The ldapconsole script allows you to perform custom LDAP requests to a Windows domain.

Features

• Authentications:
  • Authenticate with password
  • Authenticate with LM:NT hashes (Pass the Hash)
  • Authenticate with kerberos ticket (Pass the Ticket)
• Interactive mode
  • Colored results
  • Preset queries
• Non-interactive mode
  • Colored results
  • Exportable to XLSX format with option --xlsx

Requirements

For python-ldap:

sudo apt-get install libsasl2-dev python3-dev libldap2-dev libssl-dev

And then:

python3 -m pip install -r requirements.txt

Examples

./ldapconsole.py -u 'user1' -p 'Admin123!' -d 'LAB.local' --dc-ip 192.168.2.1

Extract the list of the computers with an obsolete OS to an Excel file

./ldapconsole.py -d LAB.local -u Administrator -p 'Admin123!' --dc-ip 10.0.0.101 -q '(&(objectCategory=Computer)(|(operatingSystem=Windows 2000*)(operatingSystem=Windows Vista*)(operatingSystem=Windows XP*)(operatingSystem=Windows 7*)(operatingSystem=Windows 8*)(operatingSystem=Windows Server 200*)(operatingSystem=Windows Server 2012*)))' -a 'operatingSystem' -a 'operatingSystemVersion' -x ComputersWithObsoleteOSes.xlsx

Contributing

Pull requests are welcome. Feel free to open an issue if you want to add other features.