Documentation ¶
Index ¶
- Constants
- func DecodeADTimestamp(timestamp string) string
- func DecodeSID(s string) string
- func DecodeZuluTimestamp(timestamp string) string
- func FindObjects(c *ldap.Conn, domain string, filter string, attributes ...string) ([]map[string]interface{}, error)
- func FindObjectsWithCallback(c *ldap.Conn, domain string, filter string, ...) error
- func HashDataNTLM(b []byte) string
- func JoinFilters(filters ...string) string
- func NegativeFilter(filter string) string
- func NewFilter(attribute string, equalsTo string) string
- func Search(c *ldap.Conn, domain string, filter string, attributes ...string) (*ldap.SearchResult, error)
- func UACFilter(prop UserAccountControl) string
- func UnpackToSlice(i interface{}) []string
- func UnpackToString(i interface{}) string
- type DeletionType
- type ExecutionFunction
- type Options
- type UCD
- type UserAccountControl
Constants ¶
View Source
const ( IT_NamingContextHead uint32 = 1 // The head of naming context IT_ReplicaNotInstanciated uint32 = 2 // This replica is not instantiated IT_Writable uint32 = 4 // The object is writable on this directory IT_Above uint32 = 8 // The naming context above this one on this directory is held IT_Constructed uint32 = 10 // The naming context is in the process of being constructed for the first time by using replication IT_Removed uint32 = 20 // The naming context is in the process of being removed from the local DSA )
https://learn.microsoft.com/en-us/windows/win32/adschema/a-instancetype
View Source
const ( FilterIsUser = "(objectCategory=person)" FilterIsGroup = "(objectCategory=group)" FilterIsComputer = "(objectCategory=computer)" FilterIsAdmin = "(adminCount=1)" FilterGMSA = "(objectClass=msDS-GroupManagedServiceAccount)" )
View Source
const ( SAMAccountName = "sAMAccountName" ServicePrincipalName = "servicePrincipalName" ObjectSid = "objectSid" ObjectClass = "objectClass" InstanceType = "instanceType" AdminCount = "adminCount" UAC = "userAccountControl:1.2.840.113556.1.4.803:" UACAttr = "userAccountControl" DistinguishedName = "distinguishedName" OperatingSystem = "operatingSystem" OperatingSystemServicePack = "operatingSystemServicePack" OperatingSystemVersion = "operatingSystemVersion" PasswordLastSet = "pwdLastSet" LastLogon = "lastLogon" MemberOf = "memberOf" Description = "description" ManagedPassword = "msDS-ManagedPassword" UnicodePassword = "unicodePwd" DnsHostname = "dnsHostName" )
Variables ¶
This section is empty.
Functions ¶
func DecodeADTimestamp ¶
func DecodeZuluTimestamp ¶
func FindObjects ¶
func FindObjectsWithCallback ¶
func HashDataNTLM ¶
func JoinFilters ¶
func NegativeFilter ¶
func UACFilter ¶
func UACFilter(prop UserAccountControl) string
func UnpackToSlice ¶
func UnpackToSlice(i interface{}) []string
func UnpackToString ¶
func UnpackToString(i interface{}) string
Types ¶
type ExecutionFunction ¶
type ExecutionFunction int
const ( Undefined ExecutionFunction = iota Create Read Update Delete Kerberoast Asreproast )
type Options ¶
type Options struct { Targets struct { TARGETS []string `description:"Provide target IP/FQDN/FILE"` } `positional-args:"yes"` Connection struct { Username string `short:"u" description:"Provide username (or FILE)"` Password string `short:"p" description:"Provide password (or FILE)"` NullSession bool `long:"null-session" description:"Authenticate with null credentials"` NTLM string `short:"H" long:"hashes" description:"Authenticate with NTLM hash"` Domain string `short:"d" long:"domain" description:"Provide domain"` Port int `long:"port" default:"389" description:"Ldap port to contact"` SSL bool `short:"s" long:"ssl" description:"Use ssl to interact with ldap"` } `group:"Connection Options" description:"Connection Options"` Hashes struct { AsrepRoast string `long:"asreproast" description:"Grab AS_REP ticket(s) parsed to be cracked with hashcat"` Kerberoast string `long:"kerberoast" description:"Grab TGS ticket(s) parsed to be cracked with hashcat"` } `group:"Hash Retrieval Options" description:"Hash Retrieval Options"` // Create Create struct { AddComputer string `long:"add-computer" description:"Create a computer object"` } `group:"Create Options" description:"Create Options"` // Read Read struct { CustomFilter string `short:"f" long:"filter" description:"Bring your own filter"` CustomAttributes string `short:"a" long:"attributes" description:"Ask your attributes (comma separated)"` Script bool `long:"script" description:"Filter for objects with flag SCRIPT"` Disabled bool `long:"disabled" description:"Filter for objects with flag ACCOUNTDISABLE"` HomedirRequired bool `long:"homedir-required" description:"Filter for objects with flag HOMEDIR_REQUIRED"` Lockout bool `long:"lockout" description:"Filter for objects with flag LOCKOUT"` PasswordNotRequired bool `long:"password-not-required" description:"Filter for objects with flag PASSWD_NOTREQD"` PasswordCantChange bool `long:"password-cant-change" description:"Filter for objects with flag PASSWD_CANT_CHANGE"` EncryptedTextPwdAllowed bool `long:"encrypted-text-pwd-allowed" description:"Filter for objects with flag ENCRYPTED_TEXT_PWD_ALLOWED"` TempDuplicateAccount bool `long:"temp-duplicate-account" description:"Filter for objects with flag TEMP_DUPLICATE_ACCOUNT"` NormalAccount bool `long:"normal-account" description:"Filter for objects with flag NORMAL_ACCOUNT"` InterdomainTrustAccount bool `long:"interdomain-trust-account" description:"Filter for objects with flag INTERDOMAIN_TRUST_ACCOUNT"` WorkstationTrustAccount bool `long:"workstation-trust-account" description:"Filter for objects with flag WORKSTATION_TRUST_ACCOUNT"` ServerTrustAccount bool `long:"server-trust-account" description:"Filter for objects with flag SERVER_TRUST_ACCOUNT"` DontExpirePassword bool `long:"password-never-expires" description:"Filter for objects with flag DONT_EXPIRE_PASSWD"` MNSLogonAccount bool `long:"mns-logon-account" description:"Filter for objects with flag MNS_LOGON_ACCOUNT"` SmartcardRequired bool `long:"smartcard-required" description:"Filter for objects with flag SMARTCARD_REQUIRED"` TrustedForDelegation bool `long:"trusted-for-delegation" description:"Filter for objects with flag TRUSTED_FOR_DELEGATION"` NotDelegated bool `long:"not-delegated" description:"Filter for objects with flag NOT_DELEGATED"` UseDESKeyOnly bool `long:"use-des-key-only" description:"Filter for objects with flag USE_DES_KEY_ONLY"` DontRequirePreauth bool `long:"dont-require-preauth" description:"Filter for objects with flag DONT_REQ_PREAUTH"` PasswordExpired bool `long:"password-expired" description:"Filter for objects with flag PASSWORD_EXPIRED"` TrustedToAuthForDelegation bool `long:"trusted-to-auth-for-delegation" description:"Filter for objects with flag TRUSTED_TO_AUTH_FOR_DELEGATION"` PartialSecretsAccount bool `long:"partial-secrets-account" description:"Filter for objects with flag PARTIAL_SECRETS_ACCOUNT"` AdminCount bool `long:"admin-count" description:"Enumerate objects that have an adminCount"` Computers bool `long:"computers" description:"Enumerate objects that are computers"` Groups bool `long:"groups" description:"Enumerate objects that are domain groups"` Users bool `long:"users" description:"Enumerate objects that are enabled domain users"` ActiveUsers bool `long:"active-users" description:"Enumerate objects that are active enabled domain users"` User string `long:"user" description:"Get data about a single user"` GetSID bool `long:"sid" description:"Get domain SID"` GMSA bool `long:"gmsa" description:"Get GMSA passwords"` Not bool `long:"not" description:"Negate next filter"` } `group:"Read Options" description:"Read Options"` // Update Update struct { } `group:"Update Options" description:"Update Options"` // Delete Delete struct { DeleteComputer string `long:"del-computer" description:"Delete a computer object"` } `group:"Delete Options" description:"Delete Options"` // contains filtered or unexported fields }
type UCD ¶
type UCD struct { DnsHostName string UAC UserAccountControl SPNs []string SAMAccountName string UnicodePwd string }
type UserAccountControl ¶
type UserAccountControl int
var ( SCRIPT UserAccountControl = 1 ACCOUNTDISABLE UserAccountControl = 2 HOMEDIR_REQUIRED UserAccountControl = 8 LOCKOUT UserAccountControl = 16 PASSWD_NOTREQD UserAccountControl = 32 PASSWD_CANT_CHANGE UserAccountControl = 64 ENCRYPTED_TEXT_PWD_ALLOWED UserAccountControl = 128 TEMP_DUPLICATE_ACCOUNT UserAccountControl = 256 NORMAL_ACCOUNT UserAccountControl = 512 INTERDOMAIN_TRUST_ACCOUNT UserAccountControl = 2048 WORKSTATION_TRUST_ACCOUNT UserAccountControl = 4096 SERVER_TRUST_ACCOUNT UserAccountControl = 8192 DONT_EXPIRE_PASSWORD UserAccountControl = 65536 MNS_LOGON_ACCOUNT UserAccountControl = 131072 SMARTCARD_REQUIRED UserAccountControl = 262144 TRUSTED_FOR_DELEGATION UserAccountControl = 524288 NOT_DELEGATED UserAccountControl = 1048576 USE_DES_KEY_ONLY UserAccountControl = 2097152 DONT_REQ_PREAUTH UserAccountControl = 4194304 PASSWORD_EXPIRED UserAccountControl = 8388608 TRUSTED_TO_AUTH_FOR_DELEGATION UserAccountControl = 16777216 PARTIAL_SECRETS_ACCOUNT UserAccountControl = 67108864 )
Click to show internal directories.
Click to hide internal directories.