343 lines
5.5 KiB
Go
343 lines
5.5 KiB
Go
|
package activedirectory
|
||
|
|
||
|
import (
|
||
|
"bytes"
|
||
|
"encoding/binary"
|
||
|
|
||
|
"loafle.com/overflow/commons_go/matcher/packet"
|
||
|
"loafle.com/overflow/commons_go/model/scaninfo"
|
||
|
)
|
||
|
|
||
|
const (
|
||
|
AD_MESSAGE_ID = 0x99
|
||
|
AD_MESSAGE_ID_QUIT = 0x89
|
||
|
|
||
|
LDAP_VERSION3 = 3
|
||
|
|
||
|
LDAP_SUCCESS = 0x00
|
||
|
|
||
|
LDAP_REQ_BIND = 0x60
|
||
|
LDAP_RES_SEARCH_ENTRY = 0x64
|
||
|
|
||
|
LDAP_REQ_UNBIND = 0x42
|
||
|
LDAP_REQ_SEARCH = 0x63
|
||
|
|
||
|
LDAP_SCOPE_BASE = 0x00
|
||
|
LDAP_DEREF_NEVER = 0x00
|
||
|
LDAP_FILTER_PRESENT = 0x87
|
||
|
|
||
|
LDAP_RES_BIND = 0x61
|
||
|
|
||
|
LDAP_AUTH_SIMPLE = 0x80
|
||
|
|
||
|
AD_TYPE_STR = "supportedCapabilities"
|
||
|
)
|
||
|
|
||
|
type AD_SENDaaa struct {
|
||
|
DefaultCode uint8
|
||
|
PackLenFlag uint8
|
||
|
PacketLen uint32
|
||
|
|
||
|
NextType1 uint8
|
||
|
NextTypeLength1 uint8
|
||
|
|
||
|
MessageId uint32
|
||
|
|
||
|
ProtocolOp uint8
|
||
|
PtLenFlag uint8
|
||
|
PtPacketLen uint32
|
||
|
NextType2 uint8
|
||
|
NextTypeLength2 uint8
|
||
|
|
||
|
Version uint8
|
||
|
|
||
|
NextType3 uint8
|
||
|
NextTypeLength3 uint8
|
||
|
Auth uint8
|
||
|
AuthLength uint8
|
||
|
}
|
||
|
|
||
|
type AD_SEND struct {
|
||
|
DefaultCode uint8
|
||
|
PackLenFlag uint8
|
||
|
|
||
|
PacketLen uint32
|
||
|
|
||
|
NextType1 uint8
|
||
|
NextType1Len uint8
|
||
|
|
||
|
MessageId uint32
|
||
|
|
||
|
ProtocolOp uint8
|
||
|
|
||
|
PtPackLenFlag uint8
|
||
|
PtPacketLen uint32
|
||
|
|
||
|
NextType2 uint8
|
||
|
NextType2Len uint8
|
||
|
NextType3 uint8
|
||
|
NextType3Len uint8
|
||
|
|
||
|
Scope uint8
|
||
|
|
||
|
NextType4 uint8
|
||
|
NextType4Len uint8
|
||
|
|
||
|
DerefAliases uint8
|
||
|
|
||
|
NextType5 uint8
|
||
|
NextType5Len uint8
|
||
|
|
||
|
SizeLimit uint8
|
||
|
|
||
|
NextType6 uint8
|
||
|
NextType6Len uint8
|
||
|
|
||
|
TimeLimit uint8
|
||
|
|
||
|
NextType7 uint8
|
||
|
NextType7Len uint8
|
||
|
|
||
|
TypesOnly uint8
|
||
|
|
||
|
Filter1 uint8
|
||
|
PresentLen uint8
|
||
|
|
||
|
Present [11]byte
|
||
|
|
||
|
DefaultCode2 uint8
|
||
|
Pack2LenFlag uint8
|
||
|
|
||
|
Packet2Len uint32
|
||
|
|
||
|
UnknwonCode8 uint8
|
||
|
ItemLength uint8
|
||
|
|
||
|
AttributeDescription [21]byte
|
||
|
}
|
||
|
|
||
|
type AD_QUIT struct {
|
||
|
DefaultCode uint8
|
||
|
PackLenFlag uint8
|
||
|
|
||
|
PacketLength uint32
|
||
|
|
||
|
NextType1 uint8
|
||
|
NextTypeLength1 uint8
|
||
|
|
||
|
MessageId uint32
|
||
|
|
||
|
ProtocolOp uint8
|
||
|
|
||
|
PtLenFlag uint8
|
||
|
PtPacketLen uint32
|
||
|
}
|
||
|
|
||
|
type AD_RECV struct {
|
||
|
DefaultCode uint8
|
||
|
PackLenFlag uint8
|
||
|
|
||
|
PacketLength uint32
|
||
|
|
||
|
NextType1 uint8
|
||
|
NextType1Len uint8
|
||
|
|
||
|
MessageId uint16
|
||
|
|
||
|
ProtocolOp uint8
|
||
|
|
||
|
PtPackLenFlag uint8
|
||
|
PtPacketLen uint32
|
||
|
|
||
|
NextType2 uint8
|
||
|
NextType2Len uint8
|
||
|
|
||
|
UnknwonCode21 uint8
|
||
|
UnknwonCode22 uint8
|
||
|
UnknwonCode23 uint8
|
||
|
UnknwonCode24 uint8
|
||
|
UnknwonCode25 uint8
|
||
|
UnknwonCode26 uint8
|
||
|
|
||
|
UnknwonCode31 uint8
|
||
|
UnknwonCode32 uint8
|
||
|
UnknwonCode33 uint8
|
||
|
UnknwonCode34 uint8
|
||
|
UnknwonCode35 uint8
|
||
|
UnknwonCode36 uint8
|
||
|
UnknwonCode37 uint8
|
||
|
|
||
|
TypeLength uint8
|
||
|
}
|
||
|
|
||
|
type ActiveDirectoryMatcher struct {
|
||
|
sendPackets []*packet.Packet
|
||
|
}
|
||
|
|
||
|
func (ad *ActiveDirectoryMatcher) Match(index int, packet *packet.Packet, info scaninfo.ServiceScanInfo) bool {
|
||
|
|
||
|
if packet == nil {
|
||
|
return false
|
||
|
}
|
||
|
|
||
|
buf := new(bytes.Buffer)
|
||
|
buf.Write(packet.Buffer)
|
||
|
|
||
|
adRecv := AD_RECV{}
|
||
|
|
||
|
binary.Read(buf, binary.BigEndian, &adRecv)
|
||
|
|
||
|
if adRecv.MessageId != AD_MESSAGE_ID {
|
||
|
return false
|
||
|
}
|
||
|
|
||
|
if adRecv.ProtocolOp != LDAP_RES_SEARCH_ENTRY {
|
||
|
return false
|
||
|
}
|
||
|
|
||
|
///AD_TYPE_STR
|
||
|
|
||
|
//
|
||
|
//if(packet->readCount_ < sizeof(AD_RECV) + recv->typeLength) {
|
||
|
// return false;
|
||
|
//}
|
||
|
|
||
|
//char* type = new char[recv->typeLength];
|
||
|
//memcpy(type, packet->buffer_+sizeof(AD_RECV), recv->typeLength);
|
||
|
//std::string typeStr = type;
|
||
|
//
|
||
|
//delete[] type;
|
||
|
//if(typeStr.compare(AD_TYPE_STR) != 0) {
|
||
|
//return false;
|
||
|
//}
|
||
|
|
||
|
return true
|
||
|
}
|
||
|
|
||
|
func (ad *ActiveDirectoryMatcher) PacketCount() int {
|
||
|
return len(ad.sendPackets)
|
||
|
}
|
||
|
func (ad *ActiveDirectoryMatcher) Packet(index int) *packet.Packet {
|
||
|
return ad.sendPackets[index]
|
||
|
}
|
||
|
func (ad *ActiveDirectoryMatcher) ServiceName() string {
|
||
|
return "ActiveDirectory"
|
||
|
}
|
||
|
|
||
|
func (ad *ActiveDirectoryMatcher) IsError(index int, packet *packet.Packet, info scaninfo.ServiceScanInfo) bool {
|
||
|
return false
|
||
|
}
|
||
|
func (ad *ActiveDirectoryMatcher) IsNoResponse(index int) bool {
|
||
|
|
||
|
if index == 1 {
|
||
|
return true
|
||
|
}
|
||
|
|
||
|
return false
|
||
|
}
|
||
|
|
||
|
func (ad *ActiveDirectoryMatcher) IsPrePacket() bool {
|
||
|
return false
|
||
|
}
|
||
|
|
||
|
func NewActiveDirectoryMatcher() *ActiveDirectoryMatcher {
|
||
|
|
||
|
ls := AD_SEND{
|
||
|
DefaultCode: 0x30,
|
||
|
PackLenFlag: 0x84,
|
||
|
|
||
|
PacketLen: 0x47,
|
||
|
|
||
|
NextType1: 0x02,
|
||
|
NextType1Len: 0x04,
|
||
|
|
||
|
MessageId: AD_MESSAGE_ID,
|
||
|
|
||
|
ProtocolOp: LDAP_REQ_SEARCH,
|
||
|
|
||
|
PtPackLenFlag: 0x84,
|
||
|
PtPacketLen: 0x3b,
|
||
|
|
||
|
NextType2: 0x04,
|
||
|
NextType2Len: 0x00,
|
||
|
NextType3: 0x0a,
|
||
|
NextType3Len: 0x01,
|
||
|
|
||
|
Scope: LDAP_SCOPE_BASE,
|
||
|
|
||
|
NextType4: 0x0a,
|
||
|
NextType4Len: 0x01,
|
||
|
|
||
|
DerefAliases: LDAP_DEREF_NEVER,
|
||
|
|
||
|
NextType5: 0x02,
|
||
|
NextType5Len: 0x01,
|
||
|
|
||
|
SizeLimit: 0,
|
||
|
|
||
|
NextType6: 0x02,
|
||
|
NextType6Len: 0x01,
|
||
|
|
||
|
TimeLimit: 0x78,
|
||
|
|
||
|
NextType7: 0x01,
|
||
|
NextType7Len: 0x01,
|
||
|
|
||
|
TypesOnly: 0,
|
||
|
|
||
|
Filter1: LDAP_FILTER_PRESENT,
|
||
|
PresentLen: 0x0b,
|
||
|
|
||
|
//Present :0000,
|
||
|
|
||
|
DefaultCode2: 0x30,
|
||
|
Pack2LenFlag: 0x84,
|
||
|
|
||
|
Packet2Len: 0x17,
|
||
|
|
||
|
UnknwonCode8: 0x04,
|
||
|
ItemLength: 0x15,
|
||
|
|
||
|
//AttributeDescription:,
|
||
|
}
|
||
|
|
||
|
copy(ls.Present[:], "objectclass")
|
||
|
copy(ls.AttributeDescription[:], AD_TYPE_STR)
|
||
|
|
||
|
mCache := new(bytes.Buffer)
|
||
|
binary.Write(mCache, binary.BigEndian, ls)
|
||
|
|
||
|
sendByte1 := mCache.Bytes()
|
||
|
|
||
|
adm := ActiveDirectoryMatcher{
|
||
|
//sendPackets: make([][]byte, 2),
|
||
|
}
|
||
|
|
||
|
pp := packet.NewPacket(sendByte1, len(sendByte1))
|
||
|
|
||
|
adm.sendPackets = append(adm.sendPackets, pp)
|
||
|
|
||
|
aq := AD_QUIT{
|
||
|
DefaultCode: 0x30,
|
||
|
PackLenFlag: 0x84,
|
||
|
PacketLength: 0x0c,
|
||
|
NextType1: 0x02,
|
||
|
NextTypeLength1: 0x04,
|
||
|
MessageId: AD_MESSAGE_ID_QUIT,
|
||
|
ProtocolOp: LDAP_REQ_UNBIND,
|
||
|
PtLenFlag: 0x84,
|
||
|
PtPacketLen: 0x00,
|
||
|
}
|
||
|
|
||
|
lqBuffer := new(bytes.Buffer)
|
||
|
binary.Write(lqBuffer, binary.BigEndian, aq)
|
||
|
|
||
|
quBytes := lqBuffer.Bytes()
|
||
|
|
||
|
pp2 := packet.NewPacket(quBytes, len(quBytes))
|
||
|
|
||
|
adm.sendPackets = append(adm.sendPackets, pp2)
|
||
|
|
||
|
return &adm
|
||
|
}
|