Class: Client

ldap.Client

Client is a client for ldap protocol in nuclei

Example

const ldap = require('nuclei/ldap');
// here ldap.example.com is the ldap server and acme.com is the realm
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');

Example

const ldap = require('nuclei/ldap');
const cfg = new ldap.Config();
cfg.Timeout = 10;
cfg.ServerName = 'ldap.internal.acme.com';
// optional config can be passed as third argument
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com', cfg);

Table of contents

Constructors

Properties

Methods

Constructors

constructor

new Client(ldapUrl, realm, config?): Client

Parameters

NameType
ldapUrlstring
realmstring
config?Config

Returns

Client

Defined in

ldap.ts:198

Properties

BaseDN

Optional BaseDN: string

Defined in

ldap.ts:194

Host

Optional Host: string

Defined in

ldap.ts:182

Port

Optional Port: number

Defined in

ldap.ts:186

Realm

Optional Realm: string

Defined in

ldap.ts:190

config

Optional config: Config

Defined in

ldap.ts:198

ldapUrl

ldapUrl: string

Defined in

ldap.ts:198

realm

realm: string

Defined in

ldap.ts:198

Methods

AdvancedSearch

AdvancedSearch(Scope, TypesOnly, Filter, Attributes, Controls): SearchResult

AdvancedSearch accepts all values of search request type and return Ldap Entry its up to user to handle the response

Parameters

NameType
Scopenumber
TypesOnlyboolean
Filterstring
Attributesstring[]
Controlsany

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const results = client.AdvancedSearch(ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, '(objectClass=*)', ['cn', 'mail'], []);

Defined in

ldap.ts:446

Authenticate

Authenticate(username): boolean

Authenticate authenticates with the ldap server using the given username and password performs NTLMBind first and then Bind/UnauthenticatedBind if NTLMBind fails

Parameters

NameType
usernamestring

Returns

boolean

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.Authenticate('user', 'password');

Defined in

ldap.ts:402

AuthenticateWithNTLMHash

AuthenticateWithNTLMHash(username): boolean

AuthenticateWithNTLMHash authenticates with the ldap server using the given username and NTLM hash

Parameters

NameType
usernamestring

Returns

boolean

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.AuthenticateWithNTLMHash('pdtm', 'hash');

Defined in

ldap.ts:416

Close

Close(): void

close the ldap connection

Returns

void

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.Close();

Defined in

ldap.ts:475

CollectMetadata

CollectMetadata(): Metadata

CollectLdapMetadata collects metadata from ldap server.

Returns

Metadata

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const metadata = client.CollectMetadata();
log(to_json(metadata));

Defined in

ldap.ts:461

FindADObjects

FindADObjects(filter): SearchResult

FindADObjects finds AD objects based on a filter and returns them as a list of ADObject

Parameters

NameType
filterstring

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.FindADObjects(ldap.FilterIsPerson);
log(to_json(users));

Defined in

ldap.ts:212

GetADActiveUsers

GetADActiveUsers(): SearchResult

GetADActiveUsers returns all AD users using FilterIsPerson and FilterAccountEnabled filter query

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADActiveUsers();
log(to_json(users));

Defined in

ldap.ts:244

GetADAdmins

GetADAdmins(): SearchResult

GetADAdmins returns all AD admins using FilterIsPerson, FilterAccountEnabled and FilterIsAdmin filter query

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const admins = client.GetADAdmins();
log(to_json(admins));

Defined in

ldap.ts:340

GetADDCList

GetADDCList(): SearchResult

GetADDCList returns all AD domain controllers using FilterIsComputer, FilterAccountEnabled and FilterServerTrustAccount filter query

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const dcs = client.GetADDCList();
log(to_json(dcs));

Defined in

ldap.ts:324

GetADDomainSID

GetADDomainSID(): string

GetADDomainSID returns the SID of the AD domain

Returns

string

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const domainSID = client.GetADDomainSID();
log(domainSID);

Defined in

ldap.ts:387

GetADGroups

GetADGroups(): SearchResult

GetADGroups returns all AD groups using FilterIsGroup filter query

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const groups = client.GetADGroups();
log(to_json(groups));

Defined in

ldap.ts:308

GetADUserAsRepRoastable

GetADUserAsRepRoastable(): SearchResult

GetADUserAsRepRoastable returns all AD users that are AsRepRoastable using FilterIsPerson, and FilterDontRequirePreauth filter query

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const AsRepRoastable = client.GetADUserAsRepRoastable();
log(to_json(AsRepRoastable));

Defined in

ldap.ts:372

GetADUserKerberoastable

GetADUserKerberoastable(): SearchResult

GetADUserKerberoastable returns all AD users that are kerberoastable using FilterIsPerson, FilterAccountEnabled and FilterHasServicePrincipalName filter query

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const kerberoastable = client.GetADUserKerberoastable();
log(to_json(kerberoastable));

Defined in

ldap.ts:356

GetADUserTrustedForDelegation

GetADUserTrustedForDelegation(): SearchResult

GetADUserTrustedForDelegation returns all AD users that are trusted for delegation using FilterIsPerson and FilterTrustedForDelegation filter query

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserTrustedForDelegation();
log(to_json(users));

Defined in

ldap.ts:276

GetADUserWithNeverExpiringPasswords

GetADUserWithNeverExpiringPasswords(): SearchResult

GetAdUserWithNeverExpiringPasswords returns all AD users using FilterIsPerson and FilterDontExpirePassword filter query

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserWithNeverExpiringPasswords();
log(to_json(users));

Defined in

ldap.ts:260

GetADUserWithPasswordNotRequired

GetADUserWithPasswordNotRequired(): SearchResult

GetADUserWithPasswordNotRequired returns all AD users that do not require a password using FilterIsPerson and FilterPasswordNotRequired filter query

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserWithPasswordNotRequired();
log(to_json(users));

Defined in

ldap.ts:292

GetADUsers

GetADUsers(): SearchResult

GetADUsers returns all AD users using FilterIsPerson filter query

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUsers();
log(to_json(users));

Defined in

ldap.ts:228

Search(filter, attributes): SearchResult

Search accepts whatever filter and returns a list of maps having provided attributes as keys and associated values mirroring the ones returned by ldap

Parameters

NameType
filterstring
attributesany

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const results = client.Search('(objectClass=*)', 'cn', 'mail');

Defined in

ldap.ts:431