Thursday, February 2, 2023
spot_img
HomeToolsLDAP-Password-Hunter: -- Password Hunter In The LDAP Infamous Database

LDAP-Password-Hunter: — Password Hunter In The LDAP Infamous Database

LDAP-Password-Hunteris used in The LDAP Infamous Database.

  1. It is possible that passwords are world-readable in the LDAP database by any user who can authenticate due to old service needs or simply lousy security procedures.
  2. LDAP Password Hunter is a tool that combines the functionality of getTGT.py (Impacket) with ldapsearch to search for passwords in an LDAP database.
  3. The Impacket getTGT.py script is used to authenticate and save the TGT kerberos ticket for the domain account used for enumeration.
  4. The KRB5CCNAME variable is then utilised by the ldapsearch script to authenticate and retrieve TGS kerberos tickets for each domain/DC.
  5. The LDAP-Password-Hunter is used.
  6. A custom list of attributes is constructed and filtered based on the CN=Schema,CN=Configuration export results in order to find a large query that may contain interesting results.

The output is shown and saved in a sqlite3 database. The database is made up of a single table with the following columns:

  • DistinguishedName
  • AttributeName
  • Value
  • Domain

The results are much cleaner and ordered in the SQL database than the previous edition. The output only displays the entries that were not discovered in the database, so new entries appear, but the overall result of the analysis is still saved in a file with a timestamp.

Disclaimer: The intended use for the tool is strictly educational and should not be used for any other purpose.

Download Link: https://github.com/oldboy21/LDAP-Password-Hunter

 

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -spot_img

Most Popular

Recent Comments

亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us