def ParseSearch(data): if re.search(b'(objectClass)', data): return str(LDAPSearchDefaultPacket(MessageIDASNStr=data[8:9].decode('latin-1'))) elif re.search(b'(?i)(objectClass0*.*supportedCapabilities)', data): return str(LDAPSearchSupportedCapabilitiesPacket(MessageIDASNStr=data[8:9].decode('latin-1'),MessageIDASN2Str=data[8:9].decode('latin-1'))) elif re.search(b'(?i)(objectClass0*.*supportedSASLMechanisms)', data): return str(LDAPSearchSupportedMechanismsPacket(MessageIDASNStr=data[8:9].decode('latin-1'),MessageIDASN2Str=data[8:9].decode('latin-1')))
def ParseSearch(data): TID = data[8:9].decode('latin-1') if re.search(b'Netlogon', data): NbtName = settings.Config.MachineName TID = NetworkRecvBufferPython2or3(data[8:10]) if TID[1] == "\x63": TID = "\x00" + TID[0] DomainName, DomainGuid = ParseCLDAPNetlogon(data) DomainGuid = NetworkRecvBufferPython2or3(DomainGuid) t = CLDAPNetlogon( MessageIDASNStr=TID, CLDAPMessageIDStr=TID, NTLogonDomainGUID=DomainGuid, NTLogonForestName=CalculateDNSName(DomainName)[0], NTLogonPDCNBTName=CalculateDNSName(NbtName)[0], NTLogonDomainNBTName=CalculateDNSName(NbtName)[0], NTLogonDomainNameShort=CalculateDNSName(DomainName)[1]) t.calculate() return str(t) if re.search(b'(?i)(objectClass0*.*supportedSASLMechanisms)', data): return str( LDAPSearchSupportedMechanismsPacket(MessageIDASNStr=TID, MessageIDASN2Str=TID)) elif re.search(b'(?i)(objectClass0*.*supportedCapabilities)', data): return str( LDAPSearchSupportedCapabilitiesPacket(MessageIDASNStr=TID, MessageIDASN2Str=TID)) elif re.search(b'(objectClass)', data): return str(LDAPSearchDefaultPacket(MessageIDASNStr=TID))
def ParseSearch(data): Search1 = re.search('(objectClass)', data) Search2 = re.search('(?i)(objectClass0*.*supportedCapabilities)', data) Search3 = re.search('(?i)(objectClass0*.*supportedSASLMechanisms)', data) if Search1: return str(LDAPSearchDefaultPacket(MessageIDASNStr=data[8:9])) if Search2: return str( LDAPSearchSupportedCapabilitiesPacket(MessageIDASNStr=data[8:9], MessageIDASN2Str=data[8:9])) if Search3: return str( LDAPSearchSupportedMechanismsPacket(MessageIDASNStr=data[8:9], MessageIDASN2Str=data[8:9]))