cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1037
Views
0
Helpful
1
Replies

Scripted LDAP Probe w/username and password

robert.mcclain
Beginner
Beginner

I have a scripted LDAP rpobe currently in use. It uses the anonymous bind authentication to work and it works just fine. However they want to go to a username and password instead for security reasons. So I used the script that was previously supplied on this forum to create the HEX. See below:

$username = "uid=XXXXXX,cn=support,dc=enterprise,dc=com";

$password = "XXXXX";

$len_username = length($username);

$xlen_username = sprintf("%02x", $len_username); $len_password = length($password); $xlen_password = sprintf("%02x", $len_password);

$username =~s/(.)/sprintf("%x",ord($1))/eg; $password =~s/(.)/sprintf("%x",ord($1))/eg;

$temp = "020103" . "04" . $xlen_username . $username . "80" . $xlen_password . $password; $tlen = length($temp) / 2; $xtlen = sprintf("%02x",$tlen);

$temp = "020101" . "60" . $xtlen . $temp;

$tlen = length($temp) / 2;

$xtlen = sprintf("%02x",$tlen);

$temp = "30" . $xtlen . $temp;

print $temp . "\n";

I get this result in HEX, (last 6 characters are changed )

303e0201016039020103042b7569643d214c4242494e442c636e3d737570706f72742c64633d656e74657270726973652c64633d636f6d800742316e64XXXXXX

I added them to the Probe script here:

ace_debug "sending ldap bind request"

puts -nonewline $sock [ binary format "H*" NEW HEX STRING  ]

flush $sock

However this doesn't work, am I putting this new HEX string in the proper place or does everything look right?

1 Reply 1

chrhiggi
Participant
Participant

Robert-

  The string length maximum is 127 characters, you ended up with 128 somehow.  The string you send is specific to a few things, like the server type, how the array is created, etc.  You should check out this thread: https://supportforums.cisco.com/message/3613048#3613048 It has some decent information on it.

 

Chris

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: