Upgraded LDAP module and minor adjustments to CLI processing, added L…

…DAP debug mode

go.mod

@@ -3,7 +3,6 @@ module github.com/lkarlslund/adalanche
 go 1.17
 
 require (
- github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c // indirect
  github.com/Microsoft/go-winio v0.5.0
  github.com/OneOfOne/xxhash v1.2.8
  github.com/Showmax/go-fqdn v1.0.0
@@ -71,8 +70,8 @@ require (
  github.com/spf13/pflag v1.0.5 // indirect
  github.com/tinylib/msgp v1.1.6
  github.com/ugorji/go/codec v1.2.6 // indirect
- golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect
- golang.org/x/net v0.0.0-20211008194852-3b03d305991f // indirect
+ golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 // indirect
+ golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 // indirect
  golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac
  golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
  golang.org/x/text v0.3.7
@@ -86,6 +85,7 @@ require (
 require github.com/shirou/gopsutil/v3 v3.21.9
 
 require (
+ github.com/Azure/go-ntlmssp v0.0.0-20211209120228-48547f28849e // indirect
  github.com/StackExchange/wmi v1.2.1 // indirect
  github.com/tklauser/go-sysconf v0.3.9 // indirect
  github.com/tklauser/numcpus v0.3.0 // indirect

go.sum

@@ -39,8 +39,9 @@ cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RX
 cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
 collectd.org v0.3.1-0.20181025072142-f80706d1e115/go.mod h1:A/8DzQBkF6abtvrT2j/AU/4tiBgJWYyh0y/oB/4MlWE=
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
-github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c h1:/IBSNwUN8+eKzUzbJPqhK839ygXJ82sde8x3ogr6R28=
 github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU=
+github.com/Azure/go-ntlmssp v0.0.0-20211209120228-48547f28849e h1:ZU22z/2YRFLyf/P4ZwUYSdNCWsMEI0VeyrFoI2rAhJQ=
+github.com/Azure/go-ntlmssp v0.0.0-20211209120228-48547f28849e/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
 github.com/Julusian/godocdown v0.0.0-20170816220326-6d19f8ff2df8/go.mod h1:INZr5t32rG59/5xeltqoCJoNY7e5x/3xoY9WSWVWg74=
@@ -505,8 +506,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 h1:7I4JAnoQBe7ZtJcBaYHi5UtiO8tQHbUSXxL+pnGRANg=
-golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 h1:0es+/5331RGQPcXlMfP+WrnIIS6dNnNRe0WB02W0F4M=
+golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -584,8 +585,8 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20211008194852-3b03d305991f h1:1scJEYZBaF48BaG6tYbtxmLcXqwYGSfGcMoStTqkkIw=
-golang.org/x/net v0.0.0-20211008194852-3b03d305991f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 h1:CIJ76btIcR3eFI5EgSo6k1qKw9KJexJuRLI9G7Hp5wE=
+golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=

modules/integrations/activedirectory/collect/cli.go

@@ -45,6 +45,8 @@ var (
 
  ignoreCert = Command.Flags().Bool("ignorecert", false, "Disable certificate checks")
 
+ ldapdebug = Command.Flags().Bool("ldapdebug", false, "Enable LDAP debugging")
+
  authmodeString *string
 
  authdomain = Command.Flags().String("authdomain", "", "domain for authentication, if using ntlm auth")
@@ -162,6 +164,17 @@ func PreRun(cmd *cobra.Command, args []string) error {
  return errors.New("Missing username - please use '--username' parameter")
  }
 
+ if authmode != 3 {
+ if *domain != "" && !strings.Contains(*user, "@") && !strings.Contains(*user, "\\") {
+ *user = *user + "@" + *domain
+ log.Info().Msgf("Username does not contain @ or \\, auto expanding it to %v", *user)
+ }
+ }
+ } else {
+ log.Info().Msg("Using integrated NTLM authentication")
+ }
+
+ if authmode != 5 {
  if *pass == "" {
  fmt.Printf("Please enter password for %v: ", *user)
  passwd, err := term.ReadPassword(int(syscall.Stdin))
@@ -170,13 +183,12 @@ func PreRun(cmd *cobra.Command, args []string) error {
  *pass = string(passwd)
  }
  }
+ }
 
-  if *domain != "" && !strings.Contains(*user, "@") && !strings.Contains(*user, "\\") {
-  *user = *user + "@" + *domain
- log.Info().Msgf("Username does not contain @ or \\, auto expanding it to %v", *user)
+ if authmode == 3 {
+ if *authdomain == "" {
+ return errors.New("Missing authdomain for NTLM - please use '--authdomain' parameter")
  }
- } else {
- log.Info().Msg("Using integrated NTLM authentication")
  }
 
  return nil
@@ -192,6 +204,7 @@ func Execute(cmd *cobra.Command, args []string) error {
  AuthDomain: *authdomain,
  TLSMode: tlsmode,
  IgnoreCert: *ignoreCert,
+ Debug: *ldapdebug,
  }
 
  err := ad.Connect(authmode)

modules/integrations/activedirectory/collect/ldap.go

@@ -12,6 +12,7 @@ import (
  "github.com/lkarlslund/adalanche/modules/integrations/activedirectory"
  ldap "github.com/lkarlslund/ldap/v3"
  "github.com/pierrec/lz4/v4"
+ "github.com/rs/zerolog/log"
  "github.com/schollz/progressbar/v3"
  "github.com/tinylib/msgp/msgp"
 )
@@ -36,6 +37,8 @@ type AD struct {
  TLSMode TLSmode
  IgnoreCert bool
 
+ Debug bool
+
  conn *ldap.Conn
 }
 
@@ -75,19 +78,27 @@ func (ad *AD) Connect(authmode byte) error {
  return errors.New("unknown transport mode")
  }
 
+ ad.conn.Debug.Enable(ad.Debug)
+
  var err error
  switch authmode {
  case 0:
+ log.Debug().Msgf("Doing unauthenticated bind with user %s", ad.User)
  err = ad.conn.UnauthenticatedBind(ad.User)
  case 1:
+ log.Debug().Msgf("Doing simple bind with user %s", ad.User)
  err = ad.conn.Bind(ad.User, ad.Password)
  case 2:
+ log.Debug().Msgf("Doing MD5 auth with user %s from domain %s", ad.User, ad.AuthDomain)
  err = ad.conn.MD5Bind(ad.AuthDomain, ad.User, ad.Password)
  case 3:
+ log.Debug().Msgf("Doing NTLM auth with user %s from domain %s", ad.User, ad.AuthDomain)
  err = ad.conn.NTLMBind(ad.AuthDomain, ad.User, ad.Password)
  case 4:
+ log.Debug().Msgf("Doing NTLM hash auth with user %s from domain %s", ad.User, ad.AuthDomain)
  err = ad.conn.NTLMBindWithHash(ad.AuthDomain, ad.User, ad.Password)
  case 5:
+ log.Debug().Msgf("Doing integrated NTLM auth")
  err = ad.conn.NTLMSSPIBind()
  default:
  return fmt.Errorf("unknown bind method %v", authmode)