​

Class: Client

ldap.Client

Client is a client for ldap protocol in nuclei

Example

const ldap = require('nuclei/ldap');
// here ldap.example.com is the ldap server and acme.com is the realm
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');

Example

const ldap = require('nuclei/ldap');
const cfg = new ldap.Config();
cfg.Timeout = 10;
cfg.ServerName = 'ldap.internal.acme.com';
// optional config can be passed as third argument
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com', cfg);

​

Table of contents

​

Constructors

• constructor

​

Properties

• BaseDN
• Host
• Port
• Realm
• config
• ldapUrl
• realm

​

Methods

• AdvancedSearch
• Authenticate
• AuthenticateWithNTLMHash
• Close
• CollectMetadata
• FindADObjects
• GetADActiveUsers
• GetADAdmins
• GetADDCList
• GetADDomainSID
• GetADGroups
• GetADUserAsRepRoastable
• GetADUserKerberoastable
• GetADUserTrustedForDelegation
• GetADUserWithNeverExpiringPasswords
• GetADUserWithPasswordNotRequired
• GetADUsers
• Search

​

Constructors

​

constructor

• new Client(ldapUrl, realm, config?): Client

​

Parameters

​

Returns

Client

​

Defined in

ldap.ts:198

​

Properties

​

BaseDN

• Optional BaseDN: string

​

Defined in

ldap.ts:194

​

Host

• Optional Host: string

​

Defined in

ldap.ts:182

​

Port

• Optional Port: number

​

Defined in

ldap.ts:186

​

Realm

• Optional Realm: string

​

Defined in

ldap.ts:190

​

config

• Optional config: Config

​

Defined in

ldap.ts:198

​

ldapUrl

• ldapUrl: string

​

Defined in

ldap.ts:198

​

realm

• realm: string

​

Defined in

ldap.ts:198

​

Methods

​

AdvancedSearch

▸ AdvancedSearch(Scope, TypesOnly, Filter, Attributes, Controls): SearchResult

AdvancedSearch accepts all values of search request type and return Ldap Entry its up to user to handle the response

​

Parameters

​

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const results = client.AdvancedSearch(ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, '(objectClass=*)', ['cn', 'mail'], []);

​

Defined in

ldap.ts:446

​

Authenticate

▸ Authenticate(username): boolean

Authenticate authenticates with the ldap server using the given username and password performs NTLMBind first and then Bind/UnauthenticatedBind if NTLMBind fails

​

Parameters

​

Returns

boolean

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.Authenticate('user', 'password');

​

Defined in

ldap.ts:402

​

AuthenticateWithNTLMHash

▸ AuthenticateWithNTLMHash(username): boolean

AuthenticateWithNTLMHash authenticates with the ldap server using the given username and NTLM hash

​

Parameters

​

Returns

boolean

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.AuthenticateWithNTLMHash('pdtm', 'hash');

​

Defined in

ldap.ts:416

​

Close

▸ Close(): void

close the ldap connection

​

Returns

void

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.Close();

​

Defined in

ldap.ts:475

​

CollectMetadata

▸ CollectMetadata(): Metadata

CollectLdapMetadata collects metadata from ldap server.

​

Returns

Metadata

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const metadata = client.CollectMetadata();
log(to_json(metadata));

​

Defined in

ldap.ts:461

​

FindADObjects

▸ FindADObjects(filter): SearchResult

FindADObjects finds AD objects based on a filter and returns them as a list of ADObject

​

Parameters

​

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.FindADObjects(ldap.FilterIsPerson);
log(to_json(users));

​

Defined in

ldap.ts:212

​

GetADActiveUsers

▸ GetADActiveUsers(): SearchResult

GetADActiveUsers returns all AD users using FilterIsPerson and FilterAccountEnabled filter query

​

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADActiveUsers();
log(to_json(users));

​

Defined in

ldap.ts:244

​

GetADAdmins

▸ GetADAdmins(): SearchResult

GetADAdmins returns all AD admins using FilterIsPerson, FilterAccountEnabled and FilterIsAdmin filter query

​

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const admins = client.GetADAdmins();
log(to_json(admins));

​

Defined in

ldap.ts:340

​

GetADDCList

▸ GetADDCList(): SearchResult

GetADDCList returns all AD domain controllers using FilterIsComputer, FilterAccountEnabled and FilterServerTrustAccount filter query

​

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const dcs = client.GetADDCList();
log(to_json(dcs));

​

Defined in

ldap.ts:324

​

GetADDomainSID

▸ GetADDomainSID(): string

GetADDomainSID returns the SID of the AD domain

​

Returns

string

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const domainSID = client.GetADDomainSID();
log(domainSID);

​

Defined in

ldap.ts:387

​

GetADGroups

▸ GetADGroups(): SearchResult

GetADGroups returns all AD groups using FilterIsGroup filter query

​

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const groups = client.GetADGroups();
log(to_json(groups));

​

Defined in

ldap.ts:308

​

GetADUserAsRepRoastable

▸ GetADUserAsRepRoastable(): SearchResult

GetADUserAsRepRoastable returns all AD users that are AsRepRoastable using FilterIsPerson, and FilterDontRequirePreauth filter query

​

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const AsRepRoastable = client.GetADUserAsRepRoastable();
log(to_json(AsRepRoastable));

​

Defined in

ldap.ts:372

​

GetADUserKerberoastable

▸ GetADUserKerberoastable(): SearchResult

GetADUserKerberoastable returns all AD users that are kerberoastable using FilterIsPerson, FilterAccountEnabled and FilterHasServicePrincipalName filter query

​

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const kerberoastable = client.GetADUserKerberoastable();
log(to_json(kerberoastable));

​

Defined in

ldap.ts:356

​

GetADUserTrustedForDelegation

▸ GetADUserTrustedForDelegation(): SearchResult

GetADUserTrustedForDelegation returns all AD users that are trusted for delegation using FilterIsPerson and FilterTrustedForDelegation filter query

​

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserTrustedForDelegation();
log(to_json(users));

​

Defined in

ldap.ts:276

​

GetADUserWithNeverExpiringPasswords

▸ GetADUserWithNeverExpiringPasswords(): SearchResult

GetAdUserWithNeverExpiringPasswords returns all AD users using FilterIsPerson and FilterDontExpirePassword filter query

​

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserWithNeverExpiringPasswords();
log(to_json(users));

​

Defined in

ldap.ts:260

​

GetADUserWithPasswordNotRequired

▸ GetADUserWithPasswordNotRequired(): SearchResult

GetADUserWithPasswordNotRequired returns all AD users that do not require a password using FilterIsPerson and FilterPasswordNotRequired filter query

​

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserWithPasswordNotRequired();
log(to_json(users));

​

Defined in

ldap.ts:292

​

GetADUsers

▸ GetADUsers(): SearchResult

GetADUsers returns all AD users using FilterIsPerson filter query

​

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUsers();
log(to_json(users));

​

Defined in

ldap.ts:228

​

Search

▸ Search(filter, attributes): SearchResult

Search accepts whatever filter and returns a list of maps having provided attributes as keys and associated values mirroring the ones returned by ldap

​

Parameters

​

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const results = client.Search('(objectClass=*)', 'cn', 'mail');

​

Defined in

ldap.ts:431