Class: Client

ldap.Client Client is a client for ldap protocol in nuclei Example 
const ldap = require('nuclei/ldap');
// here ldap.example.com is the ldap server and acme.com is the realm
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
Example 
const ldap = require('nuclei/ldap');
const cfg = new ldap.Config();
cfg.Timeout = 10;
cfg.ServerName = 'ldap.internal.acme.com';
// optional config can be passed as third argument
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com', cfg);

Table of contents

Constructors

Properties

Methods

Constructors

constructor

new Client(ldapUrl, realm, config?): Client

Parameters

NameType
ldapUrlstring
realmstring
config?Config

Returns

Client

Defined in

ldap.ts:198

Properties

BaseDN

Optional BaseDN: string

Defined in

ldap.ts:194

Host

Optional Host: string

Defined in

ldap.ts:182

Port

Optional Port: number

Defined in

ldap.ts:186

Realm

Optional Realm: string

Defined in

ldap.ts:190

config

Optional config: Config

Defined in

ldap.ts:198

ldapUrl

ldapUrl: string

Defined in

ldap.ts:198

realm

realm: string

Defined in

ldap.ts:198

Methods

AdvancedSearch

AdvancedSearch(Scope, TypesOnly, Filter, Attributes, Controls): SearchResult AdvancedSearch accepts all values of search request type and return Ldap Entry its up to user to handle the response

Parameters

NameType
Scopenumber
TypesOnlyboolean
Filterstring
Attributesstring[]
Controlsany

Returns

SearchResult Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const results = client.AdvancedSearch(ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, '(objectClass=*)', ['cn', 'mail'], []);

Defined in

ldap.ts:430

Authenticate

Authenticate(username): void Authenticate authenticates with the ldap server using the given username and password performs NTLMBind first and then Bind/UnauthenticatedBind if NTLMBind fails

Parameters

NameType
usernamestring

Returns

void Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.Authenticate('user', 'password');

Defined in

ldap.ts:386

AuthenticateWithNTLMHash

AuthenticateWithNTLMHash(username): void AuthenticateWithNTLMHash authenticates with the ldap server using the given username and NTLM hash

Parameters

NameType
usernamestring

Returns

void Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.AuthenticateWithNTLMHash('pdtm', 'hash');

Defined in

ldap.ts:400

Close

Close(): void close the ldap connection

Returns

void Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
client.Close();

Defined in

ldap.ts:459

CollectMetadata

CollectMetadata(): Metadata CollectLdapMetadata collects metadata from ldap server.

Returns

Metadata Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const metadata = client.CollectMetadata();
log(to_json(metadata));

Defined in

ldap.ts:445

FindADObjects

FindADObjects(filter): ADObject[] FindADObjects finds AD objects based on a filter and returns them as a list of ADObject

Parameters

NameType
filterstring

Returns

ADObject[] Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.FindADObjects(ldap.FilterIsPerson);
log(to_json(users));

Defined in

ldap.ts:212

GetADActiveUsers

GetADActiveUsers(): ADObject[] GetADActiveUsers returns all AD users using FilterIsPerson and FilterAccountEnabled filter query

Returns

ADObject[] Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADActiveUsers();
log(to_json(users));

Defined in

ldap.ts:244

GetADAdmins

GetADAdmins(): ADObject[] GetADAdmins returns all AD admins using FilterIsPerson, FilterAccountEnabled and FilterIsAdmin filter query

Returns

ADObject[] Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const admins = client.GetADAdmins();
log(to_json(admins));

Defined in

ldap.ts:340

GetADDCList

GetADDCList(): ADObject[] GetADDCList returns all AD domain controllers using FilterIsComputer, FilterAccountEnabled and FilterServerTrustAccount filter query

Returns

ADObject[] Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const dcs = client.GetADDCList();
log(to_json(dcs));

Defined in

ldap.ts:324

GetADDomainSID

GetADDomainSID(): string GetADDomainSID returns the SID of the AD domain

Returns

string Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const domainSID = client.GetADDomainSID();
log(domainSID);

Defined in

ldap.ts:371

GetADGroups

GetADGroups(): ADObject[] GetADGroups returns all AD groups using FilterIsGroup filter query

Returns

ADObject[] Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const groups = client.GetADGroups();
log(to_json(groups));

Defined in

ldap.ts:308

GetADUserKerberoastable

GetADUserKerberoastable(): ADObject[] GetADUserKerberoastable returns all AD users that are kerberoastable using FilterIsPerson, FilterAccountEnabled and FilterHasServicePrincipalName filter query

Returns

ADObject[] Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const kerberoastable = client.GetADUserKerberoastable();
log(to_json(kerberoastable));

Defined in

ldap.ts:356

GetADUserTrustedForDelegation

GetADUserTrustedForDelegation(): ADObject[] GetADUserTrustedForDelegation returns all AD users that are trusted for delegation using FilterIsPerson and FilterTrustedForDelegation filter query

Returns

ADObject[] Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserTrustedForDelegation();
log(to_json(users));

Defined in

ldap.ts:276

GetADUserWithNeverExpiringPasswords

GetADUserWithNeverExpiringPasswords(): ADObject[] GetAdUserWithNeverExpiringPasswords returns all AD users using FilterIsPerson and FilterDontExpirePassword filter query

Returns

ADObject[] Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserWithNeverExpiringPasswords();
log(to_json(users));

Defined in

ldap.ts:260

GetADUserWithPasswordNotRequired

GetADUserWithPasswordNotRequired(): ADObject[] GetADUserWithPasswordNotRequired returns all AD users that do not require a password using FilterIsPerson and FilterPasswordNotRequired filter query

Returns

ADObject[] Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUserWithPasswordNotRequired();
log(to_json(users));

Defined in

ldap.ts:292

GetADUsers

GetADUsers(): ADObject[] GetADUsers returns all AD users using FilterIsPerson filter query

Returns

ADObject[] Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const users = client.GetADUsers();
log(to_json(users));

Defined in

ldap.ts:228
Search(filter, attributes): Record<string, string[]>[] Search accepts whatever filter and returns a list of maps having provided attributes as keys and associated values mirroring the ones returned by ldap

Parameters

NameType
filterstring
attributesany

Returns

Record<string, string[]>[] Example 
const ldap = require('nuclei/ldap');
const client = new ldap.Client('ldap://ldap.example.com', 'acme.com');
const results = client.Search('(objectClass=*)', 'cn', 'mail');

Defined in

ldap.ts:415