Fix ldap result parsing minor code improvements

NeffIsBack · NeffIsBack · commit c2fe27173821 · 2024-10-18T20:20:27.000-04:00
diff --git a/nxc/parsers/ldap_results.py b/nxc/parsers/ldap_results.py
@@ -1,5 +1,6 @@
 from impacket.ldap import ldapasn1 as ldapasn1_impacket
 
+
 def parse_result_attributes(ldap_response):
     parsed_response = []
     for entry in ldap_response:
@@ -12,15 +13,11 @@ def parse_result_attributes(ldap_response):
             for val in attribute["vals"].components:
                 try:
                     encoding = val.encoding
-
-                    print(f"Val: {str(val)}, Type: {type(val)}, Encoding: {encoding}")
-                    print(str(val).encode(encoding).decode("utf-8"))
-                    # Attempt to decode as UTF-8
-                    decoded_val = val.decode("utf-8")
-                except (UnicodeDecodeError, AttributeError):
-                    # If it fails, fall back to hexadecimal representation
-                    decoded_val = val.hex() if isinstance(val, bytes) else str(val)
-                val_list.append(decoded_val)
+                    val_decoded = str(val).encode(encoding).decode("utf-8")
+                except UnicodeDecodeError:
+                    # If we can't decode the value, we'll just return the bytes
+                    val_decoded = val.__bytes__()
+                val_list.append(val_decoded)
             attribute_map[str(attribute["type"])] = val_list if len(val_list) > 1 else val_list[0]
         parsed_response.append(attribute_map)
     return parsed_response
diff --git a/nxc/protocols/ldap.py b/nxc/protocols/ldap.py
@@ -1092,12 +1092,7 @@ def find_delegation(self):
         UF_TRUSTED_FOR_DELEGATION = 0x80000
         UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION = 0x1000000
         UF_ACCOUNTDISABLE = 0x2
-
-        def processAttributeValue(attribute):
-            # Extract the payload value from the AttributeValue object
-            if hasattr(attribute, "payload"):
-                return str(attribute.payload)
-            return str(attribute)
+        SERVER_TRUST_ACCOUNT = 0x2000
 
         def printTable(items, header):
             colLen = []
@@ -1126,11 +1121,11 @@ def printTable(items, header):
                 self.logger.highlight(outputFormat.format(*row))
 
         # Building the search filter
-        search_filter = ("(&(|(UserAccountControl:1.2.840.113556.1.4.803:=16777216)"
-                         "(UserAccountControl:1.2.840.113556.1.4.803:=524288)"
+        search_filter = (f"(&(|(UserAccountControl:1.2.840.113556.1.4.803:={UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION})"
+                         f"(UserAccountControl:1.2.840.113556.1.4.803:={UF_TRUSTED_FOR_DELEGATION})"
                          "(msDS-AllowedToDelegateTo=*)(msDS-AllowedToActOnBehalfOfOtherIdentity=*))"
-                         "(!(UserAccountControl:1.2.840.113556.1.4.803:=2))"
-                         "(!(UserAccountControl:1.2.840.113556.1.4.803:=8192)))")
+                         f"(!(UserAccountControl:1.2.840.113556.1.4.803:={UF_ACCOUNTDISABLE}))"
+                         f"(!(UserAccountControl:1.2.840.113556.1.4.803:={SERVER_TRUST_ACCOUNT})))")
 
         attributes = ["sAMAccountName", "pwdLastSet", "userAccountControl", "objectCategory", 
                       "msDS-AllowedToActOnBehalfOfOtherIdentity", "msDS-AllowedToDelegateTo"]
