内网利器 - LDAPWordlistHarvester

$ ./LDAPWordlistHarvester.py -hLDAPWordlistHarvester.py v1.1 - by @podalirius_usage: LDAPWordlistHarvester.py [-h] [-v] [-o OUTPUTFILE] --dc-ip ip address [-d DOMAIN] [-u USER] [--ldaps] [--no-pass | -p PASSWORD | -H [LMHASH:]NTHASH | --aes-key hex key] [-k]options:  -h, --help            show this help message and exit  -v, --verbose         Verbose mode. (default: False)  -o OUTPUTFILE, --outputfile OUTPUTFILE                        Path to output file of wordlist.Authentication & connection:  --dc-ip ip address    IP Address of the domain controller or KDC (Key Distribution Center) for Kerberos. If omitted it will use the domain part (FQDN) specified in the identity parameter  -d DOMAIN, --domain DOMAIN                        (FQDN) domain to authenticate to  -u USER, --user USER  user to authenticate with  --ldaps               Use LDAPS instead of LDAPCredentials:  --no-pass             Don't ask for password (useful for -k)  -p PASSWORD, --password PASSWORD                        Password to authenticate with  -H [LMHASH:]NTHASH, --hashes [LMHASH:]NTHASH                        NT/LM hashes, format is LMhash:NThash  --aes-key hex key     AES key to use for Kerberos Authentication (128 or 256 bits)  -k, --kerberos        Use Kerberos authentication. Grabs credentials from .ccache file (KRB5CCNAME) based on target parameters. If valid credentials cannot be found, it will use the ones specified in the command line