Fix for method filtering in the LDAP queries using _pwnable and _canp…

…wn synthetic attributes
lkarlslund · Dec 13, 2021 · efc9064 · efc9064
1 parent 81f9141
commit efc9064
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 2 deletions.
diff --git a/modules/engine/pwn.go b/modules/engine/pwn.go
@@ -151,6 +151,7 @@ func AllPwnMethodsSlice() []PwnMethod {
 
 var (
 	NonExistingPwnMethod = PwnMethod(10000)
+	AnyPwnMethod         = PwnMethod(9999)
 )
 
 var AllPwnMethods PwnMethodBitmap

diff --git a/modules/ldapquery/queryparser.go b/modules/ldapquery/queryparser.go
@@ -247,7 +247,9 @@ valueloop:
 				target, _ = ParseQueryStrict(values[1], ao)
 			}
 			var method engine.PwnMethod
-			if pwnmethod != "" && pwnmethod != "*" {
+			if pwnmethod == "*" {
+				method = engine.AnyPwnMethod
+			} else {
 				method = engine.P(pwnmethod)
 				if method == engine.NonExistingPwnMethod {
 					return nil, nil, fmt.Errorf("Could not convert value %v to pwn method", pwnmethod)
@@ -636,7 +638,7 @@ func (p pwnquery) Evaluate(o *engine.Object) bool {
 		items = o.PwnableBy
 	}
 	for _, pwnmethod := range items {
-		if p.method == 0 || pwnmethod.IsSet(p.method) {
+		if (p.method == engine.AnyPwnMethod && pwnmethod.Count() != 0) || pwnmethod.IsSet(p.method) {
 			return true
 		}
 	}
-Original file line number
+Diff line change
@@ Expand Up / @@ -151,6 +151,7 @@ func AllPwnMethodsSlice() []PwnMethod { @@
     var (
     	NonExistingPwnMethod = PwnMethod(10000)
+    	AnyPwnMethod         = PwnMethod(9999)
     )
     var AllPwnMethods PwnMethodBitmap
@@ Expand Down @@