def entroPass(self, user, password):
if not password:
return None
# First check if it is a clear text
dc_test_conn = Server(self.server, get_info=ALL)
test_conn = Connection(dc_test_conn, user=user, password=password)
test_conn.bind()
# Validate the login (bind) request
if int(test_conn.result['result']) != 0:
if self.CREDS:
print(
'[ ' + colored('INFO', 'yellow') +
' ] User: "******" with: "{1}" as possible clear text password'
.format(user, password))
else:
print('[ ' + colored('INFO', 'green') +
' ] User: "******" with: "{1}" was not cleartext'.format(
user, password))
else:
if self.CREDS:
print(
'[ ' + colored('INFO', 'yellow') +
' ] User: "******" had cleartext password of: "{1}" in a property'
.format(user, password))
else:
print(
'[ ' + colored('OK', 'yellow') +
' ] User: "******" had cleartext password of: "{1}" in a property - continuing with these creds'
.format(user, password))
print('')
return user, password
test_conn.unbind()
# Attempt for base64
# Could be base64, lets try
try:
pw = base64.b64decode(bytes(password,
encoding='utf-8')).decode('utf-8')
except base64.binascii.Error:
return None
# Attempt decoded PW
dc_test_conn = Server(self.server, get_info=ALL)
test_conn = Connection(dc_test_conn, user=user, password=pw)
test_conn.bind()
# Validate the login (bind) request
if int(test_conn.result['result']) != 0:
if self.CREDS:
print(
'[ ' + colored('INFO', 'yellow') +
' ] User: "******" with: "{1}" as possible base64 decoded password'
.format(user, pw))
else:
print('[ ' + colored('INFO', 'green') +
' ] User: "******" with: "{1}" was not base64 encoded'.
format(user, pw))
else:
if self.CREDS:
print(
'[ ' + colored('INFO', 'yellow') +
' ] User: "******" had base64 encoded password of: "{1}" in a property'
.format(user, pw))
else:
print(
'[ ' + colored('OK', 'yellow') +
' ] User: "******" had base64 encoded password of: "{1}" in a property - continuing with these creds'
.format(user, pw))
print('')
return user, pw
def connect_ldap(**kwargs):
server = Server(CONF['ldap']['host'],
int(CONF['ldap']['port']),
connect_timeout=5)
return Connection(server, raise_exceptions=True, **kwargs)
from ldap3 import Server, Connection, ALL
server = Server('x.x.x.x', get_info=ALL)
conn = Connection(
server,
auto_bind=True,
user='******',
password='******',
)
conn.search(
search_base='ou=users,ou=China,ou=Corp,dc=xxx,dc=xxx',
search_filter='(&(objectclass=person)(userAccountControl=512))',
attributes=[
'pwdlastset',
'userPrincipalName',
'msDS-UserPasswordExpiryTimeComputed',
],
)
print(conn.entries)
def __init__(self, secret, ldap_server, ldap_suffix='ou=People,dc=setecrs,dc=dpf,dc=gov,dc=br', check_bind=check_bind):
self.secret = secret
self.ldap_suffix = ldap_suffix
self.check_bind = check_bind
self.server = Server(ldap_server)
self.tokens = {}
def connect(server, user, password):
s = Server(server, get_info=ALL)
c = Connection(s, user=user, password=password)
c.bind()
return c
def mock_ad_connection(password: str) -> Connection:
"""Create mock AD connection"""
server = Server("my_fake_server", get_info=OFFLINE_AD_2012_R2)
_pass = "******" # noqa # nosec
connection = Connection(
server,
user="******",
password=_pass,
client_strategy=MOCK_SYNC,
)
# Entry for password checking
connection.strategy.add_entry(
"cn=user,ou=users,dc=goauthentik,dc=io",
{
"name": "test-user",
"objectSid": "unique-test-group",
"objectClass": "person",
"displayName": "Erin M. Hagens",
"sAMAccountName": "sAMAccountName",
"distinguishedName": "cn=user,ou=users,dc=goauthentik,dc=io",
},
)
connection.strategy.add_entry(
"cn=group1,ou=groups,dc=goauthentik,dc=io",
{
"name": "test-group",
"objectSid": "unique-test-group",
"objectClass": "group",
"distinguishedName": "cn=group1,ou=groups,dc=goauthentik,dc=io",
"member": ["cn=user0,ou=users,dc=goauthentik,dc=io"],
},
)
# Group without SID
connection.strategy.add_entry(
"cn=group2,ou=groups,dc=goauthentik,dc=io",
{
"name": "test-group",
"objectClass": "group",
"distinguishedName": "cn=group2,ou=groups,dc=goauthentik,dc=io",
},
)
connection.strategy.add_entry(
"cn=user0,ou=users,dc=goauthentik,dc=io",
{
"userPassword": password,
"sAMAccountName": "user0_sn",
"name": "user0_sn",
"revision": 0,
"objectSid": "user0",
"objectClass": "person",
"distinguishedName": "cn=user0,ou=users,dc=goauthentik,dc=io",
"userAccountControl": UserAccountControl.ACCOUNTDISABLE
+ UserAccountControl.NORMAL_ACCOUNT,
},
)
# User without SID
connection.strategy.add_entry(
"cn=user1,ou=users,dc=goauthentik,dc=io",
{
"userPassword": "******",
"sAMAccountName": "user2_sn",
"name": "user1_sn",
"revision": 0,
"objectClass": "person",
"distinguishedName": "cn=user1,ou=users,dc=goauthentik,dc=io",
},
)
# Duplicate users
connection.strategy.add_entry(
"cn=user2,ou=users,dc=goauthentik,dc=io",
{
"userPassword": "******",
"sAMAccountName": "user2_sn",
"name": "user2_sn",
"revision": 0,
"objectSid": "unique-test2222",
"objectClass": "person",
"distinguishedName": "cn=user2,ou=users,dc=goauthentik,dc=io",
},
)
connection.strategy.add_entry(
"cn=user3,ou=users,dc=goauthentik,dc=io",
{
"userPassword": "******",
"sAMAccountName": "user2_sn",
"name": "user2_sn",
"revision": 0,
"objectSid": "unique-test2222",
"objectClass": "person",
"distinguishedName": "cn=user3,ou=users,dc=goauthentik,dc=io",
},
)
connection.bind()
return connection
# import class and constants
from ldap3 import Server, Connection, ALL
# define the server
s = Server(host='yourhostname.com', port=389, use_ssl=False, get_info='ALL')
# define the connection
c = Connection(s, user='******', password='******', version=3, authentication='SIMPLE', client_strategy='SYNC', read_only=False, raise_exceptions=True)
if not c.bind():
print('error in binding', c.result)
else:
print('Bind is successful!!')
result = c.add(‘c=au,dc=yourhostname,dc=com’, [‘country’, ‘top’], {‘c’:’au’} )
print("Result of ADD: ",c.result)
c.unbind()
print("Unbinded successful!!")
def authorize(request):
global session
context={'checked':True}
if(session!=None and session.exists('user_type')):
if(session['user_type']=='student'):
return redirect('/ppa/student/')
elif(session[('user_type')]=='professor'):
return redirect('/ppa/professor/')
if(request.method == 'POST'):
user_type = None
uname = request.POST.get('username')
pwd = request.POST.get('password')
# if(request.POST.get('student-login')!=None):
#
# user_type = "student"
#
# elif(request.POST.get('admin-login')!=None):
#
# user_type = "admin"
s = Server('ldap://ldap.iitb.ac.in', get_info=ALL)
c = Connection(s, auto_bind=True)
a = c.search('dc=iitb,dc=ac,dc=in', '(uid='+uname+')', )
if(a):
b = str(c.entries[0])
# print(b)
# start = b.index('uid')
# end = b.index('in')
user_dn = c.response[0]['dn']
#to get dept of user
context={'checked':True}
info = b.split(',')
user_dept = dept_to_short[info[2][3:]]
if(info[1][3:] == "FAC"):
user_type="professor"
elif(info[1][3:] == "UG"):
user_type = "student"
elif(info[1][3:] == "PG"):
user_type = "student"
elif(info[1][3:] == "DD"):
user_type = "student"
else :
return render(request,'ppa/base_login_page.html',context)
#ending to get dept of user
c1 = Connection(s, user_dn, pwd)
if(not c1.bind()):
return redirect('/ppa/login/')
else:
redir_url = ""
session = SessionStore()
if(user_type=="student"):
u = Student.objects.filter(ldap_id=uname).first()
redir_url = "/ppa/student/"
if(u is None):
u = Student(ldap_id=uname, department=user_dept, name="", email=uname+"@iitb.ac.in")
redir_url = "/ppa/my_info/"
u.save()
# commented out the following to allow changing of ldap passwords
# u = authenticate(username=uname, password=pwd)
if(u is not None):
session['user_type']=user_type
session['ldap_id']=uname
session.save()
request.session['session_key'] = session.session_key
return redirect(redir_url)
else:
return redirect('/ppa/login/')
elif(user_type=="professor"):
u = Prof.objects.filter(ldap_id=uname).first()
redir_url = "/ppa/professor/"
if(u is None):
u = Prof(ldap_id=uname, department=user_dept, name="", email=uname+"@iitb.ac.in")
redir_url = "/ppa/professor/my_info/"
u.save()
# commented out the following to allow changing of ldap passwords
# u = authenticate(username=uname, password=pwd)
if(u is not None):
session['user_type']=user_type
session['ldap_id']=uname
session.save()
request.session['session_key'] = session.session_key
return redirect(redir_url)
else:
render(request,'ppa/base_login_page.html',context)
else:
render(request,'ppa/base_login_page.html',context)
else:
return render(request,'ppa/base_login_page.html',context)
def connect(self):
"""Setup the connection to the LDAP server and authenticate the user.
"""
# Parse the server URI
uri = getattr(config, 'LDAP_SERVER_URI', None)
if uri:
uri = urlparse(uri)
# Create the TLS configuration object if required
tls = None
if type(uri) == str:
return False, "LDAP configuration error: Set the proper LDAP URI."
if uri.scheme == 'ldaps' or config.LDAP_USE_STARTTLS:
ca_cert_file = getattr(config, 'LDAP_CA_CERT_FILE', None)
cert_file = getattr(config, 'LDAP_CERT_FILE', None)
key_file = getattr(config, 'LDAP_KEY_FILE', None)
cert_validate = ssl.CERT_NONE
if ca_cert_file and cert_file and key_file:
cert_validate = ssl.CERT_REQUIRED
try:
tls = Tls(local_private_key_file=key_file,
local_certificate_file=cert_file,
validate=cert_validate,
version=ssl.PROTOCOL_TLSv1_2,
ca_certs_file=ca_cert_file)
except LDAPSSLConfigurationError as e:
current_app.logger.exception(
"LDAP configuration error: {}\n".format(e))
return False, "LDAP configuration error: {}\n".format(
e.args[0])
try:
# Create the server object
server = Server(uri.hostname,
port=uri.port,
use_ssl=(uri.scheme == 'ldaps'),
get_info=ALL,
tls=tls,
connect_timeout=config.LDAP_CONNECTION_TIMEOUT)
except ValueError as e:
return False, "LDAP configuration error: {}.".format(e)
# Create the connection
try:
user_dn = "{0}={1},{2}".format(config.LDAP_USERNAME_ATTRIBUTE,
self.username, config.LDAP_BASE_DN)
self.conn = Connection(server,
user=user_dn,
password=self.password,
auto_bind=True)
except LDAPSocketOpenError as e:
current_app.logger.exception(
"Error connecting to the LDAP server: {}\n".format(e))
return False, "Error connecting to the LDAP server:" \
" {}\n".format(e.args[0])
except LDAPBindError as e:
current_app.logger.exception("Error binding to the LDAP server.")
return False, "Error binding to the LDAP server."
except Exception as e:
current_app.logger.exception(
"Error connecting to the LDAP server: {}\n".format(e))
return False, "Error connecting to the LDAP server:" \
" {}\n".format(e.args[0])
# Enable TLS if STARTTLS is configured
if not uri.scheme == 'ldaps' and config.LDAP_USE_STARTTLS:
try:
self.conn.start_tls()
except LDAPStartTLSError as e:
current_app.logger.exception(
"Error starting TLS: {}\n".format(e))
return False, "Error starting TLS: {}\n".format(e.args[0])
return True, None
#coding=utf-8
from ldap3 import Server, Connection, ALL, MODIFY_REPLACE, AUTO_BIND_NO_TLS
from datetime import timedelta, datetime
import openpyxl
"""
输入LDAP服务器相关信息
"""
server = Server('ldaps://192.168.26.129', get_info=ALL, use_ssl=True)
admin_username = '******'
admin_password = '******'
group_dn = 'OU=test,DC=aabbcc,DC=com' #OU为组织单位,DC为域名拆分
def add_ad_user(add_username,
name,
password,
phone,
mail,
user_overdue_day=30):
"""添加域账号"""
user_dn = 'cn=%s,%s' % (add_username, group_dn)
try:
"""创建初始化连接"""
c = Connection(server,
auto_bind=True,
user=admin_username,
password=admin_password)
"""获取当前系统时间"""
end_time = datetime.today() + timedelta(days=user_overdue_day)
"""添加用户"""
config = configparser.ConfigParser()
config.read('ldap.conf')
server = config['Main']['Server']
username = config['Main']['Username']
password = config['Main']['Password']
baseDN = config['Main']['BaseDN']
emailFile = config['Main']['EmailFile']
outputFile = config['Main']['OutputFile']
filters = config.items('SearchDN')
filterList = []
for item in filters:
filterList.append(item[1])
s = Server(server, get_info=ALL)
c = Connection(s, user='******' + username + ',' + baseDN, password=password)
if not c.bind():
print('error in bind', c.result)
c.start_tls()
f = open(emailFile)
emails = f.read().split('\n')
f.close
searchFilter = '(|'
for email in emails:
searchFilter += '(proxyAddresses=smtp:' + email + ')'
searchFilter += ')'
def init_and_get_ldap_user(self, username):
if username is None or username == '':
return None, None
# add LDAP_BIND_PASSWORD as password field
password_field = 'LDAP_BIND_PWD' if hasattr(
settings, 'LDAP_BIND_PWD') else 'LDAP_BIND_PASSWORD'
# check configuration
if not (hasattr(settings, 'LDAP_SERVERS')
and hasattr(settings, 'LDAP_BIND_USER')
and hasattr(settings, password_field)
and hasattr(settings, 'LDAP_SEARCH_BASE')
and hasattr(settings, 'LDAP_USER_SEARCH_FILTER')
and hasattr(settings, 'LDAP_ATTRIBUTES_MAP')):
raise ImproperlyConfigured()
# as first release of the module does not have this parameter, default is to set it true to keep the same
# comportment after updates.
if hasattr(settings, 'LDAP_USE_LDAP_GROUPS') and isinstance(
settings.LDAP_USE_LDAP_GROUPS, bool):
LDAP3ADBackend.use_groups = settings.LDAP_USE_LDAP_GROUPS
else:
LDAP3ADBackend.use_groups = True
if LDAP3ADBackend.use_groups and not (
hasattr(settings, 'LDAP_GROUPS_SEARCH_FILTER')
and hasattr(settings, 'LDAP_GROUP_MEMBER_ATTRIBUTE')
and hasattr(settings, 'LDAP_GROUPS_MAP')):
raise ImproperlyConfigured()
# LDAP_IGNORED_LOCAL_GROUPS is a list of local Django groups that must be kept.
if (hasattr(settings, 'LDAP_IGNORED_LOCAL_GROUPS')
and not isinstance(settings.LDAP_IGNORED_LOCAL_GROUPS, list)):
raise ImproperlyConfigured()
if hasattr(settings, 'LDAP_AUTHENTICATION'):
authentication = getattr(settings, 'LDAP_AUTHENTICATION')
else:
authentication = SIMPLE
# first: build server pool from settings
if LDAP3ADBackend.pool is None:
LDAP3ADBackend.pool = ServerPool(None,
pool_strategy=FIRST,
active=True)
for srv in settings.LDAP_SERVERS:
# from rechie, pullrequest #30
# check if LDAP_SERVERS settings has set ldap3 `get_info` parameter
if 'get_info' in srv:
server = Server(srv['host'],
srv['port'],
srv['use_ssl'],
get_info=srv['get_info'])
else:
server = Server(srv['host'], srv['port'], srv['use_ssl'])
LDAP3ADBackend.pool.add(server)
# then, try to connect with user/pass from settings
con = Connection(LDAP3ADBackend.pool,
auto_bind=True,
client_strategy=SYNC,
user=settings.LDAP_BIND_USER,
password=getattr(settings, password_field)
or settings.LDAP_BIND_PASSWORD,
authentication=authentication,
check_names=True)
# search for the desired user
user_dn = None
user_attribs = None
con.search(settings.LDAP_SEARCH_BASE,
settings.LDAP_USER_SEARCH_FILTER.replace(
'%s', '{0}').format(username),
attributes=list(settings.LDAP_ATTRIBUTES_MAP.values()))
if con.result['result'] == 0 and len(
con.response) > 0 and 'dn' in con.response[0].keys():
user_dn = con.response[0]['dn']
user_attribs = con.response[0]['attributes']
# from rechie, pullrequest #30
# convert `user_attribs` values to string if the returned value is a list
for attrib in user_attribs:
if isinstance(user_attribs[attrib],
list) and user_attribs[attrib]:
user_attribs[attrib] = user_attribs[attrib][0]
else:
user_attribs[attrib] = None
con.unbind()
return user_dn, user_attribs
def connect(self):
"""
LDAP connection method.
Connects to an AD LDAP server via NTLM or KERBEROS authentication.
This method supports the use of a plaintext password as well as
NTLM hashes.
HASH = LMHASH:NTHASH
Returns
-------
bool
Returns the state of the connection.
"""
logging.info('[*] Creating an LDAP connection.')
s = Server(self._server,
port=self._port,
use_ssl=self._ssl,
connect_timeout=self._timeout,
get_info=ALL)
if self._kerberos:
# Use Kerberos
logging.info('[*] Using KERBEROS authentication.')
try:
self._conn = Connection(s,
auto_bind=AUTO_BIND_NONE,
authentication=SASL,
sasl_mechanism=KERBEROS,
read_only=False,
return_empty_attributes=True)
bind_result = self._conn.bind()
except Exception as e:
msg = e.message.encode('ascii', 'ignore')
if msg.lower(
).find('no kerberos credentials available (default cache: file:/tmp/'
) != -1:
logging.error('[-] Kerberos binding error.')
logging.debug(
'[D] You need a valid kerberos TGT ticket or an LDAP TGS ticket for accessing the remote service.'
)
logging.debug(
'[D] Save the kerberos ticket ccache DB into /tmp/krb5cc_<uid> and try again.'
)
elif msg.lower().find('ticket expired') != -1:
logging.error('[-] Kerberos binding error.')
logging.debug(
'[D] The provided Ticket has expired. Please provide a valid one and try again.'
)
else:
logging.error('[-] Unexpected binding error.')
logging.debug('[D] Observe the following traceback:')
logging.debug(traceback.format_exc())
return False
else:
# Use NTLM authentication
logging.info('[*] Using NTLM authentication.')
try:
self._conn = Connection(s,
auto_bind=AUTO_BIND_NONE,
authentication=NTLM,
user=self._ntuser,
password=self._ntpass,
read_only=False)
bind_result = self._conn.bind()
except:
logging.error('[-] Unexpected binding error.')
logging.debug('[D] Observe the following traceback:')
logging.debug(traceback.format_exc())
return False
# Takes the root naming context
if bind_result:
self._base = json.loads(
s.info.to_json())['raw']['rootDomainNamingContext'][0]
logging.debug('[D] Binding base: %s' % self._base)
else:
logging.debug('[D] An error ocurred during the binding process.')
logging.debug('[D] Ldap API Message: %s' %
self._conn.result['description'])
return False
return True
def main():
parser = argparse.ArgumentParser(
description=
'Domain information dumper via LDAP. Dumps users/computers/groups and OS/membership information to HTML/JSON/greppable output.'
)
parser._optionals.title = "Main options"
parser._positionals.title = "Required options"
#Main parameters
#maingroup = parser.add_argument_group("Main options")
parser.add_argument(
"host",
type=str,
metavar='HOSTNAME',
help=
"Hostname/ip or ldap://host:port connection string to connect to (use ldaps:// to use SSL)"
)
parser.add_argument(
"-u",
"--user",
type=str,
metavar='USERNAME',
help=
"DOMAIN\\username for authentication, leave empty for anonymous authentication"
)
parser.add_argument(
"-p",
"--password",
type=str,
metavar='PASSWORD',
help="Password or LM:NTLM hash, will prompt if not specified")
parser.add_argument(
"-at",
"--authtype",
type=str,
choices=['NTLM', 'SIMPLE'],
default='NTLM',
help="Authentication type (NTLM or SIMPLE, default: NTLM)")
#Output parameters
outputgroup = parser.add_argument_group("Output options")
outputgroup.add_argument(
"-o",
"--outdir",
type=str,
metavar='DIRECTORY',
help="Directory in which the dump will be saved (default: current)")
outputgroup.add_argument("--no-html",
action='store_true',
help="Disable HTML output")
outputgroup.add_argument("--no-json",
action='store_true',
help="Disable JSON output")
outputgroup.add_argument("--no-grep",
action='store_true',
help="Disable Greppable output")
outputgroup.add_argument(
"--grouped-json",
action='store_true',
default=False,
help="Also write json files for grouped files (default: disabled)")
outputgroup.add_argument(
"-d",
"--delimiter",
help="Field delimiter for greppable output (default: tab)")
#Additional options
miscgroup = parser.add_argument_group("Misc options")
miscgroup.add_argument(
"-r",
"--resolve",
action='store_true',
help=
"Resolve computer hostnames (might take a while and cause high traffic on large networks)"
)
miscgroup.add_argument(
"-n",
"--dns-server",
help=
"Use custom DNS resolver instead of system DNS (try a domain controller IP)"
)
args = parser.parse_args()
#Create default config
cnf = domainDumpConfig()
#Dns lookups?
if args.resolve:
cnf.lookuphostnames = True
#Custom dns server?
if args.dns_server is not None:
cnf.dnsserver = args.dns_server
#Custom separator?
if args.delimiter is not None:
cnf.grepsplitchar = args.delimiter
#Disable html?
if args.no_html:
cnf.outputhtml = False
#Disable json?
if args.no_json:
cnf.outputjson = False
#Disable grep?
if args.no_grep:
cnf.outputgrep = False
#Custom outdir?
if args.outdir is not None:
cnf.basepath = args.outdir
#Do we really need grouped json files?
cnf.groupedjson = args.grouped_json
#Prompt for password if not set
authentication = None
if args.user is not None:
if args.authtype == 'SIMPLE':
authentication = 'SIMPLE'
else:
authentication = NTLM
if not '\\' in args.user:
log_warn('Username must include a domain, use: DOMAIN\\username')
sys.exit(1)
if args.password is None:
args.password = getpass.getpass()
else:
log_info(
'Connecting as anonymous user, dumping will probably fail. Consider specifying a username/password to login with'
)
# define the server and the connection
s = Server(args.host, get_info=ALL)
log_info('Connecting to host...')
c = Connection(s,
user=args.user,
password=args.password,
authentication=authentication)
log_info('Binding to host')
# perform the Bind operation
if not c.bind():
log_warn('Could not bind with specified credentials')
log_warn(c.result)
sys.exit(1)
log_success('Bind OK')
log_info('Starting domain dump')
#Create domaindumper object
dd = domainDumper(s, c, cnf)
#Do the actual dumping
dd.domainDump()
log_success('Domain dump finished')
from ldap3 import Server, Connection, ALL
from peewee import *
from api.everything import *
cfg = load_config('api/config.yaml')
# skt = load_config('api/secret_config.yaml')
theStaticDB = SqliteDatabase(cfg['databases']['static'])
theStaticDB.drop_table(LDAPFaculty)
server = Server('berea.edu', port=389, use_ssl=False, get_info='ALL')
# conn = Connection (server, user=skt['ldap']['user'], password=skt['ldap']['pass'])
conn = Connection(server, user="******", password="******")
if not conn.bind():
print('error in bind', conn.result)
# search_base and search_filter are the parameters
conn.search('dc=berea,dc=edu',
'(description=Faculty)',
attributes=['samaccountname', 'givenname', 'sn', 'employeeid'])
print("Found {0} faculty.".format(len(conn.entries)))
# print (conn.entries[0])
def safe(d, k):
result = ""
try:
if k in d:
print("Result: ", d[k])
def get_ldap_server(host="", port=389):
return Server(host, port=port, use_ssl=True)
def chat_server():
server_socket.bind((HOST, PORT))
server_socket.listen(10)
# add server socket object to the list of readable connections
SOCKET_LIST.append(server_socket)
print("Chat server started on port " + str(PORT))
while 1:
# get the list sockets which are ready to be read through select
ready_to_read, ready_to_write, in_error = select.select(
SOCKET_LIST, [], [], 0)
for sock in ready_to_read:
# a new connection request recieved
if sock == server_socket:
sockfd, addr = server_socket.accept()
SOCKET_LIST.append(sockfd)
print("Client (%s, %s) connected" % addr)
else:
# process data recieved from client,
# try:
# receiving data from the socket.
data = sock.recv(RECV_BUFFER)
c.execute(
"SELECT * FROM userlist ORDER BY strftime('%Y-%m-%d %H:%M:%S',lastseen) DESC"
)
query = c.fetchall()
# print(query)
if data:
addr = sock.getpeername()
data = data.decode()
data = json.loads(
data) #After this line data is a json object with
# the attribute username containing the list of receivers of the message(this is also an attribute)
# print(data,"dfs")
c.execute(
"SELECT username FROM userlist WHERE socketnumber = ?",
(sock.fileno(), ))
query = c.fetchall()
if len(query) is not 0:
user = query[0][0]
if data['action'] == "authentication":
s = Server(
"10.129.3.114", get_info=ALL
) # define an unsecure LDAP server, requesting info on DSE and schema
name1 = data['username']
dnName = "cn=" + name1 + ",dc=cs252lab,dc=cse,dc=iitb,dc=ac,dc=in"
try:
con = Connection(s,
dnName,
data['password'],
auto_bind=True)
con.bind()
msg = 'Authenticated'
sock.send(msg.encode())
#check if the user is there in the database
c.execute(
"SELECT rowid FROM userlist WHERE username = ?",
(data['username'], ))
query = c.fetchall()
# print(query)
if len(query) is 0:
# If user is not there in the database enter it
c.execute(
"INSERT INTO userlist VALUES (?,?,1,?)",
(data['username'], datetime.datetime.now(),
sock.fileno()))
else:
# else update the online status
c.execute(
'''UPDATE userlist SET online = ?, lastseen =?, socketnumber =? WHERE username = ? ''',
(1, datetime.datetime.now(), sock.fileno(),
data['username']))
except:
# print ("Your username or password is incorrect.")
msg = 'error'
sock.send(msg.encode())
# print('failed')
if data['action'] == 'exit':
c.execute(
'''UPDATE userlist SET online = ?, lastseen =?, socketnumber =? WHERE username = ? ''',
(0, datetime.datetime.now(), None,
data['username']))
print("Exit")
msg = "Done"
sock.send(msg.encode())
if data['action'] == 'main screen':
#Shows the messages received by the user when he was offline and info about how to get help
# print('main screen')
msg = 'Type <--help--> for help\n'
sock.send(msg.encode())
# Get the messages which were not seen by the user
c.execute(
"SELECT * FROM messagelist WHERE username = ? and seen=? ORDER BY strftime('%Y-%m-%d %H:%M:%S',sentTime) ASC",
(user, 0))
query = c.fetchall()
msg = ''
# if there are some messages then concatenate them
if len(query) != 0:
msg = msg + 'Your Previous messages are - \n'
#for each message convert it into proper format
for i in query:
time = i[4]
time_object = datetime.datetime.strptime(
i[4], "%Y-%m-%d %H:%M:%S.%f")
if time_object.strftime(
"%m %d") == datetime.datetime.now(
).strftime("%m %d"):
time = time_object.strftime("%H:%M:%S")
else:
time = time_object.strftime("%m %d")
if i[3] == '':
msg = msg + '[M] - [' + i[
2] + '] - ' + time + '\n'
else:
msg = msg + '[M] - [' + i[3] + '] - [' + i[
2] + '] - ' + time + '\n'
msg = msg + i[5]
sock.send(msg.encode())
#update the seen status of the messages
c.execute("UPDATE messagelist SET seen=? WHERE seen=?",
(1, 0))
conn.commit()
if data['action'] == 'send to users':
# print('send to users')
sendusers(user, data['users'], data['message'])
if data['action'] == 'send to groups':
print('send to groups')
sendgroups(user, data['groups'], data['message'])
if data['action'] == 'leave group':
print('leave group')
# Leave the group
msg = ''
for g in data['groups']:
# This contains the name of all the groups which the user wants to leave
# Get the group Id of all the groups which the user wants to leave
c.execute(
"SELECT rowid FROM grouplist WHERE groupname = ?",
(g, ))
q = c.fetchall()
query = []
for j in q:
query.append(j[0])
# print("query ",query)
# Check if the user is a part of those groups
user_group_list = []
for i in query:
c.execute(
"SELECT rowid FROM group_user WHERE user_id=? and group_id = ?",
(user, i))
rowid = c.fetchall()
if len(rowid) != 0:
user_group_list.append(i)
if len(user_group_list) == 0:
msg = msg + 'The user does not belong to group ' + g + '\n'
elif len(user_group_list) == 1:
c.execute(
"DELETE FROM group_user WHERE user_id = ? and group_id= ?",
(user, user_group_list[0]))
else:
msg = msg + 'There are more than one ocurrance of ' + g + ' Choose an appropriate \n'
sock.send(msg.encode())
if data['action'] == 'add users to group':
c.execute(
"SELECT rowid FROM grouplist WHERE groupname = ?",
(data['group'], ))
#Get the group id of the group
q = c.fetchall()
# Check if the group exists
if (len(q) == 0):
msg = "Invalid Group"
sock.send(msg.encode())
else:
query = []
## Add the group id to the list query
for j in q:
query.append(j[0])
#For checking if the user if a part of this group
user_group_list = []
for i in query:
#If the user is a part of that group only then append it to user_group_list
c.execute(
"SELECT rowid FROM group_user WHERE user_id=? and group_id = ?",
(user, i))
rowid = c.fetchall()
if len(rowid) != 0:
user_group_list.append(i)
if len(user_group_list) == 1:
# Send this message to the users added
msg = 'You were added to the group ' + data[
'group'] + ' by ' + user + '\n'
for i in data['users']:
# Get the socket number of all the added users
c.execute(
"SELECT socketnumber FROM userlist WHERE username = ?",
(i, ))
sockno = c.fetchall()
is_online = 0
s = ''
# check if they are online
for socket in SOCKET_LIST:
if sockno[0][0] == socket.fileno():
s = socket
is_online = 1
break
if is_online == 1:
#If is online make the seen field one otherwise 0 and send the message to the added user
c.execute(
"INSERT INTO messagelist VALUES (?,?,?,?,?,?)",
(i, 1, user, data['group'],
datetime.datetime.now(), msg))
s.send(msg.encode())
c.execute(
"INSERT INTO group_user VALUES (?,?,?)",
(i, user_group_list[0], 0))
else:
#Add this to the message list
c.execute(
"INSERT INTO messagelist VALUES (?,?,?,?,?,?)",
(i, 0, user, data['group'],
datetime.datetime.now(), msg))
c.execute(
"INSERT INTO group_user VALUES (?,?,?)",
(i, user_group_list[0], 1))
# send this message to the user who sent this command
msg = 'Added users to groups :\n'
for groups in user_group_list:
c.execute(
"SELECT groupname FROM grouplist WHERE rowid = ?",
(groups, ))
name = c.fetchall()
msg += name[0][0] + " "
msg += '\n'
sock.send(msg.encode())
if data['action'] == 'create group':
# print('create group')
for i in data['groups']:
# Insert the group name into the database
c.execute("INSERT INTO grouplist VALUES (?)",
(i, ))
# q=c.lastrowid
# print("rowid of inserted",q)
#Insert the user into the members of the group
c.execute("INSERT INTO group_user VALUES (?,?,?)",
(user, q, 0))
# send message to the user who sent this command
msg = 'Group created successfully\n'
sock.send(msg.encode())
if data['action'] == 'show messages group':
# sends the number of messages requested from the group
c.execute(
"SELECT * FROM messagelist WHERE username = ? and sentByGroup=? ORDER BY strftime('%Y-%m-%d %H:%M:%S',sentTime) DESC",
(user, data['group']))
query = c.fetchall()
msg = ''
# Check if there are any messages in the group
if len(query) != 0:
msg = msg + 'Previous messages in group ' + data[
'group'] + ' are - \n'
else:
msg = msg + 'There are no messages to show\n'
for i in range(int(data['number'])):
# When number of messages demanded becomes greater than the number of messages available
if i > len(query) - 1:
break
# Get the time stamp of the messages
time = query[i][4]
time_object = datetime.datetime.strptime(
query[i][4], "%Y-%m-%d %H:%M:%S.%f")
#Convert into proper format the time stamp
if time_object.strftime(
"%m %d") == datetime.datetime.now(
).strftime("%m %d"):
time = time_object.strftime("%H:%M:%S")
else:
time = time_object.strftime("%m %d")
if query[i][3] == '':
# If the message does not belong to a group
msg = msg + '[M] - [' + query[i][
2] + '] - ' + time + '\n'
else:
# Else the message belongs to a group
msg = msg + '[M] - [' + query[i][
3] + '] - [' + query[i][
2] + '] - ' + time + '\n'
msg = msg + query[i][5]
sock.send(msg.encode())
if data['action'] == 'show messages user':
# similar to show messages group
# Just shows the number of messages demanded which are sent by a specific user
c.execute(
"SELECT * FROM messagelist WHERE username = ? and sentByUser=? ORDER BY strftime('%Y-%m-%d %H:%M:%S',sentTime) DESC",
(user, data['user']))
query = c.fetchall()
msg = ''
if len(query) != 0:
msg = msg + 'Previous messages by user ' + data[
'user'] + ' are - \n'
else:
msg = msg + 'There are no messages to show\n'
for i in range(int(data['number'])):
if i > len(query) - 1:
break
time = query[i][4]
time_object = datetime.datetime.strptime(
query[i][4], "%Y-%m-%d %H:%M:%S.%f")
if time_object.strftime(
"%m %d") == datetime.datetime.now(
).strftime("%m %d"):
time = time_object.strftime("%H:%M:%S")
else:
time = time_object.strftime("%m %d")
if query[i][3] == '':
msg = msg + '[M] - [' + query[i][
2] + '] - ' + time + '\n'
else:
msg = msg + '[M] - [' + query[i][
3] + '] - [' + query[i][
2] + '] - ' + time + '\n'
msg = msg + query[i][5]
sock.send(msg.encode())
if data['action'] == 'show-all-users':
# Sends the online status of all the users
c.execute("SELECT * from userlist")
query = c.fetchall()
msg = ""
# If there are no users in the database
if len(query) == 0:
msg = "There are no users to stalk\n"
else:
msg = "The following users are/were active on the chat client\n"
for i in range(len(query)):
if query[i][0] != data['username']:
if query[i][2] == 1:
msg = msg + query[i][
0] + " is now online\n"
else:
time_object = datetime.datetime.strptime(
query[i][1],
"%Y-%m-%d %H:%M:%S.%f")
if time_object.strftime(
"%m %d"
) == datetime.datetime.now().strftime(
"%m %d"):
time = time_object.strftime(
"%H:%M:%S")
else:
time = time_object.strftime(
"%m %d")
msg = msg + query[i][
0] + " was online at " + time + "\n"
sock.send(msg.encode())
if data['action'] == 'show-all-groups':
# sends info about all the groups that user is a part of
c.execute(
"SELECT group_id from group_user WHERE user_id = ?",
(data['username'], ))
query = c.fetchall()
msg = ""
# check if the user is a part of any group
if len(query) == 0:
msg = "You are not a part of any group\n"
else:
for i in range(len(query)):
c.execute(
"SELECT user_id from group_user WHERE group_id = ?",
(query[i][0], ))
# Get all the users of the group
query1 = c.fetchall()
c.execute(
"SELECT groupname from grouplist WHERE rowid = ?",
(query[i][0], ))
# Get all the group names
query2 = c.fetchall()
if len(query1) == 1:
msg = msg + "Only you are part of the group " + query2[
0][0] + "\n"
else:
msg = msg + "The following members are part of the group " + query2[
0][0] + "\n"
for j in range(len(query1)):
if query1[j][0] != data['username']:
msg = msg + query1[j][0] + "\n"
sock.send(msg.encode())
if data['action'] == 'show-specific-groups':
# Get the group name requested
c.execute(
"SELECT rowid from grouplist WHERE groupname = ?",
(data['group_name'][0], ))
query = c.fetchall()
msg = ""
# check if the user is a part of the group
if len(query) == 0:
msg = "You are not a part of this group\n"
elif len(query) >= 2:
# If there are requests for mutiple groups
# Concatenate the group ids of the group in the message
msg = "You are part of the following groups:\n"
msg = msg + "Select the group id you wish to see with the command <--show-specific-group_id--> group_id\n"
for i in range(len(query)):
c.execute(
"SELECT user_id from group_user WHERE group_id = ?",
(query[i][0], ))
query1 = c.fetchall()
msg = msg + "Group id: " + str(
query[i]
[0]) + " and Number of users: " + str(
len(query1)) + "\n"
else:
# For single group send the online status
c.execute(
"SELECT user_id from group_user WHERE group_id = ?",
(query[0][0], ))
query1 = c.fetchall()
count = 0
for i in range(len(query1)):
c.execute(
"SELECT online from userlist WHERE username = ?",
(query1[i][0], ))
query2 = c.fetchall()
if query2[0][0] == 1:
count += 1
msg = "There are " + str(
count) + " users online now\n"
sock.send(msg.encode())
if data['action'] == 'show-specific-group_id':
# Sends the number of users online in the group now
c.execute(
"SELECT user_id from group_user WHERE group_id = ?",
(data['group_id'][0], ))
# get all the users in the group
query1 = c.fetchall()
count = 0
for i in range(len(query1)):
if query1[i][0] != data['username']:
c.execute(
"SELECT online from userlist WHERE username = ?",
(query1[i][0], ))
query2 = c.fetchall()
# for each user check if he is online
if query2[0][0] == 1:
count += 1
if count > 0:
msg = "There are " + str(
count) + " users online now\n"
else:
msg = "Only you are online now\n"
sock.send(msg.encode())
if data['action'] == 'block-users':
# Prevents the users from sending the message to the user who request this
for i in data['users']:
# add entry to the database
c.execute(
"SELECT * FROM blocklist WHERE blockingusername = ? and blockedusername=?",
(user, i))
query = c.fetchall()
# check if already blocked
if len(query) != 0:
continue
else:
c.execute("INSERT INTO blocklist VALUES (?,?)",
(user, i))
conn.commit()
if data['action'] == 'unblock-users':
for i in data['users']:
c.execute(
"SELECT * FROM blocklist WHERE blockingusername = ? and blockedusername=?",
(user, i))
query = c.fetchall()
if len(query) == 0:
continue
else:
c.execute(
"DELETE FROM blocklist WHERE blockingusername = ? and blockedusername= ?",
(user, i))
conn.commit()
conn.commit()
else:
# remove the socket that's broken
c.execute(
'''UPDATE userlist SET online = ?,lastseen=?, socketnumber =? WHERE socketnumber = ? ''',
(0, datetime.datetime.now(), 0, sock.fileno()))
if sock in SOCKET_LIST:
SOCKET_LIST.remove(sock)
conn.commit()
server_socket.close()
from ldap3 import Server, Connection, ALL_ATTRIBUTES, SCHEMA, SUBTREE, AUTO_BIND_NO_TLS, set_config_parameter
import argparse
import ssl
import time
import csv
import calendar
parser = argparse.ArgumentParser()
parser.add_argument("servername", type=str, help=" -> serverldap")
parser.add_argument("username", type=str, help=" -> username")
parser.add_argument("password", type=str, help=" -> password")
parser.add_argument("dnbase", type=str, help=" -> dnbase")
# Accept Self-Sign Certificates
# ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
server = Server('10.2.1.91', port=389, use_ssl=False, get_info=ALL_ATTRIBUTES)
#server = Server('10.4.1.47' ,port=389, use_ssl=False, get_info=ALL_ATTRIBUTES)
set_config_parameter('DEFAULT_CLIENT_ENCODING', 'utf8')
#BaseAD = "ou=Utilisateurs,dc=adchpg,dc=chpg,dc=mc"
BaseeDir = "O=cr"
Scope = 'SUBTREE'
#FilterAD = "(&(objectClass=person)(!(objectClass=computer)))"
FiltereDir = "(&(objectClass=group))"
#AttrsAD = ['samAccountName','cn', 'pwdLastSet','UserAccountControl','lastlogontimestamp']
AttrseDir = ['cn', 'uid', 'sn', 'givenName', 'fullName', 'LastLoginTime']
#conn = Connection(server, 'cn=Netonline,ou=Externes,ou=Utilisateurs,dc=adchpg,dc=chpg,dc=mc', 'Netonline@26', auto_bind=True)
#conn.search(search_base=BaseAD, search_filter=FilterAD, search_scope=Scope, attributes=AttrsAD )
conn = Connection(server, 'cn=admin,o=cr', 'zeus', auto_bind=True)
conn.search(search_base=BaseeDir,
search_filter=FiltereDir,
search_scope=Scope,
# -*- coding: utf-8 -*-
# @Time : 2019/1/3 18:58
# @Author :
# ad属性 安全权限相关
from ldap3 import Connection, Server, ALL, MODIFY_REPLACE
from ldap3.protocol.microsoft import security_descriptor_control
from apps.securitytab import ldaptypes
from apps.securitytab.uuids import string_to_bin
ldap3RESTARTABLE = Connection(server=Server('', get_info=ALL, use_ssl=False),
user='******',
password='',
auto_bind=True)
def test():
try:
# Set SD flags to only query for DACL设置SD标志仅查询DACL
controls = security_descriptor_control(sdflags=0x04)
ldap3RESTARTABLE.search(
'DC=,DC=com',
'(&(objectClass=user)(SAMAccountName=sdfsd112))',
attributes=['SAMAccountName', 'nTSecurityDescriptor', 'objectSid'],
controls=controls)
entry = ldap3RESTARTABLE.entries[0]
usersid = entry['objectSid'].value
print(usersid)
secDescData = entry['nTSecurityDescriptor'].raw_values[0] # 默认权限
secDesc = ldaptypes.SR_SECURITY_DESCRIPTOR(data=secDescData)
everyone = create_every_ace()
def ldap_get_all_users_spn(AttackParameters, port):
# build DN
DN = "DC=" + ",DC=".join(AttackParameters.realm.split('.'))
# Kerberos authentication
if AttackParameters.auth_gssapi:
WRITE_STDOUT(G + "\nConnecting to " + B + '\'' + AttackParameters.DC_addr \
+ '\'' + W + G + " using ldap protocol and"\
+ " Kerberos authentication!\n" + W)
WRITE_STDOUT(' [+] Creating ticket ccache file %r...' % ccache_file)
cc = CCache((AttackParameters.realm, AttackParameters.user_account))
tgt_cred = kdc_rep2ccache(AttackParameters.as_data["as_rep"],
AttackParameters.as_data["as_rep_enc"])
cc.add_credential(tgt_cred)
cc.save(ccache_file)
WRITE_STDOUT(' Done!\n')
WRITE_STDOUT(' [+] Initiating ldap connection using ticket...')
server = ldap3.Server(AttackParameters.DC_addr)
c = ldap3.Connection(server,
authentication=ldap3.SASL,
sasl_mechanism='GSSAPI')
WRITE_STDOUT(' Done!\n')
# NTLM authentication
else:
WRITE_STDOUT(G + "Connecting to " + B + '\'' + AttackParameters.DC_addr + '\'' + W +\
G + " using ldap protocol and NTLM authentication!\n" + W)
s = Server(AttackParameters.DC_addr, port=389, get_info=ALL)
c = Connection(s,
auto_bind=False,
client_strategy=SYNC,
user=AttackParameters.realm + "\\" +
AttackParameters.user_account,
password=AttackParameters.password,
authentication=NTLM,
check_names=True)
# Now we should be connected to the DC through LDAP
try:
c.open()
except ldap3.core.exceptions.LDAPSocketOpenError as e:
WRITE_STDOUT(R + "ldap connection error: %s\n" % e + W)
sys.exit(1)
try:
r = c.bind()
except:
WRITE_STDOUT(R + "Cannot connect to ldap, exiting.\n" + W)
sys.exit(1)
# Query to find all accounts having a servicePrincipalName
attributes_to_retrieve = [x.lower() for x in ATTRIBUTES_TO_RETRIEVE]
c.search(DN,
LDAP_QUERY,
search_scope='SUBTREE',
attributes=attributes_to_retrieve)
if not c.response:
WRITE_STDOUT(R + "Cannot find any SPN, wrong user/credentials?\n" + W)
sys.exit(1)
WRITE_STDOUT(' [+] Retrieving all SPN and corresponding accounts...')
# construct path to SPN_outfile to store LDAP response
if AttackParameters.outputfile_path != None:
outputfile_spn = ""
dirname = os.path.dirname(AttackParameters.outputfile_path)
# current dir
if dirname == '':
dirname = './'
else:
dirname = dirname + '/'
filename = os.path.basename(AttackParameters.outputfile_path)
filename = 'SPN_' + filename
outputfile_spn = open(dirname + filename, 'w')
# iterate through results to construc dico[{'attribute':'value'},{}, etc.] for each "{}" account
dico_users_spn = []
for matching_object in c.response:
if matching_object.has_key('attributes'):
dico_account = {}
for attribute, value in matching_object['attributes'].items():
# delimiter of SPN is ';' in AD but ',' using ldap3 structures
if attribute.lower(
) == "serviceprincipalname" and len(attribute) > 1:
# only need one SPN for the attack
value = value[0]
if attribute.lower() in attributes_to_retrieve:
if type(value) is int:
dico_account[attribute.encode("utf8").lower()] = str(
value)
else:
value = "".join(value).encode("utf8")
dico_account[attribute.encode(
"utf8").lower()] = value.lower()
dico_users_spn.append(dico_account)
# Disconnecting from DC
WRITE_STDOUT(' Done!\n')
c.unbind()
WRITE_STDOUT(G + "Successfully disconnected from "+ B + '\''\
+ AttackParameters.DC_addr + '\'\n' + W)
# write to SPN_outputfile
if AttackParameters.outputfile_path != None:
for accounts in dico_users_spn:
line_to_write = accounts['samaccountname']+'$'\
+accounts['serviceprincipalname']
if accounts.has_key('memberof'):
line_to_write = line_to_write + '$' + accounts['memberof']
if accounts.has_key('primarygroupid'):
line_to_write = line_to_write + '$primaryGroupID:'\
+ accounts['primarygroupid']
outputfile_spn.write(line_to_write + '\n')
outputfile_spn.close()
return dico_users_spn
def login(username: str, password: str) -> tuple:
"""
Connect to LDAP server, perform a search and attempt a bind.
Can raise `exc.LDAPConnectionError` exceptions if the
connection to LDAP fails.
Can raise `exc.LDAPUserLoginError` exceptions if the
login to LDAP fails.
:returns: tuple (username, email, full_name)
"""
tls = None
if TLS_CERTS:
tls = TLS_CERTS
# connect to the LDAP server
if SERVER.lower().startswith("ldaps://"):
use_ssl = True
else:
use_ssl = False
try:
server = Server(SERVER, port=PORT, get_info=NONE,
use_ssl=use_ssl, tls=tls)
except Exception as e:
error = "Error connecting to LDAP server: %s" % e
raise LDAPConnectionError({"error_message": error})
# authenticate as service if credentials provided, anonymously otherwise
if BIND_DN is not None and BIND_DN != '':
service_user = BIND_DN
service_pass = BIND_PASSWORD
service_auth = SIMPLE
else:
service_user = None
service_pass = None
service_auth = ANONYMOUS
auto_bind = AUTO_BIND_NO_TLS
if START_TLS:
auto_bind = AUTO_BIND_TLS_BEFORE_BIND
try:
c = Connection(server, auto_bind=auto_bind, client_strategy=SYNC, check_names=True,
user=service_user, password=service_pass, authentication=service_auth)
except Exception as e:
error = "Error connecting to LDAP server: %s" % e
raise LDAPConnectionError({"error_message": error})
# search for user-provided login
search_filter = '(|(%s=%s)(%s=%s))' % (
USERNAME_ATTRIBUTE, username, EMAIL_ATTRIBUTE, username)
if SEARCH_FILTER_ADDITIONAL:
search_filter = '(&%s%s)' % (search_filter, SEARCH_FILTER_ADDITIONAL)
try:
c.search(search_base=SEARCH_BASE,
search_filter=search_filter,
search_scope=SUBTREE,
attributes=[USERNAME_ATTRIBUTE,
EMAIL_ATTRIBUTE, FULL_NAME_ATTRIBUTE],
paged_size=5)
except Exception as e:
error = "LDAP login incorrect: %s" % e
raise LDAPUserLoginError({"error_message": error})
# we are only interested in user objects in the response
c.response = [r for r in c.response if 'raw_attributes' in r and 'dn' in r]
# stop if no search results
if not c.response:
raise LDAPUserLoginError({"error_message": "LDAP login not found"})
# handle multiple matches
if len(c.response) > 1:
raise LDAPUserLoginError(
{"error_message": "LDAP login could not be determined."})
# handle missing mandatory attributes
raw_attributes = c.response[0].get('raw_attributes')
#if raw_attributes.get(USERNAME_ATTRIBUTE) or raw_attributes.get(EMAIL_ATTRIBUTE) or raw_attributes.get(FULL_NAME_ATTRIBUTE):
# raise LDAPUserLoginError({"error_message": "LDAP login is invalid."})
# attempt LDAP bind
username = raw_attributes.get(USERNAME_ATTRIBUTE)[0].decode('utf-8')
email = raw_attributes.get(EMAIL_ATTRIBUTE)[0].decode('utf-8')
full_name = raw_attributes.get(FULL_NAME_ATTRIBUTE)[0].decode('utf-8')
try:
dn = str(bytes(c.response[0].get('dn'), 'utf-8'), encoding='utf-8')
Connection(server, auto_bind=auto_bind, client_strategy=SYNC,
check_names=True, authentication=SIMPLE,
user=dn, password=password)
except Exception as e:
error = "LDAP bind failed: %s" % e
raise LDAPUserLoginError({"error_message": error})
# LDAP binding successful, but some values might have changed, or
# this is the user's first login, so return them
return (username, email, full_name)
Move the outputs of the script to the fixtures directory to run them with the newuser test suite.
https://ldap3.readthedocs.io/mocking.html#a-complete-example
"""
import json
from ldap3 import Server, Connection, ALL, ALL_ATTRIBUTES, MOCK_SYNC
INFO_OUTPUT = "csua_ldap_info.json"
SCHEMA_OUTPUT = "csua_ldap_schema.json"
ENTRIES_OUTPUT = "csua_ldap_entries.json"
if __name__ == "__main__":
REAL_SERVER = "ldaps://ldap.csua.berkeley.edu"
# Retrieve server info and schema from a real server
server = Server(REAL_SERVER, get_info=ALL)
connection = Connection(server, auto_bind=True)
# Store server info and schema to json files
server.info.to_file(INFO_OUTPUT)
server.schema.to_file(SCHEMA_OUTPUT)
# Read entries from a portion of the DIT from real server and store them in a json file
if connection.search("dc=csua,dc=berkeley,dc=edu",
"(objectclass=*)",
attributes=ALL_ATTRIBUTES):
raw_entries = connection.response_to_json(raw=True)
entries = json.loads(raw_entries)
filtered_entries = {
"entries": [
i for i in entries["entries"]
from config import db
from blueprints.users import users
from ldap3.utils.hashed import hashed
from blueprints.bluedocker import bdocker
from ldap3 import Server, Connection, HASHED_MD5
from flask import Flask, render_template, flash, redirect, request, jsonify, session
app = Flask(__name__)
app.register_blueprint(users)
app.register_blueprint(bdocker)
app.secret_key = 'flask-app'
server = Server('ldap://127.0.0.1:389')
DN = 'cn=admin,dc=dexter,dc=com,dc=br'
@app.route('/')
def index():
if 'auth' in session:
return redirect('/users')
return render_template('index.html')
@app.route('/login', methods=['POST'])
def login():
data = request.form
dn = 'mail={0},dc=dexter,dc=com,dc=br'.format(data['email'])
ldap = Connection(server, dn, data['senha'])
if ldap.bind():
session['auth'] = True
return redirect('/users')
def init_ldap_client(self):
self.ldap_client = Server(self.settings["ldap"]["server"],
get_info=ALL)
get_deleted_user_entries,
get_role_id_from_cn,
get_role,
get_role_admins,
get_role_members,
get_role_owners,
get_user_in_db_by_email,
get_user_mapping_entry,
get_user_metadata_entry,
get_user_next_id,
get_pack_owners_by_user,
is_user_in_db,
is_group_in_db,
)
SERVER = Server("my_fake_server", get_info=OFFLINE_AD_2012_R2)
# ------------------------------------------------------------------------------
# <==== BEGIN TEST PARAMETERS =================================================>
# ------------------------------------------------------------------------------
TEST_USERS = [
{
"common_name": "User0",
"name": "Zeroth User",
"given_name": "Zeroth"
},
{
"common_name": "User1",
"name": "First User",
"given_name": "First"
# -*- coding:utf-8 -*-
from ldap3 import Server, Connection
server = Server(host='ldap://10.211.254.49', port=10389)
conn = Connection(server,
user='******',
password='******',
auto_bind=True,
read_only=True,
auto_referrals=False)
# Setting ldap.OPT_REFERRALS to 0 tells the server not to "chase" referrals, i.e. not to resolve them
print(server.info)
# bind
# dn = "uid=admin,ou=system"
# pw = "secret"
# conn = ldap.initialize("ldap://10.211.254.49:10389")
# conn.simple_bind_s(dn, pw)
#
# conn.set_option(ldap.OPT_REFERRALS, 0)
# conn.protocol_version = ldap.VERSION3
#
# for entry in conn.search_s(
# 'uid=liuyangc3,ou=developer,dc=nxin,dc=com',
# scope=ldap.SCOPE_SUBTREE):
# print(entry)
def __init__(self, plugin):
self.server = Server(plugin.host,
port=plugin.port,
use_ssl=plugin.use_ssl)
self.bind_dn = plugin.bind_dn
self.password = plugin.bind_password
def users_dosync(request):
""" Выполнение синхронизации с LDAP """
from ldap3 import Server, Connection, SIMPLE, SYNC, ALL_ATTRIBUTES, SUBTREE, ALL
from laboratory import settings
result = {}
s = Server(settings.LDAP["server"]["host"],
port=settings.LDAP["server"]["port"],
get_info=ALL)
c = Connection(s,
auto_bind=True,
user=settings.LDAP["server"]["user"],
password=settings.LDAP["server"]["password"],
client_strategy=SYNC,
authentication=SIMPLE,
check_names=True)
result_t = ""
groups = {}
c.search(search_base=settings.LDAP["base"],
search_filter='(&(objectClass=person))',
search_scope=SUBTREE,
attributes=ALL_ATTRIBUTES,
get_operational_attributes=True)
resp = json.loads(c.response_to_json())
i = 0
for ldap_user in resp["entries"]:
if "uidNumber" not in ldap_user["attributes"].keys() or "uid" not in ldap_user[
"attributes"].keys() or "userPassword" not in ldap_user["attributes"].keys() or "displayName" not in \
ldap_user["attributes"].keys():
continue
if Podrazdeleniya.objects.filter(
gid_n=int(ldap_user["attributes"]["gidNumber"])).exists():
pod = Podrazdeleniya.objects.get(
gid_n=int(ldap_user["attributes"]["gidNumber"]))
pod.title = ldap_user["attributes"]["ou"][0]
pod.save()
else:
pod = Podrazdeleniya(title=ldap_user["attributes"]["ou"][0],
gid_n=int(
ldap_user["attributes"]["gidNumber"]))
pod.save()
i += 1
active = False
if ldap_user["attributes"]["accountStatus"] == "active":
active = True
dn = ldap_user["attributes"]["displayName"]
username = ldap_user["attributes"]["uid"][0]
password = ldap_user["attributes"]["userPassword"][0]
if not User.objects.filter(username=username).exists(
): # Проверка существования пользователя
user = User.objects.create_user(username) # Создание пользователя
user.set_password(password) # Установка пароля
user.is_active = active
user.save() # Сохранение пользователя
profile = DoctorProfile.objects.create() # Создание профиля
profile.user = user # Привязка профиля к пользователю
profile.podrazileniye = pod
profile.labtype = 0
if "врач" in emp or "зав" in emp:
profile.labtype = 1
elif "лаб" in emp or "лаборант" in emp:
profile.labtype = 2
else:
user = User.objects.get(username=username)
user.set_password(password)
user.is_active = active
user.save()
profile = DoctorProfile.objects.get(user=user)
emp = ldap_user["attributes"]["employeeType"][0].lower()
profile.isLDAP_user = True
profile.fio = dn
profile.save()
c.unbind()
return HttpResponse(json.dumps(groups), content_type="application/json")
def authenticate(self,
request,
username=None,
password=None,
**keyword_arguments):
# Check for remote user in extra arguments if no username and password.
# In case of basic authentication
if not username or not password:
if 'remote_user' in keyword_arguments:
credentials = base_64_decode_basic_auth(
keyword_arguments['remote_user'])
if credentials:
username, password = credentials[0], credentials[1]
else:
return None
else:
return None
user = check_user_exists_and_active(self, username)
is_authenticated_with_ldap = False
errors = []
for server in settings.LDAP_SERVERS:
try:
port = server.get('port', 636)
use_ssl = server.get('use_ssl', True)
bind_as_authentication = server.get('bind_as_authentication',
True)
domain = server.get('domain')
t = Tls(validate=CERT_REQUIRED,
version=PROTOCOL_TLSv1_2,
ca_certs_file=server.get('certificate'))
s = Server(server['url'], port=port, use_ssl=use_ssl, tls=t)
auto_bind = AUTO_BIND_TLS_BEFORE_BIND if use_ssl else AUTO_BIND_NO_TLS
ldap_bind_user = f"{domain}\\{username}" if domain else username
if not bind_as_authentication:
# binding to LDAP first, then search for user
bind_username = server.get('bind_username', None)
bind_username = f"{domain}\\{bind_username}" if domain and bind_username else bind_username
bind_password = server.get('bind_password', None)
authentication = SIMPLE if bind_username and bind_password else ANONYMOUS
c = Connection(s,
user=bind_username,
password=bind_password,
auto_bind=auto_bind,
authentication=authentication,
raise_exceptions=True)
search_username_field = server.get('search_username_field',
'uid')
search_attribute = server.get('search_attribute', 'cn')
search = c.search(server['base_dn'],
f"({search_username_field}={username})",
attributes=[search_attribute])
if not search or search_attribute not in c.response[0].get(
'attributes', []):
# no results, unbind and continue to next server
c.unbind()
errors.append(
f"User {username} attempted to authenticate with LDAP ({server['url']}), but the search with dn:{server['base_dn']}, username_field:{search_username_field} and attribute:{search_attribute} did not return any results. The user was denied access"
)
continue
else:
# we got results, get the dn that will be used for binding authentication
response = c.response[0]
ldap_bind_user = response['dn']
c.unbind()
# let's proceed with binding using the user trying to authenticate
c = Connection(s,
user=ldap_bind_user,
password=password,
auto_bind=auto_bind,
authentication=SIMPLE,
raise_exceptions=True)
c.unbind()
# At this point the user successfully authenticated to at least one LDAP server.
is_authenticated_with_ldap = True
auth_logger.debug(
f"User {username} was successfully authenticated with LDAP ({server['url']})"
)
break
except LDAPBindError as e:
errors.append(
f"User {username} attempted to authenticate with LDAP ({server['url']}), but entered an incorrect password. The user was denied access: {str(e)}"
)
except LDAPException as e:
errors.append(
f"User {username} attempted to authenticate with LDAP ({server['url']}), but an error occurred. The user was denied access: {str(e)}"
)
if is_authenticated_with_ldap:
return user
else:
for error in errors:
auth_logger.warning(error)
return None
def ldap_conn(username, password):
s = Server(config.Config.LDAP_HOST)
user = '******'.format(username)
conn = Connection(s, user=user, password=password)
return conn
