Fix AttributeError in LDAPS channel binding check with Kerberos auth

Mercury0 · Mercury0 · commit 8f96e0139f28 · 2025-10-31T11:00:14.000-07:00
diff --git a/nxc/protocols/ldap.py b/nxc/protocols/ldap.py
@@ -233,6 +233,13 @@ def check_ldaps_cbt(self):
         ldap_url = f"ldaps://{self.target}"
         try:
             ldap_connection = ldap_impacket.LDAPConnection(url=ldap_url, baseDN=self.baseDN, dstIp=self.host)
+
+            # Check if the attribute exists before accessing it
+            if not hasattr(ldap_connection, "_LDAPConnection__channel_binding_value"):
+                self.logger.debug("LDAPConnection does not support channel binding value attribute")
+                self.cbt_status = "Unknown"
+                return
+
             ldap_connection._LDAPConnection__channel_binding_value = None
             ldap_connection.login(user=" ", domain=self.domain)
         except ldap_impacket.LDAPSessionError as e:
@@ -242,6 +249,13 @@ def check_ldaps_cbt(self):
             # Login failed (wrong credentials). test if we get an error with an existing, but wrong CBT -> When supported
             elif str(e).find("data 52e") >= 0:
                 ldap_connection = ldap_impacket.LDAPConnection(url=ldap_url, baseDN=self.baseDN, dstIp=self.host)
+
+                # Check if the attribute exists before accessing it
+                if not hasattr(ldap_connection, "_LDAPConnection__channel_binding_value"):
+                    self.logger.debug("LDAPConnection does not support channel binding value attribute")
+                    self.cbt_status = "Unknown"
+                    return
+
                 new_cbv = bytearray(ldap_connection._LDAPConnection__channel_binding_value)
                 new_cbv[15] = (new_cbv[3] + 1) % 256
                 ldap_connection._LDAPConnection__channel_binding_value = bytes(new_cbv)
