LDAP Query and Enumeration Module

Description

This module allows users to query an LDAP server using either a custom LDAP query, or a set of LDAP queries under a specific category. Users can also specify a JSON or YAML file containing custom queries to be executed using the RUN_QUERY_FILE action. If this action is specified, then QUERY_FILE_PATH must be a path to the location of this JSON/YAML file on disk. Users can also run a single query by using the RUN_SINGLE_QUERY option and then setting the QUERY_FILTER datastore option to the filter to send to the LDAP server and QUERY_ATTRIBUTES to a comma separated string containing the list of attributes they are interested in obtaining from the results. As a third option can run one of several predefined queries by setting ACTION to the appropriate value. These options will be loaded from the ldap_queries_default.yaml file located in the MSF configuration directory, located by default at ~/.msf4/ldap_queries_default.yaml. All results will be returned to the user in table, CSV or JSON format, depending on the value of the OUTPUT_FORMAT datastore option. The characters || will be used as a delimiter should multiple items exist within a single column.

Author(s)

• Grant Willcox