Class: Client

ldap.Client

Client is a client for ldap protocol in nuclei

Example

const ldap = require('nuclei/ldap');
// here ldap.example.com is the ldap server and acme.com is the realm
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');

Example

const ldap = require('nuclei/ldap');
const cfg = new ldap.Config();
cfg.Timeout = 10;
cfg.ServerName = 'ldap.internal.acme.com';
// optional config can be passed as third argument
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com', cfg);

Constructors

constructor

Properties

Methods

Constructors

constructor

• new Client(ldapUrl, realm, config?): Client

Parameters

Name	Type
`ldapUrl`	`string`
`realm`	`string`
`config?`	`Config`

Returns

Client

Defined in

ldap.ts:198

Properties

BaseDN

• Optional BaseDN: string

Defined in

ldap.ts:194

Host

• Optional Host: string

Defined in

ldap.ts:182

Port

• Optional Port: number

Defined in

ldap.ts:186

Realm

• Optional Realm: string

Defined in

ldap.ts:190

config

• Optional config: Config

Defined in

ldap.ts:198

ldapUrl

• ldapUrl: string

Defined in

ldap.ts:198

realm

• realm: string

Defined in

ldap.ts:198

Methods

AdvancedSearch

▸ AdvancedSearch(Scope, TypesOnly, Filter, Attributes, Controls): SearchResult

AdvancedSearch accepts all values of search request type and return Ldap Entry its up to user to handle the response

Parameters

Name	Type
`Scope`	`number`
`TypesOnly`	`boolean`
`Filter`	`string`
`Attributes`	`string`[]
`Controls`	`any`

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const results = client.AdvancedSearch(ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, '(objectClass=*)', ['cn', 'mail'], []);

Defined in

ldap.ts:430

Authenticate

▸ Authenticate(username): void

Authenticate authenticates with the ldap server using the given username and password performs NTLMBind first and then Bind/UnauthenticatedBind if NTLMBind fails

Parameters

Name	Type
`username`	`string`

Returns

void

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.Authenticate('user', 'password');

Defined in

ldap.ts:386

AuthenticateWithNTLMHash

▸ AuthenticateWithNTLMHash(username): void

AuthenticateWithNTLMHash authenticates with the ldap server using the given username and NTLM hash

Parameters

Name	Type
`username`	`string`

Returns

void

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.AuthenticateWithNTLMHash('pdtm', 'hash');

Defined in

ldap.ts:400

Close

▸ Close(): void

close the ldap connection

Returns

void

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.Close();

Defined in

ldap.ts:459

CollectMetadata

▸ CollectMetadata(): Metadata

CollectLdapMetadata collects metadata from ldap server.

Returns

Metadata

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const metadata = client.CollectMetadata();
log(to_json(metadata));

Defined in

ldap.ts:445

FindADObjects

▸ FindADObjects(filter): ADObject[]

FindADObjects finds AD objects based on a filter and returns them as a list of ADObject

Parameters

Name	Type
`filter`	`string`

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.FindADObjects(ldap.FilterIsPerson);
log(to_json(users));

Defined in

ldap.ts:212

GetADActiveUsers

▸ GetADActiveUsers(): ADObject[]

GetADActiveUsers returns all AD users using FilterIsPerson and FilterAccountEnabled filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADActiveUsers();
log(to_json(users));

Defined in

ldap.ts:244

GetADAdmins

▸ GetADAdmins(): ADObject[]

GetADAdmins returns all AD admins using FilterIsPerson, FilterAccountEnabled and FilterIsAdmin filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const admins = client.GetADAdmins();
log(to_json(admins));

Defined in

ldap.ts:340

GetADDCList

▸ GetADDCList(): ADObject[]

GetADDCList returns all AD domain controllers using FilterIsComputer, FilterAccountEnabled and FilterServerTrustAccount filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const dcs = client.GetADDCList();
log(to_json(dcs));

Defined in

ldap.ts:324

GetADDomainSID

▸ GetADDomainSID(): string

GetADDomainSID returns the SID of the AD domain

Returns

string

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const domainSID = client.GetADDomainSID();
log(domainSID);

Defined in

ldap.ts:371

GetADGroups

▸ GetADGroups(): ADObject[]

GetADGroups returns all AD groups using FilterIsGroup filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const groups = client.GetADGroups();
log(to_json(groups));

Defined in

ldap.ts:308

GetADUserKerberoastable

▸ GetADUserKerberoastable(): ADObject[]

GetADUserKerberoastable returns all AD users that are kerberoastable using FilterIsPerson, FilterAccountEnabled and FilterHasServicePrincipalName filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const kerberoastable = client.GetADUserKerberoastable();
log(to_json(kerberoastable));

Defined in

ldap.ts:356

GetADUserTrustedForDelegation

▸ GetADUserTrustedForDelegation(): ADObject[]

GetADUserTrustedForDelegation returns all AD users that are trusted for delegation using FilterIsPerson and FilterTrustedForDelegation filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserTrustedForDelegation();
log(to_json(users));

Defined in

ldap.ts:276

GetADUserWithNeverExpiringPasswords

▸ GetADUserWithNeverExpiringPasswords(): ADObject[]

GetAdUserWithNeverExpiringPasswords returns all AD users using FilterIsPerson and FilterDontExpirePassword filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserWithNeverExpiringPasswords();
log(to_json(users));

Defined in

ldap.ts:260

GetADUserWithPasswordNotRequired

▸ GetADUserWithPasswordNotRequired(): ADObject[]

GetADUserWithPasswordNotRequired returns all AD users that do not require a password using FilterIsPerson and FilterPasswordNotRequired filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserWithPasswordNotRequired();
log(to_json(users));

Defined in

ldap.ts:292

GetADUsers

▸ GetADUsers(): ADObject[]

GetADUsers returns all AD users using FilterIsPerson filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUsers();
log(to_json(users));

Defined in

ldap.ts:228

Search

▸ Search(filter, attributes): Record<string, string[]>[]

Search accepts whatever filter and returns a list of maps having provided attributes as keys and associated values mirroring the ones returned by ldap

Parameters

Name	Type
`filter`	`string`
`attributes`	`any`

Returns

Record<string, string[]>[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const results = client.Search('(objectClass=*)', 'cn', 'mail');

Defined in

ldap.ts:415

Templates

Protocols

Reference

Workflows

​Class: Client

​Table of contents

​Constructors

​Properties

​Methods

​Constructors

​constructor

​Parameters

​Returns

​Defined in

​Properties

​BaseDN

​Defined in

​Host

​Defined in

​Port

​Defined in

​Realm

​Defined in

​config

​Defined in

​ldapUrl

​Defined in

​realm

​Defined in

​Methods

​AdvancedSearch

​Parameters

​Returns

​Defined in

​Authenticate

​Parameters

​Returns

​Defined in

​AuthenticateWithNTLMHash

​Parameters

​Returns

​Defined in

​Close

​Returns

​Defined in

​CollectMetadata

​Returns

​Defined in

​FindADObjects

​Parameters

​Returns

​Defined in

​GetADActiveUsers

​Returns

​Defined in

​GetADAdmins

​Returns

​Defined in

​GetADDCList

​Returns

​Defined in

​GetADDomainSID

​Returns

​Defined in

​GetADGroups

​Returns

​Defined in

​GetADUserKerberoastable

​Returns

​Defined in

​GetADUserTrustedForDelegation

​Returns

​Defined in

​GetADUserWithNeverExpiringPasswords

​Returns

​Defined in

​GetADUserWithPasswordNotRequired

​Returns

​Defined in

​GetADUsers

Class: Client

Table of contents

Constructors

Properties

Methods

Constructors

constructor

Parameters

Returns

Defined in

Properties

BaseDN

Defined in

Host

Defined in

Port

Defined in

Realm

Defined in

config

Defined in

ldapUrl

Defined in

realm

Defined in

Methods

AdvancedSearch

Parameters

Returns

Defined in

Authenticate

Parameters

Returns

Defined in

AuthenticateWithNTLMHash

Parameters

Returns

Defined in

Close

Returns

Defined in

CollectMetadata

Returns

Defined in

FindADObjects

Parameters

Returns

Defined in

GetADActiveUsers

Returns

Defined in

GetADAdmins

Returns

Defined in

GetADDCList

Returns

Defined in

GetADDomainSID

Returns

Defined in

GetADGroups

Returns

Defined in

GetADUserKerberoastable

Returns

Defined in

GetADUserTrustedForDelegation

Returns

Defined in

GetADUserWithNeverExpiringPasswords

Returns

Defined in

GetADUserWithPasswordNotRequired

Returns

Defined in

GetADUsers

Returns

Defined in

Search

Parameters