1. Advisor
  2. msldap
  3. msldap code examples
View all msldap analysis

How to use msldap - 10 common examples

To help you get started, we’ve selected a few msldap examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github skelsec / kerberoast / kerberoast / kerberoast.py View on Github external
auto_group.add_argument('dc_ip', help='Target domain controller')
	auto_group.add_argument('-o','--out-file',  help='Output file base name, if omitted will print results to STDOUT')
	auto_group.add_argument('-e','--etype', default=23, const=23, nargs='?', choices= [23, 17, 18], type=int, help = 'Set preferred encryption type')


	args = parser.parse_args()

	if args.verbose == 0:
		logging.basicConfig(level=logging.INFO)
		kerblogger.setLevel(logging.WARNING)
		msldaplogger.setLevel(logging.WARNING)
		
	elif args.verbose == 1:
		logging.basicConfig(level=logging.DEBUG)
		kerblogger.setLevel(logging.INFO)
		msldaplogger.setLevel(logging.INFO)
		
	else:
		logging.basicConfig(level=1)
		kerblogger.setLevel(logging.DEBUG)
		msldaplogger.setLevel(logging.DEBUG)
	
	asyncio.run(amain(args))
github skelsec / kerberoast / kerberoast / kerberoast.py View on Github external
tgs_group.add_argument('spn',  help='SPN strong of the service to get TGS for. Expected format: /')
	tgs_group.add_argument('out_file',  help='Output CCACHE file')
	

	auto_group = subparsers.add_parser('auto', help='Just get the tickets already. Only works on windows under any domain-user context')
	auto_group.add_argument('dc_ip', help='Target domain controller')
	auto_group.add_argument('-o','--out-file',  help='Output file base name, if omitted will print results to STDOUT')
	auto_group.add_argument('-e','--etype', default=23, const=23, nargs='?', choices= [23, 17, 18], type=int, help = 'Set preferred encryption type')


	args = parser.parse_args()

	if args.verbose == 0:
		logging.basicConfig(level=logging.INFO)
		kerblogger.setLevel(logging.WARNING)
		msldaplogger.setLevel(logging.WARNING)
		
	elif args.verbose == 1:
		logging.basicConfig(level=logging.DEBUG)
		kerblogger.setLevel(logging.INFO)
		msldaplogger.setLevel(logging.INFO)
		
	else:
		logging.basicConfig(level=1)
		kerblogger.setLevel(logging.DEBUG)
		msldaplogger.setLevel(logging.DEBUG)
	
	asyncio.run(amain(args))
github skelsec / kerberoast / kerberoast / kerberoast.py View on Github external
args = parser.parse_args()

	if args.verbose == 0:
		logging.basicConfig(level=logging.INFO)
		kerblogger.setLevel(logging.WARNING)
		msldaplogger.setLevel(logging.WARNING)
		
	elif args.verbose == 1:
		logging.basicConfig(level=logging.DEBUG)
		kerblogger.setLevel(logging.INFO)
		msldaplogger.setLevel(logging.INFO)
		
	else:
		logging.basicConfig(level=1)
		kerblogger.setLevel(logging.DEBUG)
		msldaplogger.setLevel(logging.DEBUG)
	
	asyncio.run(amain(args))
github skelsec / pypykatz / pypykatz / ldap / cmdhelper.py View on Github external
def run_live(self, args):
		from msldap.core import MSLDAPCredential, MSLDAPTarget, MSLDAPConnection
		from msldap.ldap_objects import MSADUser
		from msldap import logger as msldaplogger
		from pypykatz.commons.winapi.machine import LiveMachine
		
		machine = LiveMachine()
	
		if args.credential:
			creds = MSLDAPCredential.from_connection_string(args.credential)
		else:
			creds = MSLDAPCredential.get_dummy_sspi()
		
		if args.dc_ip:
			target = MSLDAPTarget(args.dc_ip)
		else:
			target = MSLDAPTarget(machine.get_domain())
			
		connection = MSLDAPConnection(creds, target)
		connection.connect()
		
		try:
			adinfo = connection.get_ad_info()
			domain = adinfo.distinguishedName.replace('DC=','').replace(',','.')
		except Exception as e:
			logging.warning('[LDAP] Failed to get domain name from LDAP server. This is not normal, but happens. Reason: %s' % e)
			domain = machine.get_domain()
		
		if args.cmd == 'spn':
			logging.debug('Enumerating SPN user accounts...')
			cnt = 0
github skelsec / pypykatz / pypykatz / ldap / cmdhelper.py View on Github external
from msldap.core import MSLDAPCredential, MSLDAPTarget, MSLDAPConnection
		from msldap.ldap_objects import MSADUser
		from msldap import logger as msldaplogger
		from pypykatz.commons.winapi.machine import LiveMachine
		
		machine = LiveMachine()
	
		if args.credential:
			creds = MSLDAPCredential.from_connection_string(args.credential)
		else:
			creds = MSLDAPCredential.get_dummy_sspi()
		
		if args.dc_ip:
			target = MSLDAPTarget(args.dc_ip)
		else:
			target = MSLDAPTarget(machine.get_domain())
			
		connection = MSLDAPConnection(creds, target)
		connection.connect()
		
		try:
			adinfo = connection.get_ad_info()
			domain = adinfo.distinguishedName.replace('DC=','').replace(',','.')
		except Exception as e:
			logging.warning('[LDAP] Failed to get domain name from LDAP server. This is not normal, but happens. Reason: %s' % e)
			domain = machine.get_domain()
		
		if args.cmd == 'spn':
			logging.debug('Enumerating SPN user accounts...')
			cnt = 0
			if args.out_file:
				with open(os.path.join(basefolder,basefile+'_spn_users.txt'), 'w', newline='') as f:
github skelsec / kerberoast / kerberoast / kerberoast.py View on Github external
async def run_auto():
	try:
		if platform.system() != 'Windows':
			print('[-]This command only works on Windows!')
			return
		try:
			from winsspi.sspi import KerberoastSSPI
		except ImportError:
			raise Exception('winsspi module not installed!')

		from winacl.functions.highlevel import get_logon_info
		
		logon = get_logon_info()
		domain = logon['domain']
		url = 'ldap+sspi-ntlm://%s' % logon['logonserver']
		msldap_url = MSLDAPURLDecoder(url)
		client = msldap_url.get_client()
		_, err = await client.connect()
		if err is not None:
			raise err

		domain = client._ldapinfo.distinguishedName.replace('DC=','').replace(',','.')
		spn_users = []
		asrep_users = []
		errors = []
		results = []
		spn_cnt = 0
		asrep_cnt = 0
		async for user, err in client.get_all_knoreq_users():
			if err is not None:
				raise err
			cred = KerberosCredential()
github skelsec / kerberoast / kerberoast / kerberoast.py View on Github external
print(thash)
		
		for err in errors:
			print('Failed to get ticket for %s. Reason: %s' % (err[0], err[1]))

		logging.info('SSPI based Kerberoast complete')

	elif args.command == 'spnroast-multiplexor':
		#hiding the import so it's not necessary to install multiplexor
		await spnmultiplexor(args)

	elif args.command == 'auto':
		await run_auto()
		
	elif args.command == 'ldap':
		ldap_url = MSLDAPURLDecoder(args.ldap_url)
		client = ldap_url.get_client()
		_, err = await client.connect()
		if err is not None:
			raise err

		domain = client._ldapinfo.distinguishedName.replace('DC=','').replace(',','.')

		if args.out_file:
			basefolder = ntpath.dirname(args.out_file)
			basefile = ntpath.basename(args.out_file)

		if args.type in ['spn','all']:
			logging.debug('Enumerating SPN user accounts...')
			cnt = 0
			if args.out_file:
				with open(os.path.join(basefolder,basefile+'_spn_users.txt'), 'w', newline='') as f:
github skelsec / kerberoast / kerberoast / kerberoast.py View on Github external
if platform.system().upper() == 'WINDOWS' and len(sys.argv) == 1:
		#auto start on double click with default settings
		asyncio.run(run_auto())
		return

	import argparse

	parser = argparse.ArgumentParser(description='Tool to perform verious kerberos security tests', formatter_class=argparse.RawDescriptionHelpFormatter, epilog = kerberoast_epilog)
	parser.add_argument('-v', '--verbose', action='count', default=0, help='Increase verbosity, can be stacked')


	subparsers = parser.add_subparsers(help = 'commands')
	subparsers.required = True
	subparsers.dest = 'command'

	ldap_group = subparsers.add_parser('ldap', formatter_class=argparse.RawDescriptionHelpFormatter, help='Enumerate potentially vulnerable users via LDAP', epilog = MSLDAPURLDecoder.help_epilog)
	ldap_group.add_argument('type', choices=['spn', 'asrep', 'full','custom', 'all'], help='type of vulnerable users to enumerate')
	ldap_group.add_argument('ldap_url',  help='LDAP connection URL')
	ldap_group.add_argument('-o','--out-file',  help='Output file base name, if omitted will print results to STDOUT')
	ldap_group.add_argument('-f','--filter',  help='CUSTOM mode only. LDAP search filter')
	ldap_group.add_argument('-a','--attrs', action='append', help='FULL and CUSTOM mode only. LDAP attributes to display')

	brute_group = subparsers.add_parser('brute', help='Enumerate users via brute-forcing kerberos service')
	brute_group.add_argument('realm', help='Kerberos realm ')
	brute_group.add_argument('address', help='Address of the DC')
	brute_group.add_argument('targets', help='File with a list of usernames to enumerate, one user per line')
	brute_group.add_argument('-o','--out-file',  help='Output file base name, if omitted will print results to STDOUT')

	asreproast_group = subparsers.add_parser('asreproast', help='Perform asrep roasting')
	asreproast_group.add_argument('address', help='Address of the DC')
	asreproast_group.add_argument('-t','--targets', help='File with a list of usernames to roast, one user per line')
	asreproast_group.add_argument('-r','--realm', help='Kerberos realm  This overrides realm specification got from the target file, if any')
github skelsec / pypykatz / pypykatz / ldap / cmdhelper.py View on Github external
from msldap import logger as msldaplogger
		from pypykatz.commons.winapi.machine import LiveMachine
		
		machine = LiveMachine()
	
		if args.credential:
			creds = MSLDAPCredential.from_connection_string(args.credential)
		else:
			creds = MSLDAPCredential.get_dummy_sspi()
		
		if args.dc_ip:
			target = MSLDAPTarget(args.dc_ip)
		else:
			target = MSLDAPTarget(machine.get_domain())
			
		connection = MSLDAPConnection(creds, target)
		connection.connect()
		
		try:
			adinfo = connection.get_ad_info()
			domain = adinfo.distinguishedName.replace('DC=','').replace(',','.')
		except Exception as e:
			logging.warning('[LDAP] Failed to get domain name from LDAP server. This is not normal, but happens. Reason: %s' % e)
			domain = machine.get_domain()
		
		if args.cmd == 'spn':
			logging.debug('Enumerating SPN user accounts...')
			cnt = 0
			if args.out_file:
				with open(os.path.join(basefolder,basefile+'_spn_users.txt'), 'w', newline='') as f:
					for user in connection.get_all_service_user_objects():
						cnt += 1
github skelsec / pypykatz / pypykatz / ldap / cmdhelper.py View on Github external
def run(self, args):
		from msldap.core import MSLDAPCredential, MSLDAPTarget, MSLDAPConnection
		from msldap.ldap_objects import MSADUser
		from msldap import logger as msldaplogger
		
		if not args.credential:
			raise Exception('You must provide credentials when using ldap in platform independent mode.')
			
		creds = MSLDAPCredential.from_connection_string(args.credential)
		target = MSLDAPTarget.from_connection_string(args.credential)
			
		connection = MSLDAPConnection(creds, target)
		connection.connect()
		
		try:
			adinfo = connection.get_ad_info()
			domain = adinfo.distinguishedName.replace('DC=','').replace(',','.')
		except Exception as e:
			logging.warning('[LDAP] Failed to get domain name from LDAP server. This is not normal, but happens. Reason: %s' % e)
			domain = machine.get_domain()
		
		if args.cmd == 'spn':
			logging.debug('Enumerating SPN user accounts...')
			cnt = 0
			if args.out_file:
				with open(os.path.join(basefolder,basefile+'_spn_users.txt'), 'w', newline='') as f:
					for user in connection.get_all_service_user_objects():
						cnt += 1

msldap

Python library to play with MS LDAP

GitHub
MIT
Latest version published 2 months ago

Package Health Score

70 / 100
Full package analysis

Popular msldap functions

Similar packages