projectdiscovery · ehsandeep · Dec 29, 2021 · Jul 23, 2021 · Jul 23, 2021 · Jul 23, 2021
diff --git a/cmd/interactsh-client/main.go b/cmd/interactsh-client/main.go
@@ -120,6 +120,14 @@ func main() {
 					}
 					writeOutput(outputFile, builder)
 				}
+			case "ldap":
+				if noFilter {
+					builder.WriteString(fmt.Sprintf("[%s] Received LDAP interaction from %s at %s", interaction.FullId, interaction.RemoteAddress, interaction.Timestamp.Format("2006-01-02 15:04:05")))
+					if *verbose {
+						builder.WriteString(fmt.Sprintf("\n------------\nLDAP Interaction\n------------\n\n%s\n\n", interaction.RawRequest))
+					}
+					writeOutput(outputFile, builder)
+				}
 			}
 		} else {
 			b, err := jsonpkg.MarshalIndent(interaction, "", "\t")

diff --git a/cmd/interactsh-server/main.go b/cmd/interactsh-server/main.go
@@ -22,7 +22,7 @@ import (
 
 func main() {
 	var eviction int
-	var debug, smb, responder, ftp bool
+	var debug, smb, responder, ftp, ldapWithFullLogger bool
 
 	options := &server.Options{}
 	flag.CommandLine = flag.NewFlagSet(os.Args[0], flag.ExitOnError)
@@ -34,13 +34,16 @@ func main() {
 	flag.IntVar(&options.HttpPort, "http-port", 80, "HTTP port to listen on")
 	flag.IntVar(&options.HttpsPort, "https-port", 443, "HTTPS port to listen on")
 	flag.StringVar(&options.Hostmaster, "hostmaster", "", "Hostmaster email to use for interactsh server")
+	flag.BoolVar(&ldapWithFullLogger, "ldap", false, "Enable full logging LDAP server - if false only ldap search query with correlation will be enabled")
 	flag.IntVar(&eviction, "eviction", 30, "Number of days to persist interactions for")
 	flag.BoolVar(&responder, "responder", false, "Start a responder agent - docker must be installed")
 	flag.BoolVar(&smb, "smb", false, "Start a smb agent - impacket and python 3 must be installed")
 	flag.IntVar(&options.SmbPort, "smb-port", 445, "SMB port to listen on")
 	flag.IntVar(&options.SmtpPort, "smtp-port", 25, "SMTP port to listen on")
 	flag.IntVar(&options.SmtpsPort, "smtps-port", 587, "SMTPS port to listen on")
 	flag.IntVar(&options.SmtpAutoTLSPort, "smtp-autotls-port", 465, "SMTP autoTLS port to listen on")
+	flag.IntVar(&options.FtpPort, "ftp-port", 21, "FTP port to listen on")
+	flag.IntVar(&options.LdapPort, "ldap-port", 389, "LDAP port to listen on")
 	flag.BoolVar(&ftp, "ftp", false, "Start a ftp agent")
 	flag.BoolVar(&options.Auth, "auth", false, "Enable authentication to server using random generated token")
 	flag.StringVar(&options.Token, "token", "", "Enable authentication to server using given token")
@@ -67,7 +70,7 @@ func main() {
 	}
 
 	// Requires auth if token is specified or enables it automatically for responder and smb options
-	if options.Token != "" || responder || smb || ftp {
+	if options.Token != "" || responder || smb || ftp || ldapWithFullLogger {
 		options.Auth = true
 	}
 
@@ -134,6 +137,14 @@ func main() {
 	smtpsAlive := make(chan bool)
 	go smtpServer.ListenAndServe(autoTLS, smtpAlive, smtpsAlive)
 
+	ldapAlive := make(chan bool)
+	ldapServer, err := server.NewLDAPServer(options, ldapWithFullLogger)
+	if err != nil {
+		gologger.Fatal().Msgf("Could not create LDAP server")
+	}
+	go ldapServer.ListenAndServe(autoTLS, ldapAlive)
+	defer ldapServer.Close()
+
 	ftpAlive := make(chan bool)
 	if ftp {
 		ftpServer, err := server.NewFTPServer(options)
@@ -169,36 +180,44 @@ func main() {
 			service := ""
 			port := 0
 			status := true
+			fatal := false
 			select {
 			case status = <-dnsAlive:
 				service = "DNS"
-				port = 53
+				port = options.DnsPort
+				fatal = true
 			case status = <-httpAlive:
 				service = "HTTP"
-				port = 80
+				port = options.HttpPort
+				fatal = true
 			case status = <-httpsAlive:
 				service = "HTTPS"
-				port = 443
+				port = options.HttpsPort
 			case status = <-smtpAlive:
 				service = "SMTP"
-				port = 25
+				port = options.SmtpPort
 			case status = <-smtpsAlive:
 				service = "SMTPS"
-				port = 465
+				port = options.SmtpsPort
 			case status = <-ftpAlive:
 				service = "FTP"
-				port = 21
+				port = options.FtpPort
 			case status = <-responderAlive:
 				service = "Responder"
 				port = 445
 			case status = <-smbAlive:
 				service = "SMB"
-				port = 445
+				port = options.SmbPort
+			case status = <-ldapAlive:
+				service = "LDAP"
+				port = options.LdapPort
 			}
 			if status {
 				gologger.Silent().Msgf("\t%s :%d", service, port)
-			} else {
+			} else if fatal {
 				gologger.Fatal().Msgf("The %s service has unexpectedly stopped", service)
+			} else {
+				gologger.Warning().Msgf("The %s service has unexpectedly stopped", service)
 			}
 		}
 	}()

diff --git a/go.mod b/go.mod
@@ -5,6 +5,7 @@ go 1.15
 require (
 	git.mills.io/prologic/smtpd v0.0.0-20210710122116-a525b76c287a
 	github.com/DataDog/zstd v1.4.8 // indirect
+	github.com/Mzack9999/ldapserver v1.0.2-0.20211214172138-8f1cdd128383
 	github.com/akrylysov/pogreb v0.10.1 // indirect
 	github.com/cespare/xxhash/v2 v2.1.2 // indirect
 	github.com/cockroachdb/errors v1.8.6 // indirect
@@ -21,6 +22,7 @@ require (
 	github.com/karlseguin/ccache/v2 v2.0.8
 	github.com/klauspost/compress v1.13.6
 	github.com/kr/pretty v0.3.0 // indirect
+	github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3
 	github.com/miekg/dns v1.1.43
 	github.com/onsi/gomega v1.12.0 // indirect
 	github.com/pkg/errors v0.9.1

diff --git a/go.sum b/go.sum
@@ -17,6 +17,8 @@ github.com/DataDog/zstd v1.4.8/go.mod h1:g4AWEaM3yOg3HYfnJ3YIawPnVdXJh9QME85blwS
 github.com/Joker/hpp v1.0.0/go.mod h1:8x5n+M1Hp5hC0g8okX3sR3vFQwynaX/UgSOM9MeBKzY=
 github.com/Joker/jade v1.0.1-0.20190614124447-d475f43051e7/go.mod h1:6E6s8o2AE4KhCrqr6GRJjdC/gNfTdxkIXvuGZZda2VM=
 github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0=
+github.com/Mzack9999/ldapserver v1.0.2-0.20211214172138-8f1cdd128383 h1:nCClkytmADCDqZ8Tft97RGSClbHeHyp+k7TRCm5jAyU=
+github.com/Mzack9999/ldapserver v1.0.2-0.20211214172138-8f1cdd128383/go.mod h1:AqtPw7WNT0O69k+AbPKWVGYeW94TqgMW/g+Ppc8AZr4=
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
 github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q=
 github.com/Shopify/goreferrer v0.0.0-20181106222321-ec9c9a553398/go.mod h1:a1uqRtAwp2Xwc6WNPJEufxJ7fx3npB4UV/JOLmbu5I0=
@@ -304,6 +306,8 @@ github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0U
 github.com/logrusorgru/aurora v0.0.0-20200102142835-e9ef32dff381/go.mod h1:7rIyQOR62GCctdiQpZ/zOJlFyk6y+94wXzv6RNZgaR4=
 github.com/logrusorgru/aurora v2.0.3+incompatible h1:tOpm7WcpBTn4fjmVfgpQq0EfczGlG91VSDkswnjF5A8=
 github.com/logrusorgru/aurora v2.0.3+incompatible/go.mod h1:7rIyQOR62GCctdiQpZ/zOJlFyk6y+94wXzv6RNZgaR4=
+github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3 h1:wIONC+HMNRqmWBjuMxhatuSzHaljStc4gjDeKycxy0A=
+github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3/go.mod h1:37YR9jabpiIxsb8X9VCIx8qFOjTDIIrIHHODa8C4gz0=
 github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ=
 github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
 github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=

diff --git a/pkg/server/ftp_server.go b/pkg/server/ftp_server.go
@@ -11,7 +11,6 @@ import (
 	jsoniter "github.com/json-iterator/go"
 	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/interactsh/pkg/server/acme"
-	"goftp.io/server/v2"
 	ftpserver "goftp.io/server/v2"
 	"goftp.io/server/v2/driver/file"
 )
@@ -45,7 +44,7 @@ func NewFTPServer(options *Options) (*FTPServer, error) {
 	opt := &ftpserver.Options{
 		Name:   "interactsh-ftp",
 		Driver: nopDriver,
-		Port:   21,
+		Port:   options.FtpPort,
 		Perm:   ftpserver.NewSimplePerm("root", "root"),
 		Logger: server,
 		Auth:   &NopAuth{},
@@ -239,10 +238,10 @@ func (a *NopAuth) CheckPasswd(ctx *ftpserver.Context, name, pass string) (bool,
 }
 
 type NopDriver struct {
-	driver server.Driver
+	driver ftpserver.Driver
 }
 
-func NewNopDriver(driver server.Driver) *NopDriver {
+func NewNopDriver(driver ftpserver.Driver) *NopDriver {
 	return &NopDriver{driver: driver}
 }