Class: Client

ldap.Client

Client is a client for ldap protocol in nuclei

Example

const ldap = require('nuclei/ldap');
// here ldap.example.com is the ldap server and acme.com is the realm
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');

Example

const ldap = require('nuclei/ldap');
const cfg = new ldap.Config();
cfg.Timeout = 10;
cfg.ServerName = 'ldap.internal.acme.com';
// optional config can be passed as third argument
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com', cfg);

Table of contents

Constructors

Properties

Methods

Constructors

constructor

new Client(ldapUrl, realm, config?): Client

Parameters

NameType
ldapUrlstring
realmstring
config?Config

Returns

Client

Defined in

ldap.ts:198

Properties

BaseDN

Optional BaseDN: string

Defined in

ldap.ts:194


Host

Optional Host: string

Defined in

ldap.ts:182


Port

Optional Port: number

Defined in

ldap.ts:186


Realm

Optional Realm: string

Defined in

ldap.ts:190


config

Optional config: Config

Defined in

ldap.ts:198


ldapUrl

ldapUrl: string

Defined in

ldap.ts:198


realm

realm: string

Defined in

ldap.ts:198

Methods

AdvancedSearch

AdvancedSearch(Scope, TypesOnly, Filter, Attributes, Controls): SearchResult

AdvancedSearch accepts all values of search request type and return Ldap Entry its up to user to handle the response

Parameters

NameType
Scopenumber
TypesOnlyboolean
Filterstring
Attributesstring[]
Controlsany

Returns

SearchResult

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const results = client.AdvancedSearch(ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, '(objectClass=*)', ['cn', 'mail'], []);

Defined in

ldap.ts:430


Authenticate

Authenticate(username): void

Authenticate authenticates with the ldap server using the given username and password performs NTLMBind first and then Bind/UnauthenticatedBind if NTLMBind fails

Parameters

NameType
usernamestring

Returns

void

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.Authenticate('user', 'password');

Defined in

ldap.ts:386


AuthenticateWithNTLMHash

AuthenticateWithNTLMHash(username): void

AuthenticateWithNTLMHash authenticates with the ldap server using the given username and NTLM hash

Parameters

NameType
usernamestring

Returns

void

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.AuthenticateWithNTLMHash('pdtm', 'hash');

Defined in

ldap.ts:400


Close

Close(): void

close the ldap connection

Returns

void

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.Close();

Defined in

ldap.ts:459


CollectMetadata

CollectMetadata(): Metadata

CollectLdapMetadata collects metadata from ldap server.

Returns

Metadata

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const metadata = client.CollectMetadata();
log(to_json(metadata));

Defined in

ldap.ts:445


FindADObjects

FindADObjects(filter): ADObject[]

FindADObjects finds AD objects based on a filter and returns them as a list of ADObject

Parameters

NameType
filterstring

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.FindADObjects(ldap.FilterIsPerson);
log(to_json(users));

Defined in

ldap.ts:212


GetADActiveUsers

GetADActiveUsers(): ADObject[]

GetADActiveUsers returns all AD users using FilterIsPerson and FilterAccountEnabled filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADActiveUsers();
log(to_json(users));

Defined in

ldap.ts:244


GetADAdmins

GetADAdmins(): ADObject[]

GetADAdmins returns all AD admins using FilterIsPerson, FilterAccountEnabled and FilterIsAdmin filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const admins = client.GetADAdmins();
log(to_json(admins));

Defined in

ldap.ts:340


GetADDCList

GetADDCList(): ADObject[]

GetADDCList returns all AD domain controllers using FilterIsComputer, FilterAccountEnabled and FilterServerTrustAccount filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const dcs = client.GetADDCList();
log(to_json(dcs));

Defined in

ldap.ts:324


GetADDomainSID

GetADDomainSID(): string

GetADDomainSID returns the SID of the AD domain

Returns

string

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const domainSID = client.GetADDomainSID();
log(domainSID);

Defined in

ldap.ts:371


GetADGroups

GetADGroups(): ADObject[]

GetADGroups returns all AD groups using FilterIsGroup filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const groups = client.GetADGroups();
log(to_json(groups));

Defined in

ldap.ts:308


GetADUserKerberoastable

GetADUserKerberoastable(): ADObject[]

GetADUserKerberoastable returns all AD users that are kerberoastable using FilterIsPerson, FilterAccountEnabled and FilterHasServicePrincipalName filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const kerberoastable = client.GetADUserKerberoastable();
log(to_json(kerberoastable));

Defined in

ldap.ts:356


GetADUserTrustedForDelegation

GetADUserTrustedForDelegation(): ADObject[]

GetADUserTrustedForDelegation returns all AD users that are trusted for delegation using FilterIsPerson and FilterTrustedForDelegation filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserTrustedForDelegation();
log(to_json(users));

Defined in

ldap.ts:276


GetADUserWithNeverExpiringPasswords

GetADUserWithNeverExpiringPasswords(): ADObject[]

GetAdUserWithNeverExpiringPasswords returns all AD users using FilterIsPerson and FilterDontExpirePassword filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserWithNeverExpiringPasswords();
log(to_json(users));

Defined in

ldap.ts:260


GetADUserWithPasswordNotRequired

GetADUserWithPasswordNotRequired(): ADObject[]

GetADUserWithPasswordNotRequired returns all AD users that do not require a password using FilterIsPerson and FilterPasswordNotRequired filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserWithPasswordNotRequired();
log(to_json(users));

Defined in

ldap.ts:292


GetADUsers

GetADUsers(): ADObject[]

GetADUsers returns all AD users using FilterIsPerson filter query

Returns

ADObject[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUsers();
log(to_json(users));

Defined in

ldap.ts:228


Search(filter, attributes): Record<string, string[]>[]

Search accepts whatever filter and returns a list of maps having provided attributes as keys and associated values mirroring the ones returned by ldap

Parameters

NameType
filterstring
attributesany

Returns

Record<string, string[]>[]

Example

const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const results = client.Search('(objectClass=*)', 'cn', 'mail');

Defined in

ldap.ts:415