Merge pull request #97 from franc-pentest/disable-encryption

Add --no-encryption option
franc-pentest · Sep 7, 2024 · d9c2b0b · d9c2b0b
2 parents b694a0b + 9a8a75f
commit d9c2b0b
Show file tree

Hide file tree

Showing 3 changed files with 77 additions and 32 deletions.
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-1.0.61
+1.0.62
diff --git a/ldeep/__main__.py b/ldeep/__main__.py
@@ -1864,6 +1864,13 @@ def main():
         type=int,
         help="Configure the page size used by the engine to query the LDAP server (default: 1000)",
     )
+    ldap.add_argument(
+        "-n",
+        "--no-encryption",
+        default=False,
+        action="store_true",
+        help="Encrypt the communication or not (default True)",
+    )
 
     cache.add_argument(
         "-d",
@@ -1964,6 +1971,7 @@ def main():
                 args.cert_pem,
                 args.key_pem,
                 method,
+                args.no_encryption,
                 args.throttle,
                 args.page_size,
             )

diff --git a/ldeep/views/ldap_activedirectory.py b/ldeep/views/ldap_activedirectory.py
@@ -296,6 +296,7 @@ def __init__(
         cert_pem="",
         key_pem="",
         method="NTLM",
+        no_encryption=False,
         throttle=0,
         page_size=1000,
     ):
@@ -315,6 +316,7 @@ def __init__(
         @password: Password to use for the authentication (for SIMPLE authentication)
         @ntlm: NTLM hash to use for the authentication (for NTLM authentication)
         @method: Either to use NTLM, SIMPLE, Kerberos or anonymous authentication.
+        @no_encryption: Either the communication is encrypted or not.
 
         @throw ActiveDirectoryLdapException when the connection or the bind does not work.
         """
@@ -325,6 +327,7 @@ def __init__(
         self.pfx_pass = pfx_pass
         self.cert = cert_pem
         self.key = key_pem
+        self.no_encryption = no_encryption
         self.server = server
         self.domain = domain
         self.hostnames = []
@@ -421,12 +424,19 @@ def __init__(
                     server, authentication=SASL, sasl_mechanism=KERBEROS
                 )
             else:
-                self.ldap = Connection(
-                    server,
-                    authentication=SASL,
-                    sasl_mechanism=KERBEROS,
-                    session_security=ENCRYPT,
-                )
+                if self.no_encryption:
+                    self.ldap = Connection(
+                        server,
+                        authentication=SASL,
+                        sasl_mechanism=KERBEROS,
+                    )
+                else:
+                    self.ldap = Connection(
+                        server,
+                        authentication=SASL,
+                        sasl_mechanism=KERBEROS,
+                        session_security=ENCRYPT,
+                    )
         elif method == "Certificate":
             self.ldap = Connection(server)
         elif method == "anonymous":
@@ -444,23 +454,41 @@ def __init__(
                     print("Incorrect hash, format is LMHASH:NTHASH")
                     exit(1)
             if self.server.startswith("ldaps"):
-                self.ldap = Connection(
-                    server,
-                    user=f"{domain}\\{username}",
-                    password=ntlm,
-                    channel_binding=TLS_CHANNEL_BINDING,
-                    authentication=NTLM,
-                    check_names=True,
-                )
+                if self.no_encryption:
+                    self.ldap = Connection(
+                        server,
+                        user=f"{domain}\\{username}",
+                        password=ntlm,
+                        authentication=NTLM,
+                        check_names=True,
+                    )
+                else:
+                    self.ldap = Connection(
+                        server,
+                        user=f"{domain}\\{username}",
+                        password=ntlm,
+                        authentication=NTLM,
+                        channel_binding=TLS_CHANNEL_BINDING,
+                        check_names=True,
+                    )
             else:
-                self.ldap = Connection(
-                    server,
-                    user=f"{domain}\\{username}",
-                    password=ntlm,
-                    session_security=ENCRYPT,
-                    authentication=NTLM,
-                    check_names=True,
-                )
+                if self.no_encryption:
+                    self.ldap = Connection(
+                        server,
+                        user=f"{domain}\\{username}",
+                        password=ntlm,
+                        authentication=NTLM,
+                        check_names=True,
+                    )
+                else:
+                    self.ldap = Connection(
+                        server,
+                        user=f"{domain}\\{username}",
+                        password=ntlm,
+                        authentication=NTLM,
+                        session_security=ENCRYPT,
+                        check_names=True,
+                    )
         elif method == "SIMPLE":
             if "." in domain:
                 domain, _, _ = domain.partition(".")
@@ -487,16 +515,25 @@ def __init__(
                     ntlm = f"{lm}:{nt}"
                 except Exception as e:
                     print(e)
-                    print("Incorrect hash, format is LMHASH:NTHASH")
+                    print("Incorrect hash, format is [LMHASH]:NTHASH")
                     exit(1)
-                self.ldap = Connection(
-                    server,
-                    user=f"{domain}\\{username}",
-                    password=ntlm,
-                    session_security=ENCRYPT,
-                    authentication=NTLM,
-                    check_names=True,
-                )
+                if self.no_encryption:
+                    self.ldap = Connection(
+                        server,
+                        user=f"{domain}\\{username}",
+                        password=ntlm,
+                        authentication=NTLM,
+                        check_names=True,
+                    )
+                else:
+                    self.ldap = Connection(
+                        server,
+                        user=f"{domain}\\{username}",
+                        password=ntlm,
+                        authentication=NTLM,
+                        session_security=ENCRYPT,
+                        check_names=True,
+                    )
 
         try:
             if method == "Certificate":