MCPcopy Index your code
hub / github.com/secdev/scapy / dclocator

Function dclocator

scapy/layers/ldap.py:1475–1637  ·  view source on GitHub ↗

Perform a DC Locator as per [MS-ADTS] sect 6.3.6 or RFC4120. :param realm: the kerberos realm to locate :param mode: Detect if a server is up and joinable thanks to one of: - 'nocheck': Do not check that servers are online. - 'ldap': Use the LDAP ping (CLDAP) per [MS-ADTS]. De

(
    realm, qtype="A", mode="ldap", port=None, timeout=1, NtVersion=None, debug=0
)

Source from the content-addressed store, hash-verified

1473
1474@conf.commands.register
1475def dclocator(
1476 realm, qtype="A", mode="ldap", port=None, timeout=1, NtVersion=None, debug=0
1477):
1478 """
1479 Perform a DC Locator as per [MS-ADTS] sect 6.3.6 or RFC4120.
1480
1481 :param realm: the kerberos realm to locate
1482 :param mode: Detect if a server is up and joinable thanks to one of:
1483
1484 - 'nocheck': Do not check that servers are online.
1485 - 'ldap': Use the LDAP ping (CLDAP) per [MS-ADTS]. Default.
1486 This will however not work with MIT Kerberos servers.
1487 - 'connect': connect to specified port to test the connection.
1488
1489 :param mode: in connect mode, the port to connect to. (e.g. 88)
1490 :param debug: print debug logs
1491
1492 This is cached in conf.netcache.dclocator.
1493 """
1494 if NtVersion is None:
1495 # Windows' default
1496 NtVersion = (
1497 0x00000002 # V5
1498 | 0x00000004 # V5EX
1499 | 0x00000010 # V5EX_WITH_CLOSEST_SITE
1500 | 0x01000000 # AVOID_NT4EMUL
1501 | 0x20000000 # IP
1502 )
1503 # Check cache
1504 cache_ident = ";".join([realm, qtype, mode, str(NtVersion)]).lower()
1505 if cache_ident in _dclocatorcache:
1506 return _dclocatorcache[cache_ident]
1507 # Perform DNS-Based discovery (6.3.6.1)
1508 # 1. SRV records
1509 qname = "_kerberos._tcp.dc._msdcs.%s" % realm.lower()
1510 if debug:
1511 log_runtime.info("DC Locator: requesting SRV for '%s' ..." % qname)
1512 try:
1513 hosts = [
1514 x.target
1515 for x in dns_resolve(
1516 qname=qname,
1517 qtype="SRV",
1518 timeout=timeout,
1519 )
1520 ]
1521 except TimeoutError:
1522 raise TimeoutError("Resolution of %s timed out" % qname)
1523 if not hosts:
1524 raise ValueError("No DNS record found for %s" % qname)
1525 elif debug:
1526 log_runtime.info(
1527 "DC Locator: got %s. Resolving %s records ..." % (hosts, qtype)
1528 )
1529 # 2. A records
1530 ips = []
1531 for host in hosts:
1532 arec = dns_resolve(

Callers 3

__init__Method · 0.90
__init__Method · 0.90
kpasswdFunction · 0.90

Calls 15

dns_resolveFunction · 0.90
SimpleSocketClass · 0.90
ASN1_STRINGClass · 0.90
NETLOGONClass · 0.90
CLDAPClass · 0.85
LDAP_SearchRequestClass · 0.85
LDAP_FilterClass · 0.85
LDAP_FilterAndClass · 0.85
LDAP_FilterEqualClass · 0.85
joinMethod · 0.80
extendMethod · 0.80

Tested by

no test coverage detected