#!/usr/bin/env python # This file is part of Responder # Original work by Laurent Gaffie - Trustwave Holdings # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . import os import struct import core.responder.settings as settings import threading from traceback import print_exc from SocketServer import BaseRequestHandler, ThreadingMixIn, TCPServer from core.responder.packets import LDAPSearchDefaultPacket, LDAPSearchSupportedCapabilitiesPacket, LDAPSearchSupportedMechanismsPacket, LDAPNTLMChallenge from core.responder.utils import * class LDAP: def start(self): try: if OsInterfaceIsSupported(): server = ThreadingTCPServer((settings.Config.Bind_To, 389), LDAPServer) else: server = ThreadingTCPServer(('', 389), LDAPServer) t = threading.Thread(name='LDAP', target=server.serve_forever) t.setDaemon(True) t.start() except Exception as e: print "Error starting LDAP server: {}".format(e) print_exc() class ThreadingTCPServer(ThreadingMixIn, TCPServer): allow_reuse_address = 1 def server_bind(self): if OsInterfaceIsSupported(): try: self.socket.setsockopt(socket.SOL_SOCKET, 25, settings.Config.Bind_To+'\0') except: pass TCPServer.server_bind(self) def ParseSearch(data): Search1 = re.search('(objectClass)', data) Search2 = re.search('(?i)(objectClass0*.*supportedCapabilities)', data) Search3 = re.search('(?i)(objectClass0*.*supportedSASLMechanisms)', data) if Search1: return str(LDAPSearchDefaultPacket(MessageIDASNStr=data[8:9])) if Search2: return str(LDAPSearchSupportedCapabilitiesPacket(MessageIDASNStr=data[8:9],MessageIDASN2Str=data[8:9])) if Search3: return str(LDAPSearchSupportedMechanismsPacket(MessageIDASNStr=data[8:9],MessageIDASN2Str=data[8:9])) def ParseLDAPHash(data, client): SSPIStart = data[42:] LMhashLen = struct.unpack(' 10: LMhashOffset = struct.unpack('i',data[2:6])[0] MessageSequence = struct.unpack('i',data[11:15])[0] LDAPVersion = struct.unpack('