Moving `impacket/impacket/examples` to `impacket/examples`
n3rada opened this issue · 9 comments
It's pretty annoying to have some scripts inside impacket/impacket/examples
such as ldap_shell.py
instead of the common location.
I am a daily user of https://github.com/ThePorgs/impacket fork that is more up-to-date and installing-it through pipx
command doesn't let me type easily in my terminal ldap_shell.py
to run-it.
Due to this behavior, people started opening proper ldap_shell
fork: https://github.com/PShlyundin/ldap_shell.git
@ShutdownRepo I am keen on knowing your point of view about this
The thing is, ldap_shell.py
and the other files in impacket/impacket/examples/
are not strictly executable scripts. They have no entry point, no shebang, are not executable. They contain functionality which can be used by other scripts, like ntlmrelayx.py
. So just moving them to examples/
does not help.
Instead, a new wrapper script like ldap-shell.py
would be necessary (which then resides in examples/
) and provides a commandline interface for the LdapShell
class. Compare to mssqlclient.py
and mssqlshell.py
.
Given this concrete example of LdapShell
, I also think it would be useful to have. Colleagues and me also had use cases for this in the past.
I agree. So I can work on a PR that would have a chance of being accepted if I create a proper so-called wrapper for a LDAP shell?
I agree with @exploide, that's my understanding of Impacket's structure as well.
examples/
are example script.impacket/
is the library on which the scripts relyimpacket/examples/
some example scripts need additional helpers and definitions, this is where it's set
In my opinion, having a simple wrapper over LDAP shell would be a nice thing, but we probably shouldn't spend too much time on it as bloodyad probably does the job already.
@ShutdownRepo, does bloodyad
provide a way to have a console-like ldap request interface?
This tool seems lacking in documentation. I'm more in favor of improving ldeep
to use ldap in console mode.
depends imo
- bloodyAD for some facilitated actions (DNS, DACL, RBCD, membership, ownership, shadow creds, etc.)
- ldeep for better LDAP console for facilitated enumeration
Hi @n3rada,
I also agree with @exploide and @ShutdownRepo.
Regarding your query,
"does bloodyad provide a way to have a console-like ldap request interface?"
You might be interested in this project: https://github.com/p0dalirius/ldapconsole
Best regards,
Sounds great! It lacks aliases like computers
to extract computers and so on. Do you plan on adding them?
Hi @n3rada,
Yes I can, feel free to open issues to request new features on https://github.com/p0dalirius/ldapconsole and I will implement them.
You can also submit pull requests if you want.
In the meantime I think this issue is resolved? @n3rada If this is the case, please close this issue to avoid overloading the maintainers :)
Best regards,