Open JustAnda7 opened 1 year ago
Thanks for reporting this @JustAnda7! I'm adding a note to revisit this when I get a chance, feel free to give this a shot if you feel up to fixing it; think it should just be some regex changes required here, otherwise I can hop onto this shortly.
Adding confirmed label since we went through this together over Slack and I confirmed it does look like an oversight in our code base.
While trying to query an LDAP server, it is discovered that automatically discovering of BASE_DN when no option is specified only accepts capitalized DN like
DC=example,DC=com
but rejects other possibilities. Updating it to be case insensitive would increase the scope of query.Steps to reproduce
How'd you do it?
ldap_query
rhosts
andaction
Run
it against a serverWere you following a specific guide/tutorial or reading documentation?
Occurred during an ldap query as per https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/auxiliary/gather/ldap_query.md
Expected behavior
<rhosts>:<rport> Discovered base DN: DC=(...),DC=(...)
or<rhosts>:<rport> Discovered base DN: dc=(...),dc=(...)
or other dn as configuredCurrent behavior
<rhosts>:<rport> Discovered base DN: DC=(...),DC=(...)
when the DN is capitalized and<rhost>:<rport> A base DN matching the expected format could not be found!
[-] Auxiliary aborted due to failure: unexpected-reply: Couldn't discover base DN!
for other cases.Metasploit version
6.3.1-dev-e26ab2c202.
Additional Information
This is also observed in local post exploitation of ldap for windows.