The Samba-Bugzilla – Attachment 17845 Details for
Bug 15270
CVE-2023-0614 [SECURITY] Not-secret but access controlled LDAP attributes can be discovered
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Script to detect confidential attrs in use
confidential_attrs_in_use.py (text/x-python), 2.11 KB, created by
Rob van der Linde
on 2023-03-24 00:15:24 UTC
(
hide
)
Description:
Script to detect confidential attrs in use
Filename:
MIME Type:
Creator:
Rob van der Linde
Created:
2023-03-24 00:15:24 UTC
Size:
2.11 KB
patch
obsolete
>#!/usr/bin/env python3 >import sys >import optparse > >import samba.getopt as options >from ldb import SCOPE_SUBTREE >from samba import gensec >from samba.auth import system_session >from samba.samdb import SamDB > > >def build_search(items): > search = "(|" > for item in items: > search += f"({item}=*)" > search += ")" > return search > > >def main(argv): > parser = optparse.OptionParser("%prog [options] -H <host>") > sambaopts = options.SambaOptions(parser) > parser.add_option_group(sambaopts) > parser.add_option_group(options.VersionOptions(parser)) > credopts = options.CredentialsOptions(parser) > parser.add_option_group(credopts) > parser.add_option(options.SambaOption("-H", "--URL", > help="LDB URL for database or target server.", > type=str, metavar="URL", dest="ldap_url")) > opts, args = parser.parse_args(argv) > > if opts.ldap_url is None: > parser.print_usage() > sys.exit(1) > > host = opts.ldap_url > if "://" not in host: > host = "ldap://" + host > > lp = sambaopts.get_loadparm() > creds = credopts.get_credentials(lp) > creds.set_gensec_features(creds.get_gensec_features() | gensec.FEATURE_SEAL) > > ldb = SamDB(host, credentials=creds, session_info=system_session(lp), lp=lp) > base_dn = ldb.get_root_basedn() > schema_dn = ldb.get_schema_basedn() > > result = ldb.search( > base=schema_dn, > expression="(&(objectClass=attributeSchema)(searchFlags:1.2.840.113556.1.4.803:=128))", > scope=SCOPE_SUBTREE, > attrs=["lDAPDisplayName"], > controls=["search_options:1:2"] > ) > attributes = [str(m["lDAPDisplayName"]) for m in result] > > res = ldb.search( > base=base_dn, > expression=build_search(attributes), > scope=SCOPE_SUBTREE, > attrs=attributes > ) > > if len(res): > print("These objects need checking:") > print("----------------------------") > > for msg in res: > print(msg.dn, list(set(msg.keys()) - {"dn"})) > else: > print("Nothing found.") > > >if __name__ == "__main__": > main(sys.argv[1:])
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 15270
:
17760
|
17767
|
17768
|
17769
|
17770
|
17771
|
17773
|
17778
|
17789
|
17791
|
17792
|
17793
|
17799
|
17800
|
17804
|
17805
|
17806
|
17807
|
17808
|
17819
|
17820
|
17821
|
17822
|
17834
| 17845