Pennyw0rth · NeffIsBack · Dec 26, 2024 · Dec 25, 2024
@@ -49,10 +49,10 @@ def on_login(self, context, connection):
 
         try:
             sc = ldap.SimplePagedResultsControl()
-            base_dn_root = connection.ldapConnection._baseDN if self.base_dn is None else self.base_dn
+            base_dn_root = connection.ldap_connection._baseDN if self.base_dn is None else self.base_dn
 
             if self.server is None:
-                connection.ldapConnection.search(
+                connection.ldap_connection.search(
                     searchFilter=search_filter,
                     attributes=[],
                     sizeLimit=0,
@@ -61,7 +61,7 @@ def on_login(self, context, connection):
                     searchBase="CN=Configuration," + base_dn_root,
                 )
             else:
-                connection.ldapConnection.search(
+                connection.ldap_connection.search(
                     searchFilter=search_filter + base_dn_root + ")",
                     attributes=["certificateTemplates"],
                     sizeLimit=0,

@@ -274,8 +274,8 @@ def on_login(self, context, connection):
         self.context = context
         """On a successful LDAP login we perform a search for the targets' SID, their Security Descriptors and the principal's SID if there is one specified"""
         context.log.highlight("Be careful, this module cannot read the DACLS recursively.")
-        self.baseDN = connection.ldapConnection._baseDN
-        self.ldap_session = connection.ldapConnection
+        self.baseDN = connection.ldap_connection._baseDN
+        self.ldap_session = connection.ldap_connection
 
         # Searching for the principal SID
         if self.principal_sAMAccountName is not None:

@@ -21,7 +21,7 @@ def on_login(self, context, connection):
         attributes = ["flatName", "trustPartner", "trustDirection", "trustAttributes"]
 
         context.log.debug(f"Search Filter={search_filter}")
-        resp = connection.ldapConnection.search(searchFilter=search_filter, attributes=attributes, sizeLimit=0)
+        resp = connection.ldap_connection.search(searchFilter=search_filter, attributes=attributes, sizeLimit=0)
 
         trusts = []
         context.log.debug(f"Total of records returned {len(resp)}")

@@ -39,7 +39,7 @@ def on_login(self, context, connection):
 
         try:
             context.log.debug(f"Search Filter={search_filter}")
-            resp = connection.ldapConnection.search(searchFilter=search_filter, attributes=["dNSHostName", "operatingSystem"], sizeLimit=0)
+            resp = connection.ldap_connection.search(searchFilter=search_filter, attributes=["dNSHostName", "operatingSystem"], sizeLimit=0)
         except LDAPSearchError as e:
             if e.getErrorString().find("sizeLimitExceeded") >= 0:
                 context.log.debug("sizeLimitExceeded exception caught, giving up and processing the data received")

@@ -40,7 +40,7 @@ def on_login(self, context, connection):
 
         try:
             context.log.debug(f"Search Filter={searchFilter}")
-            resp = connection.ldapConnection.search(
+            resp = connection.ldap_connection.search(
                 searchFilter=searchFilter,
                 attributes=["sAMAccountName", "description"],
                 sizeLimit=0,

@@ -121,7 +121,7 @@ def on_login(self, context, connection):
         sfilter = "(DC=*)"
 
         try:
-            list_sites = connection.ldapConnection.search(
+            list_sites = connection.ldap_connection.search(
                 searchBase=search_target,
                 searchFilter=sfilter,
                 attributes=["dnsRecord", "dNSTombstoned", "name"],

@@ -24,7 +24,7 @@ def on_login(self, context, connection):
 
         try:
             context.log.debug(f"Search Filter={searchFilter}")
-            resp = connection.ldapConnection.search(
+            resp = connection.ldap_connection.search(
                 searchFilter=searchFilter,
                 attributes=["sAMAccountName", "unixUserPassword"],
                 sizeLimit=0,

@@ -24,7 +24,7 @@ def on_login(self, context, connection):
 
         try:
             context.log.debug(f"Search Filter={searchFilter}")
-            resp = connection.ldapConnection.search(
+            resp = connection.ldap_connection.search(
                 searchFilter=searchFilter,
                 attributes=["sAMAccountName", "userPassword"],
                 sizeLimit=0,

@@ -68,7 +68,7 @@ def on_login(self, context, connection):
 def do_search(self, context, connection, searchFilter, attributeName):
     try:
         context.log.debug(f"Search Filter={searchFilter}")
-        resp = connection.ldapConnection.search(searchFilter=searchFilter, attributes=[attributeName], sizeLimit=0)
+        resp = connection.ldap_connection.search(searchFilter=searchFilter, attributes=[attributeName], sizeLimit=0)
         context.log.debug(f"Total number of records returned {len(resp)}")
         for item in resp:
             if isinstance(item, ldapasn1_impacket.SearchResultEntry) is not True:

@@ -37,7 +37,7 @@ def on_login(self, context, connection):
 
         try:
             context.log.debug(f"Search Filter={searchFilter}")
-            resp = connection.ldapConnection.search(
+            resp = connection.ldap_connection.search(
                 searchFilter=searchFilter,
                 attributes=["memberOf", "primaryGroupID"],
                 sizeLimit=0,

@@ -40,7 +40,7 @@ def on_login(self, context, connection):
 
         try:
             context.log.debug(f"Search Filter={search_filter}")
-            resp = connection.ldapConnection.search(searchFilter=search_filter, attributes=attributes, sizeLimit=0)
+            resp = connection.ldap_connection.search(searchFilter=search_filter, attributes=attributes, sizeLimit=0)
         except Exception:
             context.log.error("LDAP search error:", exc_info=True)
             return False

@@ -24,7 +24,7 @@ def options(self, context, module_options):
 
     def on_login(self, context, connection):
         try:
-            ldap_connection = connection.ldapConnection
+            ldap_connection = connection.ldap_connection
 
             # Define the search filter for pre-created computer accounts
             search_filter = "(&(objectClass=computer)(userAccountControl=4128))"

@@ -24,7 +24,7 @@ def options(self, context, module_options):
     def on_login(self, context, connection):
         # Are there even any FGPPs?
         context.log.success("Attempting to enumerate policies...")
-        resp = connection.ldapConnection.search(searchBase=f"CN=Password Settings Container,CN=System,{''.join([f'DC={dc},' for dc in connection.domain.split('.')]).rstrip(',')}", searchFilter="(objectclass=*)")
+        resp = connection.ldap_connection.search(searchBase=f"CN=Password Settings Container,CN=System,{''.join([f'DC={dc},' for dc in connection.domain.split('.')]).rstrip(',')}", searchFilter="(objectclass=*)")
         if len(resp) > 1:
             context.log.highlight(f"{len(resp) - 1} PSO Objects found!")
             context.log.highlight("")

@@ -49,7 +49,7 @@ def on_login(self, context, connection):
         """On a successful LDAP login we perform a search for all PKI Enrollment Server or Certificate Templates Names."""
         self.context = context
         self.connection = connection
-        self.base_dn = connection.ldapConnection._baseDN if not self.base_dn else self.base_dn
+        self.base_dn = connection.ldap_connection._baseDN if not self.base_dn else self.base_dn
         self.sc = ldap.SimplePagedResultsControl()
 
         # Basic SCCM enumeration
@@ -58,7 +58,7 @@ def on_login(self, context, connection):
             search_filter = f"(distinguishedName=CN=System Management,CN=System,{self.base_dn})"
             controls = security_descriptor_control(sdflags=0x04)
             context.log.display(f"Looking for the SCCM container with filter: '{search_filter}'")
-            result = connection.ldapConnection.search(
+            result = connection.ldap_connection.search(
                 searchFilter=search_filter,
                 attributes=["nTSecurityDescriptor"],
                 sizeLimit=0,
@@ -129,7 +129,7 @@ def get_sccm_named_objects(self, context, connection):
         try:
             yoinkers = "(|(samaccountname=*sccm*)(samaccountname=*mecm*)(description=*sccm*)(description=*mecm*)(name=*sccm*)(name=*mecm*))"
             context.log.display("Searching for SCCM related objects")
-            result = connection.ldapConnection.search(
+            result = connection.ldap_connection.search(
                 searchFilter=yoinkers,
                 searchBase=self.base_dn,
                 attributes=["sAMAccountName", "distinguishedName", "sAMAccountType"],
@@ -157,7 +157,7 @@ def resolve_recursive(self, dn):
         try:
             self.context.log.debug(f"Resolving group members recursively for {dn}")
             # Somehow BaseDN is not working together with the LDAP_MATCHING_RULE_IN_CHAIN
-            result = self.connection.ldapConnection.search(
+            result = self.connection.ldap_connection.search(
                 searchFilter=f"(memberOf:{LDAP_MATCHING_RULE_IN_CHAIN}:={dn})",
                 attributes=["sAMAccountName", "distinguishedName", "sAMAccountType"],
             )
@@ -176,7 +176,7 @@ def resolve_recursive(self, dn):
     def get_management_points(self):
         """Searches for all SCCM management points in the Active Directory and maps them to their SCCM site via the site code."""
         try:
-            response = self.connection.ldapConnection.search(
+            response = self.connection.ldap_connection.search(
                 searchBase=self.base_dn,
                 searchFilter="(objectClass=mSSMSManagementPoint)",
                 attributes=["cn", "dNSHostName", "mSSMSDefaultMP", "mSSMSSiteCode"],
@@ -199,7 +199,7 @@ def get_management_points(self):
     def get_sites(self):
         """Searches for all SCCM sites in the Active Directory, sorted by site code."""
         try:
-            response = self.connection.ldapConnection.search(
+            response = self.connection.ldap_connection.search(
                 searchBase=self.base_dn,
                 searchFilter="(objectClass=mSSMSSite)",
                 attributes=["cn", "mSSMSSiteCode", "mSSMSAssignmentSiteCode"],
@@ -244,7 +244,7 @@ def resolve_SID(self, sid):
         """Tries to resolve a SID and add the dNSHostName to the sccm site list."""
         try:
             self.context.log.debug(f"Resolving SID: {sid}")
-            result = self.connection.ldapConnection.search(
+            result = self.connection.ldap_connection.search(
                 searchBase=self.base_dn,
                 searchFilter=f"(objectSid={sid})",
                 attributes=["sAMAccountName", "sAMAccountType", "member", "dNSHostName"],
@@ -277,7 +277,7 @@ def resolve_SID(self, sid):
 
     def dn_to_sid(self, dn) -> str:
         """Tries to resolve a DN to a SID."""
-        result = self.connection.ldapConnection.search(
+        result = self.connection.ldap_connection.search(
             searchBase=self.base_dn,
             searchFilter=f"(distinguishedName={dn})",
             attributes=["sAMAccountName", "objectSid"],

@@ -42,12 +42,12 @@ def options(self, context, module_options):
     multiple_hosts = False
 
     def on_login(self, context, connection):
-        dn = connection.ldapConnection._baseDN if self.base_dn is None else self.base_dn
+        dn = connection.ldap_connection._baseDN if self.base_dn is None else self.base_dn
 
         context.log.display("Getting the Sites and Subnets from domain")
 
         try:
-            list_sites = connection.ldapConnection.search(
+            list_sites = connection.ldap_connection.search(
                 searchBase=f"CN=Configuration,{dn}",
                 searchFilter="(objectClass=site)",
                 attributes=["distinguishedName", "name", "description"],
@@ -68,7 +68,7 @@ def on_login(self, context, connection):
                 site_description = site["description"]
 
             # Getting subnets of this site
-            list_subnets = connection.ldapConnection.search(
+            list_subnets = connection.ldap_connection.search(
                 searchBase=f"CN=Sites,CN=Configuration,{dn}",
                 searchFilter=f"(siteObject={site_dn})",
                 attributes=["distinguishedName", "name"],
@@ -86,7 +86,7 @@ def on_login(self, context, connection):
 
                     if self.showservers:
                         # Getting machines in these subnets
-                        list_servers = connection.ldapConnection.search(
+                        list_servers = connection.ldap_connection.search(
                             searchBase=site_dn,
                             searchFilter="(objectClass=server)",
                             attributes=["cn"],

@@ -76,7 +76,7 @@ def on_login(self, context, connection):
 
         try:
             sc = ldap.SimplePagedResultsControl()
-            connection.ldapConnection.search(
+            connection.ldap_connection.search(
                 searchFilter=self.search_filter,
                 attributes=["sAMAccountName", "description"],
                 sizeLimit=0,

@@ -17,13 +17,13 @@ def options(self, context, module_options):
             self.username = module_options["USER"]
 
     def on_login(self, context, connection):
-        searchBase = connection.ldapConnection._baseDN
+        searchBase = connection.ldap_connection._baseDN
         searchFilter = f"(sAMAccountName={connection.username})" if self.username is None else f"(sAMAccountName={format(self.username)})"
 
         context.log.debug(f"Using naming context: {searchBase} and {searchFilter} as search filter")
 
         # Get attributes of provided user
-        r = connection.ldapConnection.search(
+        r = connection.ldap_connection.search(
             searchBase=searchBase,
             searchFilter=searchFilter,
             attributes=[