Merge pull request #19809 from dwelch-r7/mark-ldap-session-as-interac…

…tive Add LDAP to the set of interactive session types
rapid7 · Jan 15, 2025 · de0cde7 · de0cde7
2 parents c494ad4 + 4c478a5
commit de0cde7
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 4 deletions.
diff --git a/lib/msf/core/rpc/v10/rpc_session.rb b/lib/msf/core/rpc/v10/rpc_session.rb
@@ -531,6 +531,7 @@ def rpc_compatible_modules(sid)
     postgresql
     mysql
     smb
+    ldap
   ].freeze
 
   def _find_module(_mtype, mname)
@@ -545,7 +546,7 @@ def _valid_interactive_session(sid)
     error(500, "Unknown Session ID #{sid}") if session.nil?
 
     unless INTERACTIVE_SESSION_TYPES.include?(session.type)
-      error(500, "Use `interactive_read` and `interactive_write` for sessions of #{session.type} type")
+      error(500, "`interactive_read` and `interactive_write` not available for #{session.type} sessions")
     end
 
     session

diff --git a/lib/rex/post/ldap/ui/console/command_dispatcher/client.rb b/lib/rex/post/ldap/ui/console/command_dispatcher/client.rb
@@ -104,7 +104,12 @@ def cmd_query_help
           end
 
           def cmd_getuid
-            username = client.ldapwhoami
+            begin
+              username = client.ldapwhoami
+            rescue Net::LDAP::Error => e
+              print_error(e.message)
+              return
+            end
             username.delete_prefix!('u:')
             print_status("Server username: #{username}")
           end

diff --git a/lib/rex/proto/ldap/client.rb b/lib/rex/proto/ldap/client.rb
@@ -121,12 +121,16 @@ def discover_base_dn
         end
 
         # Monkeypatch upstream library to support the extended Whoami request. Delete
-        # this after https://github.com/ruby-ldap/ruby-net-ldap/pull/425 is landed.
+        # this after https://github.com/ruby-ldap/ruby-net-ldap/pull/425 is released.
         # This is not the only occurrence of a patch for this functionality.
         def ldapwhoami(args = {})
           instrument "ldapwhoami.net_ldap", args do |payload|
             @result = use_connection(args, &:ldapwhoami)
-            @result.success? ? @result.extended_response : nil
+            if @result.success?
+              @result.extended_response
+            else
+              raise Net::LDAP::Error, "#{peerinfo} LDAP Error: #{@result.error_message}"
+            end
           end
         end
       end