Merge pull request #121 from franc-pentest/improve-simple_bind

Improve simple bind
franc-pentest · Dec 9, 2024 · 7df99a4 · 7df99a4
2 parents e434087 + 1a2ebec
commit 7df99a4
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 45 deletions.
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-1.0.76
+1.0.77
diff --git a/ldeep/__main__.py b/ldeep/__main__.py
@@ -2132,7 +2132,7 @@ def main():
         "--type",
         default="ntlm",
         choices=["ntlm", "simple"],
-        help="Authentication type: ntlm (default) or simple",
+        help="Authentication type: ntlm (default) or simple. Simple bind will always be in cleartext with ldap (not ldaps)",
     )
     ldap.add_argument(
         "--throttle",
@@ -2151,7 +2151,7 @@ def main():
         "--no-encryption",
         default=False,
         action="store_true",
-        help="Encrypt the communication or not (default True)",
+        help="Encrypt the communication or not (default: encrypted, except with simple bind and ldap)",
     )
 
     cache.add_argument(

diff --git a/ldeep/views/ldap_activedirectory.py b/ldeep/views/ldap_activedirectory.py
@@ -497,48 +497,16 @@ def __init__(
         elif method == "SIMPLE":
             if "." in domain:
                 domain, _, _ = domain.partition(".")
-            if self.server.startswith("ldaps"):
-                if not password:
-                    print("Password is required (-p)")
-                    exit(1)
-                self.ldap = Connection(
-                    server,
-                    user=f"{domain}\\{username}",
-                    password=password,
-                    authentication=SIMPLE,
-                    check_names=True,
-                )
-            else:
-                if not ntlm:
-                    print(
-                        "Please authenticate using the NT hash for simple bind without ldaps"
-                    )
-                    exit(1)
-                try:
-                    lm, nt = ntlm.split(":")
-                    lm = "aad3b435b51404eeaad3b435b51404ee" if not lm else lm
-                    ntlm = f"{lm}:{nt}"
-                except Exception as e:
-                    print(e)
-                    print("Incorrect hash, format is [LMHASH]:NTHASH")
-                    exit(1)
-                if self.no_encryption:
-                    self.ldap = Connection(
-                        server,
-                        user=f"{domain}\\{username}",
-                        password=ntlm,
-                        authentication=NTLM,
-                        check_names=True,
-                    )
-                else:
-                    self.ldap = Connection(
-                        server,
-                        user=f"{domain}\\{username}",
-                        password=ntlm,
-                        authentication=NTLM,
-                        session_security=ENCRYPT,
-                        check_names=True,
-                    )
+            if not password:
+                print("Password is required with simple bind (-p)")
+                exit(1)
+            self.ldap = Connection(
+                server,
+                user=f"{domain}\\{username}",
+                password=password,
+                authentication=SIMPLE,
+                check_names=True,
+            )
 
         try:
             if method == "Certificate":