search

dirkjanm / ldapdomaindump

Active Directory information dumper via LDAP
MIT License
1.15k stars 182 forks source link

Python error while trying to dump #22

Closed h4knet closed 5 years ago

h4knet commented 5 years ago

Hello, I tried to use the tool on an assesment and I got the following error :

[*] Connecting to host...
[*] Binding to host
[+] Bind OK
[*] Starting domain dump
Traceback (most recent call last):
  File "/usr/local/bin/ldapdomaindump", line 3, in <module>
    ldapdomaindump.main()
  File "/usr/local/lib/python2.7/dist-packages/ldapdomaindump/__init__.py", line 895, in main
    dd.domainDump()
  File "/usr/local/lib/python2.7/dist-packages/ldapdomaindump/__init__.py", line 407, in domainDump
    self.policy = self.getDomainPolicy()
  File "/usr/local/lib/python2.7/dist-packages/ldapdomaindump/__init__.py", line 250, in getDomainPolicy
    self.connection.search(self.root, '(objectClass=domain)', attributes=ldap3.ALL_ATTRIBUTES)
  File "/usr/local/lib/python2.7/dist-packages/ldap3/core/connection.py", line 788, in search
    response = self.post_send_search(self.send('searchRequest', request, controls))
  File "/usr/local/lib/python2.7/dist-packages/ldap3/strategy/sync.py", line 139, in post_send_search
    responses, result = self.get_response(message_id)
  File "/usr/local/lib/python2.7/dist-packages/ldap3/strategy/base.py", line 325, in get_response
    responses = self._get_response(message_id)
  File "/usr/local/lib/python2.7/dist-packages/ldap3/strategy/sync.py", line 165, in _get_response
    dict_response = self.decode_response_fast(ldap_resp)
  File "/usr/local/lib/python2.7/dist-packages/ldap3/strategy/base.py", line 509, in decode_response_fast
    result = search_result_entry_response_to_dict_fast(ldap_message['payload'], self.connection.server.schema, self.connection.server.custom_formatter, self.connection.check_names)
  File "/usr/local/lib/python2.7/dist-packages/ldap3/operation/search.py", line 568, in search_result_entry_response_to_dict_fast
    entry_dict['attributes'] = checked_attributes_to_dict_fast(response[1][3], schema, custom_formatter)  # attributes
  File "/usr/local/lib/python2.7/dist-packages/ldap3/operation/search.py", line 453, in checked_attributes_to_dict_fast
    checked_attributes[name] = format_attribute_values(schema, name, decode_raw_vals_fast(attribute[3][1][3]) or [], custom_formatter)
  File "/usr/local/lib/python2.7/dist-packages/ldap3/protocol/formatters/standard.py", line 213, in format_attribute_values
    formatted_values = [formatter(raw_value) for raw_value in values]  # executes formatter
  File "/usr/local/lib/python2.7/dist-packages/ldap3/protocol/formatters/formatters.py", line 337, in format_ad_timedelta
    return format_ad_timestamp(raw_value * -1) - format_ad_timestamp(0)
TypeError: unsupported operand type(s) for -: 'str' and 'datetime.datetime'

The command I used : ldapdomaindump -u "frenchcompany\administrateur" -p aad3b435b51404eeaad3b435b51404ee:0000000000theNThash0000000000000 -o ldap-dump 192.168.1.1 -m

I have no clue where it could be from :(. I get the same behavior with or without the -m option. Did someone saw this error already ?

dirkjanm commented 5 years ago

Make sure you have version 2.5.1 of ldap3 library, newer versions show this error

h4knet commented 5 years ago

Hello Dirk-jan, I just checked and it is.

# apt show python-ldap3
Package: python-ldap3
Version: 2.5.1-0kali1
Priority: optional
Section: python
Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>
Installed-Size: 2,081 kB
Depends: python-pyasn1 (>= 0.1.8), python:any (<< 2.8), python:any (>= 2.7~)
Breaks: python-tldap (<< 0.3.8~)
Homepage: https://github.com/cannatag/ldap3
Download-Size: 221 kB
APT-Manual-Installed: no
APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages
Description: Pure Python LDAP client library
 A pure Python 3 LDAP version 3 strictly conforming to RFC4511 released under
 the LGPL v3 open source license. RFC4511 is the current LDAP specification
 (June 2006) from IETF and obsoletes the previous LDAP RFCs 2251, 2830, 3771
 (December 1997)
 .
 This package contains the Python 2.7 version of the library.

# python -V
Python 2.7.16
h4knet commented 5 years ago

I've check with 'pip' and the version was 2.5.2.. 

# pip install ldap3 dnspython
Requirement already satisfied: ldap3 in /usr/local/lib/python2.7/dist-packages (2.5.2)
Requirement already satisfied: dnspython in /usr/lib/python2.7/dist-packages (1.16.0)
Requirement already satisfied: pyasn1>=0.1.8 in /usr/local/lib/python2.7/dist-packages (from ldap3) (0.4.6)

So I've just ran the command pip install --upgrade ldap3==2.5.1 and it solved my problem :)

Maybe it could be an idea to add a requirements.txt file to your project to prevent this problem in the future for other users as well.

I've also seen that the package version I have is the 0.9.1-0kali1 from the kali package. It might be also an idea to add a -V option to check which version of your tool we are running.

dirkjanm commented 5 years ago

Good to hear you fixed it, the package version is fixed in setup.py https://github.com/dirkjanm/ldapdomaindump/blob/edb2a6aab690b03f28d976d86788bba6f486564e/setup.py#L9, which is similar to requirements.txt for setuptools/pip. I'll consider the -V option, I didn't even know ldapdomaindump is part of Kali nowadays :smile: