github.com/n00py/Slackor@v0.0.0-20200610224921-d007fcea1740/impacket/tests/SMB_RPC/test_ldap.py (about) 1 ############################################################################### 2 # Tested so far: 3 # 4 # FWOpenPolicyStore 5 # 6 # Not yet: 7 # 8 # Shouldn't dump errors against a win7 9 # 10 ################################################################################ 11 from __future__ import division 12 from __future__ import print_function 13 import unittest 14 try: 15 import ConfigParser 16 except ImportError: 17 import configparser as ConfigParser 18 19 from impacket.ldap import ldap, ldapasn1 20 import impacket.ldap.ldaptypes 21 from impacket.ldap.ldaptypes import SR_SECURITY_DESCRIPTOR 22 23 class LDAPTests(unittest.TestCase): 24 def dummySearch(self, ldapConnection): 25 # Let's do a search just to be sure it's working 26 searchFilter = '(servicePrincipalName=*)' 27 28 resp = ldapConnection.search(searchFilter=searchFilter, 29 attributes=['servicePrincipalName', 'sAMAccountName', 'userPrincipalName', 30 'MemberOf', 'pwdLastSet', 'whenCreated']) 31 for item in resp: 32 print(item.prettyPrint()) 33 34 def test_security_descriptor(self): 35 # Comment by @dirkjanm: 36 # To prevent false negatives in the test case, impacket.ldap.ldaptypes.RECALC_ACL_SIZE should be set to False 37 # in tests, since sometimes Windows has redundant null bytes after an ACE.Stripping those away makes the 38 # ACLs not match at a binary level. 39 impacket.ldap.ldaptypes.RECALC_ACL_SIZE = False 40 ldapConnection=self.connect() 41 searchFilter = '(objectCategory=computer)' 42 43 resp = ldapConnection.search(searchFilter=searchFilter, 44 attributes=['nTSecurityDescriptor']) 45 for item in resp: 46 if isinstance(item, ldapasn1.SearchResultEntry) is not True: 47 continue 48 for attribute in item['attributes']: 49 if attribute['type'] == 'nTSecurityDescriptor': 50 secDesc = str(attribute['vals'][0]) 51 # Converting it so we can use it 52 sd = SR_SECURITY_DESCRIPTOR() 53 sd.fromString(secDesc) 54 sd.dump() 55 self.assertTrue(secDesc, sd.getData()) 56 57 58 def connect(self): 59 ldapConnection = ldap.LDAPConnection(self.url, self.baseDN) 60 ldapConnection.login(self.username, self.password) 61 return ldapConnection 62 63 def test_sicily(self): 64 ldapConnection = ldap.LDAPConnection(self.url, self.baseDN) 65 ldapConnection.login(authenticationChoice='sicilyPackageDiscovery') 66 67 def test_sicilyNtlm(self): 68 ldapConnection = ldap.LDAPConnection(self.url, self.baseDN) 69 ldapConnection.login(user=self.username, password=self.password, domain=self.domain) 70 71 self.dummySearch(ldapConnection) 72 73 def test_kerberosLogin(self): 74 ldapConnection = ldap.LDAPConnection(self.url, self.baseDN) 75 ldapConnection.kerberosLogin(self.username, self.password, self.domain) 76 77 self.dummySearch(ldapConnection) 78 79 def test_kerberosLoginHashes(self): 80 if len(self.hashes) > 0: 81 lmhash, nthash = self.hashes.split(':') 82 else: 83 lmhash = '' 84 nthash = '' 85 ldapConnection = ldap.LDAPConnection(self.url, self.baseDN) 86 ldapConnection.kerberosLogin(self.username, '', self.domain, lmhash, nthash, '', None, None) 87 88 self.dummySearch(ldapConnection) 89 90 def test_kerberosLoginKeys(self): 91 ldapConnection = ldap.LDAPConnection(self.url, self.baseDN) 92 ldapConnection.kerberosLogin(self.username, '', self.domain, '', '', self.aesKey, None, None) 93 94 self.dummySearch(ldapConnection) 95 96 def test_sicilyNtlmHashes(self): 97 if len(self.hashes) > 0: 98 lmhash, nthash = self.hashes.split(':') 99 else: 100 lmhash = '' 101 nthash = '' 102 ldapConnection = ldap.LDAPConnection(self.url, self.baseDN) 103 ldapConnection.login(user=self.username, password=self.password, domain=self.domain, lmhash=lmhash, nthash=nthash ) 104 105 self.dummySearch(ldapConnection) 106 107 def test_search(self): 108 ldapConnection = self.connect() 109 110 self.dummySearch(ldapConnection) 111 112 class TCPTransport(LDAPTests): 113 def setUp(self): 114 LDAPTests.setUp(self) 115 configFile = ConfigParser.ConfigParser() 116 configFile.read('dcetests.cfg') 117 self.username = configFile.get('TCPTransport', 'username') 118 self.domain = configFile.get('TCPTransport', 'domain') 119 self.serverName = configFile.get('TCPTransport', 'servername') 120 self.password = configFile.get('TCPTransport', 'password') 121 self.machine = configFile.get('TCPTransport', 'machine') 122 self.hashes = configFile.get('TCPTransport', 'hashes') 123 self.aesKey = configFile.get('SMBTransport', 'aesKey128') 124 self.url = 'ldap://%s' % self.serverName 125 self.baseDN = 'dc=%s, dc=%s' % (self.domain.split('.')[0],self.domain.split('.')[1] ) 126 127 class TCPTransportSSL(LDAPTests): 128 def setUp(self): 129 LDAPTests.setUp(self) 130 configFile = ConfigParser.ConfigParser() 131 configFile.read('dcetests.cfg') 132 self.username = configFile.get('TCPTransport', 'username') 133 self.domain = configFile.get('TCPTransport', 'domain') 134 self.serverName = configFile.get('TCPTransport', 'servername') 135 self.password = configFile.get('TCPTransport', 'password') 136 self.machine = configFile.get('TCPTransport', 'machine') 137 self.hashes = configFile.get('TCPTransport', 'hashes') 138 self.aesKey = configFile.get('SMBTransport', 'aesKey128') 139 self.url = 'ldaps://%s' % self.serverName 140 self.baseDN = 'dc=%s, dc=%s' % (self.domain.split('.')[0],self.domain.split('.')[1] ) 141 142 # Process command-line arguments. 143 if __name__ == '__main__': 144 import sys 145 if len(sys.argv) > 1: 146 testcase = sys.argv[1] 147 suite = unittest.TestLoader().loadTestsFromTestCase(globals()[testcase]) 148 else: 149 suite = unittest.TestLoader().loadTestsFromTestCase(TCPTransport) 150 unittest.TextTestRunner(verbosity=1).run(suite)