshall-Hallenbeck is a code owner

@mpgn mpgn Awaiting requested review from mpgn mpgn is a code owner

Assignees

@NeffIsBack NeffIsBack

Labels
new module reviewed code Label for when a static code review was done tested
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Syzik @NeffIsBack