Crack LDAP Data Interchange Format files (ldif)

[Download |Documentation |Targets |Mail ]

Lumberjack ? Yes - we hack trees !
LDAP Directory trees...

Lumberjack scanns the hash codes of all passwords in a ldif file. It's not that fast but it is written to be successfull - not to be a realtime cracker ! It also uses information found in the LDIF file (such as OU names) as possible passwords.

If you find a ldif that does not contain "userPassword:" elements with the hash type in { and }, use this perl script instead - they are base64 encoded:

#!/usr/bin/perl -w

use MIME::Base64;

die "supply file name\n" unless ($file=shift);

die "could not open file\n" unless (open(FD_IN,$file));
while () {
	if ((/^\r/)||(/^\r\n/)) { print "---\n"; }
	if (/dn:+\s+(.+)$/) { print "DN: ".$1."\n"; }
	if (/cn:+\s+(.+)$/) { 
		print "CN: ".$cnu."\n"; 
	if (/userpassword:+\s+(.+)$/i) {
		print "Password: ".$pwu."\n";
close FD_IN;