Add LDAP to the set of interactive session types

dwelch-r7 · dwelch-r7 · commit 4c478a5b23fb · 2025-01-15T09:51:35.000Z
diff --git a/lib/msf/core/rpc/v10/rpc_session.rb b/lib/msf/core/rpc/v10/rpc_session.rb
@@ -531,6 +531,7 @@ def rpc_compatible_modules(sid)
     postgresql
     mysql
     smb
+    ldap
   ].freeze
 
   def _find_module(_mtype, mname)
@@ -545,7 +546,7 @@ def _valid_interactive_session(sid)
     error(500, "Unknown Session ID #{sid}") if session.nil?
 
     unless INTERACTIVE_SESSION_TYPES.include?(session.type)
-      error(500, "Use `interactive_read` and `interactive_write` for sessions of #{session.type} type")
+      error(500, "`interactive_read` and `interactive_write` not available for #{session.type} sessions")
     end
 
     session
diff --git a/lib/rex/post/ldap/ui/console/command_dispatcher/client.rb b/lib/rex/post/ldap/ui/console/command_dispatcher/client.rb
@@ -104,7 +104,12 @@ def cmd_query_help
           end
 
           def cmd_getuid
-            username = client.ldapwhoami
+            begin
+              username = client.ldapwhoami
+            rescue Net::LDAP::Error => e
+              print_error(e.message)
+              return
+            end
             username.delete_prefix!('u:')
             print_status("Server username: #{username}")
           end
diff --git a/lib/rex/proto/ldap/client.rb b/lib/rex/proto/ldap/client.rb
@@ -121,12 +121,16 @@ def discover_base_dn
         end
 
         # Monkeypatch upstream library to support the extended Whoami request. Delete
-        # this after https://github.com/ruby-ldap/ruby-net-ldap/pull/425 is landed.
+        # this after https://github.com/ruby-ldap/ruby-net-ldap/pull/425 is released.
         # This is not the only occurrence of a patch for this functionality.
         def ldapwhoami(args = {})
           instrument "ldapwhoami.net_ldap", args do |payload|
             @result = use_connection(args, &:ldapwhoami)
-            @result.success? ? @result.extended_response : nil
+            if @result.success?
+              @result.extended_response
+            else
+              raise Net::LDAP::Error, "#{peerinfo} LDAP Error: #{@result.error_message}"
+            end
           end
         end
       end
