Bugfixes & Improved connection config form.

Macmod · Nov 20, 2024 · fdc43a7 · fdc43a7
1 parent 42c8f65
commit fdc43a7
Show file tree

Hide file tree

Showing 4 changed files with 242 additions and 63 deletions.
diff --git a/README.md b/README.md
@@ -74,12 +74,12 @@ $ KRB5CCNAME=ticket.ccache godap <hostname or IP> -k -d <domain> -t ldap/<DC hos
 
 PEM:
 ```bash
-$ godap <hostname or IP> -d <domain> --crt <cert.pem> --key <cert.key> -I
+$ godap <hostname or IP> --crt <cert.pem> --key <cert.key> -I
 ```
 
 PKCS#12:
 ```bash
-$ godap <hostname or IP> -d <domain> --pfx <cert.pfx> -I
+$ godap <hostname or IP> --pfx <cert.pfx> -I
 ```
 
 Note. This method will either pass the certificate directly when connecting with LDAPS (`-S`), or upgrade the unencrypted LDAP connection implicitly with StartTLS, therefore you must provide `-I` if you want to use it and your server certificate is not trusted by your client.

diff --git a/godap.go b/godap.go
@@ -2,9 +2,6 @@ package main
 
 import (
 	"fmt"
-	"log"
-	"os"
-	"strings"
 
 	"github.com/Macmod/godap/v2/tui"
 	"github.com/spf13/cobra"
@@ -26,22 +23,6 @@ func main() {
 				}
 			}
 
-			if tui.LdapPasswordFile != "" {
-				pw, err := os.ReadFile(tui.LdapPasswordFile)
-				if err != nil {
-					log.Fatal(err)
-				}
-				tui.LdapPassword = strings.TrimSpace(string(pw))
-			}
-
-			if tui.NtlmHashFile != "" {
-				hash, err := os.ReadFile(tui.NtlmHashFile)
-				if err != nil {
-					log.Fatal(err)
-				}
-				tui.NtlmHash = strings.TrimSpace(string(hash))
-			}
-
 			tui.SetupApp()
 		},
 	}
@@ -51,7 +32,7 @@ func main() {
 	rootCmd.Flags().StringVarP(&tui.LdapPassword, "password", "p", "", "LDAP password")
 	rootCmd.Flags().StringVarP(&tui.LdapPasswordFile, "passfile", "", "", "Path to a file containing the LDAP password")
 	rootCmd.Flags().StringVarP(&tui.DomainName, "domain", "d", "", "Domain for NTLM / Kerberos authentication")
-	rootCmd.Flags().StringVarP(&tui.NtlmHash, "hashes", "H", "", "NTLM hash")
+	rootCmd.Flags().StringVarP(&tui.NtlmHash, "hash", "H", "", "NTLM hash")
 	rootCmd.Flags().BoolVarP(&tui.Kerberos, "kerberos", "k", false, "Use Kerberos ticket for authentication (CCACHE specified via KRB5CCNAME environment variable)")
 	rootCmd.Flags().StringVarP(&tui.TargetSpn, "spn", "t", "", "Target SPN to use for Kerberos bind (usually ldap/dchostname)")
 	rootCmd.Flags().StringVarP(&tui.NtlmHashFile, "hashfile", "", "", "Path to a file containing the NTLM hash")

diff --git a/pkg/ldaputils/actions.go b/pkg/ldaputils/actions.go
@@ -64,9 +64,10 @@ func NewLDAPConn(ldapServer string, ldapPort int, ldaps bool, tlsConfig *tls.Con
 	}
 
 	return &LDAPConn{
-		Conn:       conn,
-		PagingSize: pagingSize,
-		RootDN:     rootDN,
+		Conn:          conn,
+		PagingSize:    pagingSize,
+		RootDN:        rootDN,
+		DefaultRootDN: rootDN,
 	}, nil
 }