search

projectdiscovery / nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.
https://docs.projectdiscovery.io/tools/nuclei
MIT License
19.91k stars 2.45k forks source link

Ldap Module CollectMetadata() - not working. #5446

Open pussycat0x opened 1 month ago

pussycat0x commented 1 month ago

Nuclei version:

v3.3.0

Current Behavior:

CollectMetadata() and another functions are not returning anydata in response.

Expected Behavior:

Steps To Reproduce:

javascript:
  - code: |
      const ldap = require('nuclei/ldap');
      const cfg = new ldap.Config();
      cfg.Upgrade = true;
      const client = new ldap.Client(Host, Port);
      const metadata = client.CollectMetadata();
      log(json_to(metadata))

    args:
      Host: "ldap://{{Host}}"
      Port: 389

Anything else:

DebugData



[VER] Started metrics server at localhost:9092
[INF] Current nuclei version: v3.3.0 (latest)
[INF] Current nuclei-templates version: v9.9.1 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 75
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[DBG] Javascript Protocol request variables: 
        1. DN => 211
        2. FQDN => 127.0.0.1
        3. Host => 127.0.0.1
        4. Hostname => 177.129.211.170:389
        5. Port => 389
        6. RDN => 127.0.0.1
        7. SD => 127.0.0.1
        8. TLD => 170

[VER] [ldap-metadata] Sent Javascript request to 127.0.0.1:389
[DBG] Javascript Protocol response variables: 
        1. DN => 211
        2. FQDN => 127.0.0.1
        3. Host =>127.0.0.1
        4. Hostname => 127.0.0.1:389
        5. Port => 389
        6. RDN =>127.0.0.1
        7. SD => 127.0.0.1
        8. TLD => 170
        9. host => 127.0.0.1:389
        10. interactsh-server => 
        11. ip => 127.0.0.1
        12. matched => 127.0.0.1:389
        13. request => const ldap = require('nuc .... ); log(json_to(metadata))
        14. template-id => ldap-metadata
        15. template-info => {LDAP Metadata - Enumerat .... hodan-query:ldap] <nil> }
        16. template-path =>/Documents/ .... c/ldap/ldap-metadata.yaml
        17. type => javascript

[INF] No results found. Better luck next time!
zrquan commented 1 month ago

Steps To Reproduce:

javascript:
  - code: |
      const ldap = require('nuclei/ldap');
      const cfg = new ldap.Config();
      cfg.Upgrade = true;
      const client = new ldap.Client(Host, Port);
      const metadata = client.CollectMetadata();
      log(json_to(metadata))

    args:
      Host: "ldap://{{Host}}"
      Port: 389

The parameters passed to ldap.Client in ldap-metadata.yaml seem to be incorrect. You might want to try modifying them to:

javascript:
  - pre-condition: |
      isPortOpen(Host,Port);
    code: |
      const ldap = require('nuclei/ldap');
      const cfg = new ldap.Config();
      cfg.Upgrade = true;
      const client = new ldap.Client(Url, Realm, cfg);
      const metadata = client.CollectMetadata();
      log(json_to(metadata))

    args:
      Url: "ldap://{{Host}}:{{Port}}"
      Realm: ldap.example
      Host: "{{Host}}"
      Port: 389