collect

package
v0.0.0-...-f1573f2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 20, 2024 License: AGPL-3.0 Imports: 54 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	Command = &cobra.Command{
		Use:   "activedirectory",
		Short: "Collects information from Active Directory",
	}

	AuthmodeString = Command.Flags().String("authmode", "ntlm", "Bind mode: unauth/anonymous, basic/simple, digest/md5, kerberoscache, ntlm, ntlmpth (password is hash)")
)
View Source 
var CreateDumper = func(opts LDAPOptions) LDAPDumper {
	return &AD{
		LDAPOptions: opts,
	}
}

Functions

func AuthModeStrings 

func AuthModeStrings() []string

AuthModeStrings returns a slice of all String values of the enum

func Execute 

func Execute(cmd *cobra.Command, args []string) error

func GetSSPIClient 

func GetSSPIClient() (ldap.GSSAPIClient, error)

func LDAPErrorStrings 

func LDAPErrorStrings() []string

LDAPErrorStrings returns a slice of all String values of the enum

func LDAPOptionStrings 

func LDAPOptionStrings() []string

LDAPOptionStrings returns a slice of all String values of the enum

func LDAPScopeStrings 

func LDAPScopeStrings() []string

LDAPScopeStrings returns a slice of all String values of the enum

func LDAPtoMaptringInterface 

func LDAPtoMaptringInterface(e *ldap.Entry) map[string]any

func PreRun 

func PreRun(cmd *cobra.Command, args []string) error

Checks that we have enough data to proceed with the real run

func TLSmodeStrings 

func TLSmodeStrings() []string

TLSmodeStrings returns a slice of all String values of the enum

Types 

type AD struct {
	LDAPOptions
	// contains filtered or unexported fields
}

func (*AD) Connect 

func (ad *AD) Connect() error

func (*AD) Disconnect 

func (ad *AD) Disconnect() error

func (*AD) Dump 

func (ad *AD) Dump(do DumpOptions) ([]activedirectory.RawObject, error)

func (*AD) RootDn 

func (ad *AD) RootDn() string

type ADEXAttributeType 

type ADEXAttributeType uint32
const (
	ADSTYPE_INVALID ADEXAttributeType = iota
	ADSTYPE_DN_STRING
	ADSTYPE_CASE_EXACT_STRING
	ADSTYPE_CASE_IGNORE_STRING
	ADSTYPE_PRINTABLE_STRING
	ADSTYPE_NUMERIC_STRING
	ADSTYPE_BOOLEAN
	ADSTYPE_INTEGER
	ADSTYPE_OCTET_STRING
	ADSTYPE_UTC_TIME
	ADSTYPE_LARGE_INTEGER
	ADSTYPE_PROV_SPECIFIC
	ADSTYPE_OBJECT_CLASS
	ADSTYPE_CASEIGNORE_LIST
	ADSTYPE_OCTET_LIST
	ADSTYPE_PATH
	ADSTYPE_POSTALADDRESS
	ADSTYPE_TIMESTAMP
	ADSTYPE_BACKLINK
	ADSTYPE_TYPEDNAME
	ADSTYPE_HOLD
	ADSTYPE_NETADDRESS
	ADSTYPE_REPLICAPOINTER
	ADSTYPE_FAXNUMBER
	ADSTYPE_EMAIL
	ADSTYPE_NT_SECURITY_DESCRIPTOR
	ADSTYPE_UNKNOWN
	ADSTYPE_DN_WITH_BINARY
	ADSTYPE_DN_WITH_STRING
)

type ADEXBlock 

type ADEXBlock struct {
	Unknown1 uint32
	Unknown2 WStringLength
}

type ADEXClass 

type ADEXClass struct {
	ClassName       WStringLength
	DN              WStringLength
	CommonClassName WStringLength
	SubClassOf      WStringLength
	SchemaIDGUID    uuid.UUID

	OffsetToNumBlocks uint32
	OffsetData        []byte `bin:"len:OffsetToNumBlocks"`

	NumBlocks uint32
	Blocks    []ADEXBlock `bin:"len:NumBlocks"`

	ExtraShizLength uint32
	ExtraShiz       []byte `bin:"len:ExtraShizLength*16"`

	NumPossSuperiors uint32
	PossSuperiors    []WStringLength `bin:"len:NumPossSuperiors"`

	NumAuxiliaryClasses uint32
	AuxiliaryClasses    []WStringLength `bin:"len:NumAuxiliaryClasses"`
}

type ADEXClasses 

type ADEXClasses struct {
	Count   uint32
	Classes []ADEXClass `bin:"len:Count"`
}

type ADEXEntry 

type ADEXEntry struct {
	Attribute uint32
	Offset    int32
}

type ADEXHeader 

type ADEXHeader struct {
	Signature Cstring
	Version   uint32

	FileTime    uint64
	Description Wstring `bin:"len:260"`
	Server      Wstring `bin:"len:260"`

	ObjectCount    uint32
	AttributeCount uint32

	OffsetPRC uint64
	OffsetEnd uint64

	Properties ADEXProperties `bin:"offsetStart:OffsetPRC"`
	Classes    ADEXClasses
	Rights     ADEXRights

	Objects []ADEXObject `bin:"len:ObjectCount,offsetStart:1086"`
}

type ADEXObject 

type ADEXObject struct {
	Position CurrentPosition
	Size     uint32
	Count    uint32
	Entries  []ADEXEntry `bin:"len:Count"`
	Blob     struct{}    `bin:"SkipData"`
}

func (*ADEXObject) GetValues 

func (o *ADEXObject) GetValues(r binstruct.Reader, attr []ADEXProperty, offsetcache map[int64][]string) (map[string][]string, error)

func (*ADEXObject) SkipData 

func (o *ADEXObject) SkipData(r binstruct.Reader) error

type ADEXProperties 

type ADEXProperties struct {
	Count uint32
	Props []ADEXProperty `bin:"len:Count"`
}

type ADEXProperty 

type ADEXProperty struct {
	Name                  WStringLength
	Unknown               uint32
	Encoding              uint32
	DN                    WStringLength
	SchemaIDGUID          uuid.UUID
	AttributeSecurityGUID uuid.UUID
	Blob                  uint32
}

type ADEXRight 

type ADEXRight struct {
	Name        WStringLength
	Description WStringLength
	Blob        [20]byte
}

type ADEXRights 

type ADEXRights struct {
	Count  uint32
	Rights []ADEXRight `bin:"len:Count"`
}

type ADExplorerDumper 

type ADExplorerDumper struct {
	// contains filtered or unexported fields
}

func (*ADExplorerDumper) Connect 

func (adex *ADExplorerDumper) Connect() error

func (*ADExplorerDumper) Disconnect 

func (adex *ADExplorerDumper) Disconnect() error

func (*ADExplorerDumper) Dump 

func (adex *ADExplorerDumper) Dump(do DumpOptions) ([]activedirectory.RawObject, error)

type AttributeDecoder 

type AttributeDecoder struct {
	// contains filtered or unexported fields
}

func (*AttributeDecoder) BinaryDecode 

func (ad *AttributeDecoder) BinaryDecode(r binstruct.Reader) error

type AttributeValueData 

type AttributeValueData struct {
	Count        uint32
	LocalOffsets []uint32 `bin:"len:Count"`
}

type AuthMode 

type AuthMode byte
const (
	Anonymous AuthMode = iota
	Basic
	Digest
	KerberosCache
	NTLM
	NTLMPTH
	Negotiate

	MD5    = Digest
	Unauth = Anonymous
	Simple = Basic
)

func AuthModeString 

func AuthModeString(s string) (AuthMode, error)

AuthModeString retrieves an enum value from the enum constants string name. Throws an error if the param is not part of the enum.

func AuthModeValues 

func AuthModeValues() []AuthMode

AuthModeValues returns all values of the enum

func (AuthMode) IsAAuthMode 

func (i AuthMode) IsAAuthMode() bool

IsAAuthMode returns "true" if the value is listed in the enum definition. "false" otherwise

func (AuthMode) MarshalJSON 

func (i AuthMode) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface for AuthMode

func (AuthMode) String 

func (i AuthMode) String() string

func (*AuthMode) UnmarshalJSON 

func (i *AuthMode) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface for AuthMode

type ControlInteger 

type ControlInteger struct {
	ControlType  string
	Criticality  bool
	ControlValue int64
}

func (*ControlInteger) Encode 

func (c *ControlInteger) Encode() *ber.Packet

Encode returns the ber packet representation

func (*ControlInteger) GetControlType 

func (c *ControlInteger) GetControlType() string

GetControlType rturns the OID

func (*ControlInteger) String 

func (c *ControlInteger) String() string

String returns a human-readable description

type Cstring 

type Cstring string

func (*Cstring) BinaryDecode 

func (c *Cstring) BinaryDecode(r binstruct.Reader) error

type CurrentPosition 

type CurrentPosition int64

func (*CurrentPosition) BinaryDecode 

func (cp *CurrentPosition) BinaryDecode(r binstruct.Reader) error

type DumpOptions 

type DumpOptions struct {
	SearchBase string
	Scope      int
	Query      string
	Attributes []string
	NoSACL     bool
	ChunkSize  int

	OnObject      objectCallbackFunc
	WriteToFile   string
	ReturnObjects bool
}

type GSSAPIState 

type GSSAPIState struct {
	Subkey types.EncryptionKey
	// contains filtered or unexported fields
}

func (*GSSAPIState) DeleteSecContext 

func (state *GSSAPIState) DeleteSecContext() error

func (*GSSAPIState) InitSecContext 

func (state *GSSAPIState) InitSecContext(target string, _ []byte) (outputToken []byte, needContinue bool, err error)

func (*GSSAPIState) NegotiateSaslAuth 

func (state *GSSAPIState) NegotiateSaslAuth(input []byte, authzid string) ([]byte, error)

type LDAPDumper 

type LDAPDumper interface {
	Connect() error
	Disconnect() error

	Dump(opts DumpOptions) ([]activedirectory.RawObject, error)
}

type LDAPError 

type LDAPError uint
const (
	LDAP_SUCCESS                        LDAPError = 0x00
	LDAP_SIZELIMIT_EXCEEDED             LDAPError = 0x04
	LDAP_ADMIN_LIMIT_EXCEEDED           LDAPError = 0x0b
	LDAP_AFFECTS_MULTIPLE_DSAS          LDAPError = 0x47
	LDAP_ALIAS_DEREF_PROBLEM            LDAPError = 0x24
	LDAP_ALIAS_PROBLEM                  LDAPError = 0x21
	LDAP_ALREADY_EXISTS                 LDAPError = 0x44
	LDAP_ATTRIBUTE_OR_VALUE_EXISTS      LDAPError = 0x14
	LDAP_AUTH_METHOD_NOT_SUPPORTED      LDAPError = 0x07
	LDAP_AUTH_UNKNOWN                   LDAPError = 0x56
	LDAP_BUSY                           LDAPError = 0x33
	LDAP_CLIENT_LOOP                    LDAPError = 0x60
	LDAP_COMPARE_FALSE                  LDAPError = 0x05
	LDAP_COMPARE_TRUE                   LDAPError = 0x06
	LDAP_CONFIDENTIALITY_REQUIRED       LDAPError = 0x0d
	LDAP_CONNECT_ERROR                  LDAPError = 0x5b
	LDAP_CONSTRAINT_VIOLATION           LDAPError = 0x13
	LDAP_CONTROL_NOT_FOUND              LDAPError = 0x5d
	LDAP_DECODING_ERROR                 LDAPError = 0x54
	LDAP_ENCODING_ERROR                 LDAPError = 0x53
	LDAP_FILTER_ERROR                   LDAPError = 0x57
	LDAP_INAPPROPRIATE_AUTH             LDAPError = 0x30
	LDAP_INAPPROPRIATE_MATCHING         LDAPError = 0x12
	LDAP_INSUFFICIENT_RIGHTS            LDAPError = 0x32
	LDAP_INVALID_CREDENTIALS            LDAPError = 0x31
	LDAP_INVALID_DN_SYNTAX              LDAPError = 0x22
	LDAP_INVALID_SYNTAX                 LDAPError = 0x15
	LDAP_IS_LEAF                        LDAPError = 0x23
	LDAP_LOCAL_ERROR                    LDAPError = 0x52
	LDAP_LOOP_DETECT                    LDAPError = 0x36
	LDAP_MORE_RESULTS_TO_RETURN         LDAPError = 0x5f
	LDAP_NAMING_VIOLATION               LDAPError = 0x40
	LDAP_NO_MEMORY                      LDAPError = 0x5a
	LDAP_NO_OBJECT_CLASS_MODS           LDAPError = 0x45
	LDAP_NO_RESULTS_RETURNED            LDAPError = 0x5e
	LDAP_NO_SUCH_ATTRIBUTE              LDAPError = 0x10
	LDAP_NO_SUCH_OBJECT                 LDAPError = 0x20
	LDAP_NOT_ALLOWED_ON_NONLEAF         LDAPError = 0x42
	LDAP_NOT_ALLOWED_ON_RDN             LDAPError = 0x43
	LDAP_NOT_SUPPORTED                  LDAPError = 0x5c
	LDAP_OBJECT_CLASS_VIOLATION         LDAPError = 0x41
	LDAP_OPERATIONS_ERROR               LDAPError = 0x01
	LDAP_OTHER                          LDAPError = 0x50
	LDAP_PARAM_ERROR                    LDAPError = 0x59
	LDAP_PARTIAL_RESULTS                LDAPError = 0x09
	LDAP_PROTOCOL_ERROR                 LDAPError = 0x02
	LDAP_REFERRAL                       LDAPError = 0x0a
	LDAP_REFERRAL_LIMIT_EXCEEDED        LDAPError = 0x61
	LDAP_REFERRAL_V2                    LDAPError = 0x09
	LDAP_RESULTS_TOO_LARGE              LDAPError = 0x46
	LDAP_SERVER_DOWN                    LDAPError = 0x51
	LDAP_STRONG_AUTH_REQUIRED           LDAPError = 0x08
	LDAP_TIMELIMIT_EXCEEDED             LDAPError = 0x03
	LDAP_TIMEOUT                        LDAPError = 0x55
	LDAP_UNAVAILABLE                    LDAPError = 0x34
	LDAP_UNAVAILABLE_CRITICAL_EXTENSION LDAPError = 0x0c
	LDAP_UNDEFINED_TYPE                 LDAPError = 0x11
	LDAP_UNWILLING_TO_PERFORM           LDAPError = 0x35
	LDAP_USER_CANCELLED                 LDAPError = 0x58
	LDAP_VIRTUAL_LIST_VIEW_ERROR        LDAPError = 0x4c
)

func LDAPErrorString 

func LDAPErrorString(s string) (LDAPError, error)

LDAPErrorString retrieves an enum value from the enum constants string name. Throws an error if the param is not part of the enum.

func LDAPErrorValues 

func LDAPErrorValues() []LDAPError

LDAPErrorValues returns all values of the enum

func (LDAPError) IsALDAPError 

func (i LDAPError) IsALDAPError() bool

IsALDAPError returns "true" if the value is listed in the enum definition. "false" otherwise

func (LDAPError) MarshalJSON 

func (i LDAPError) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface for LDAPError

func (LDAPError) String 

func (i LDAPError) String() string

func (*LDAPError) UnmarshalJSON 

func (i *LDAPError) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface for LDAPError

type LDAPOption 

type LDAPOption uint
const (
	LDAP_OPT_SIZELIMIT              LDAPOption = 0x03
	LDAP_OPT_HOST_NAME              LDAPOption = 0x30
	LDAP_OPT_HOST_REACHABLE         LDAPOption = 0x3e
	LDAP_OPT_PING_KEEP_ALIVE        LDAPOption = 0x36
	LDAP_OPT_PROTOCOL_VERSION       LDAPOption = 0x11
	LDAP_OPT_REFERRALS              LDAPOption = 0x08
	LDAP_OPT_PING_LIMIT             LDAPOption = 0x38
	LDAP_OPT_PING_WAIT_TIME         LDAPOption = 0x37
	LDAP_OPT_PROMPT_CREDENTIALS     LDAPOption = 0x3f
	LDAP_OPT_REF_DEREF_CONN_PER_MSG LDAPOption = 0x94
	LDAP_OPT_REFERRAL_CALLBACK      LDAPOption = 0x70
	LDAP_OPT_REFERRAL_HOP_LIMIT     LDAPOption = 0x10
	LDAP_OPT_ROOTDSE_CACHE          LDAPOption = 0x9a
	LDAP_OPT_SASL_METHOD            LDAPOption = 0x97
	LDAP_OPT_SECURITY_CONTEXT       LDAPOption = 0x99
	LDAP_OPT_SEND_TIMEOUT           LDAPOption = 0x42
	LDAP_OPT_SCH_FLAGS              LDAPOption = 0x43
	LDAP_OPT_SOCKET_BIND_ADDRESSES  LDAPOption = 0x44
	LDAP_OPT_SERVER_CERTIFICATE     LDAPOption = 0x81
	LDAP_OPT_SERVER_ERROR           LDAPOption = 0x33
	LDAP_OPT_SERVER_EXT_ERROR       LDAPOption = 0x34
	LDAP_OPT_SIGN                   LDAPOption = 0x95
	LDAP_OPT_SSL                    LDAPOption = 0x0a
	LDAP_OPT_SSL_INFO               LDAPOption = 0x93
	LDAP_OPT_SSPI_FLAGS             LDAPOption = 0x92
	LDAP_OPT_TCP_KEEPALIVE          LDAPOption = 0x40
	LDAP_OPT_TIMELIMIT              LDAPOption = 0x04

	LDAP_VERSION3 = 3
)

func LDAPOptionString 

func LDAPOptionString(s string) (LDAPOption, error)

LDAPOptionString retrieves an enum value from the enum constants string name. Throws an error if the param is not part of the enum.

func LDAPOptionValues 

func LDAPOptionValues() []LDAPOption

LDAPOptionValues returns all values of the enum

func (LDAPOption) IsALDAPOption 

func (i LDAPOption) IsALDAPOption() bool

IsALDAPOption returns "true" if the value is listed in the enum definition. "false" otherwise

func (LDAPOption) MarshalJSON 

func (i LDAPOption) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface for LDAPOption

func (LDAPOption) String 

func (i LDAPOption) String() string

func (*LDAPOption) UnmarshalJSON 

func (i *LDAPOption) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface for LDAPOption

type LDAPOptions 

type LDAPOptions struct {
	Domain         string
	Server         string
	Port           uint16
	User           string
	Password       string
	AuthDomain     string
	AuthMode       AuthMode
	TLSMode        TLSmode
	Channelbinding bool
	SizeLimit      int

	IgnoreCert bool

	Debug bool
}

type LDAPScope 

type LDAPScope uint
const (
	LDAP_SCOPE_BASE     LDAPScope = 0x0
	LDAP_SCOPE_ONELEVEL LDAPScope = 0x1
	LDAP_SCOPE_SUBTREE  LDAPScope = 0x2
)

func LDAPScopeString 

func LDAPScopeString(s string) (LDAPScope, error)

LDAPScopeString retrieves an enum value from the enum constants string name. Throws an error if the param is not part of the enum.

func LDAPScopeValues 

func LDAPScopeValues() []LDAPScope

LDAPScopeValues returns all values of the enum

func (LDAPScope) IsALDAPScope 

func (i LDAPScope) IsALDAPScope() bool

IsALDAPScope returns "true" if the value is listed in the enum definition. "false" otherwise

func (LDAPScope) MarshalJSON 

func (i LDAPScope) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface for LDAPScope

func (LDAPScope) String 

func (i LDAPScope) String() string

func (*LDAPScope) UnmarshalJSON 

func (i *LDAPScope) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface for LDAPScope

type NTDSDumper 

type NTDSDumper struct {
	// contains filtered or unexported fields
}

func (*NTDSDumper) Connect 

func (ntds *NTDSDumper) Connect() error

func (*NTDSDumper) DebugDump 

func (ntds *NTDSDumper) DebugDump() error

func (*NTDSDumper) Disconnect 

func (ntds *NTDSDumper) Disconnect() error

func (*NTDSDumper) Dump 

func (ntds *NTDSDumper) Dump(do DumpOptions) ([]activedirectory.RawObject, error)

type SystemTime 

type SystemTime struct {
	Year         uint16
	Month        uint16
	DayOfWeek    uint16
	Day          uint16
	Hour         uint16
	Minute       uint16
	Second       uint16
	Milliseconds uint16
}

func (*SystemTime) Time 

func (st *SystemTime) Time() time.Time

type TLSmode 

type TLSmode byte
const (
	TLS TLSmode = iota
	StartTLS
	NoTLS
)

func TLSmodeString 

func TLSmodeString(s string) (TLSmode, error)

TLSmodeString retrieves an enum value from the enum constants string name. Throws an error if the param is not part of the enum.

func TLSmodeValues 

func TLSmodeValues() []TLSmode

TLSmodeValues returns all values of the enum

func (TLSmode) IsATLSmode 

func (i TLSmode) IsATLSmode() bool

IsATLSmode returns "true" if the value is listed in the enum definition. "false" otherwise

func (TLSmode) MarshalJSON 

func (i TLSmode) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface for TLSmode

func (TLSmode) String 

func (i TLSmode) String() string

func (*TLSmode) UnmarshalJSON 

func (i *TLSmode) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface for TLSmode

type Table 

type Table struct {
	Name   string
	Fields map[int64]string
}

type WCstring 

type WCstring string

func (*WCstring) BinaryDecode 

func (wc *WCstring) BinaryDecode(r binstruct.Reader) error

type WStringLength 

type WStringLength string

func (*WStringLength) BinaryDecode 

func (wsl *WStringLength) BinaryDecode(r binstruct.Reader) error

type Wstring 

type Wstring []uint16

func (Wstring) String 

func (w Wstring) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.