github-starred/burp-ui
2
0
Fork 0
mirror of https://github.com/ziirish/burp-ui.git synced 2026-05-21 06:45:24 -06:00
Code Issues 1 Projects Packages Wiki Activity Actions
413 commits 6 branches 33 tags 8 MiB
Commit graph

413 commits

This branch
This branch
All branches
Author SHA1 Message Date
ziirish
2ffd76faf8 fix: links in documentation 2015-06-17 17:50:05 +02:00
ziirish
db4d2913f6 well improved documentation fixes #1 2015-06-17 17:36:12 +02:00
ziirish
9e8b883a7e remove unused file 2015-06-16 15:43:41 +02:00
ziirish
d6af10c6b3 Merge branch 'master' into 'master' 
Use RESTARTABLE client_strategy for persistent Connections

Fixes for #64 for AD. Changes the Connection used for doing ldap searches (ie. fetch()) to attempt to re-connect if the server has closed the socket. Note that Connections used for binding (ie. check()) use the default SYNC strategy.

String representations of the Connection are incredibly useful.

```
2015-06-16 10:24:52 [21634] [DEBUG] POST /login
filter: (&(sAMAccountName=wade.fitzpatrick)(|(userAccountControl=512)(userAccountControl=66048))) | base: OU=Systems,OU=Employees,DC=corp,DC=net,DC=au
LDAP Connection = ldaps://corp.net.au:636 - ssl - user: CN=LDAP Read,CN=Users,DC=corp,DC=net,DC=au - bound - open - <local: 10.137.1.140:60119 - remote: 10.137.1.193:636> - tls not started - listening - RestartableStrategy
Found DN: CN=Wade Fitzpatrick,OU=Systems,OU=Employees,DC=corp,DC=net,DC=au
filter: (&(sAMAccountName=wade.fitzpatrick)(|(userAccountControl=512)(userAccountControl=66048))) | base: OU=Systems,OU=Employees,DC=corp,DC=net,DC=au
LDAP Connection = ldaps://corp.net.au:636 - ssl - user: CN=LDAP Read,CN=Users,DC=corp,DC=net,DC=au - bound - open - <local: 10.137.1.140:60119 - remote: 10.137.1.193:636> - tls not started - listening - RestartableStrategy
Found DN: CN=Wade Fitzpatrick,OU=Systems,OU=Employees,DC=corp,DC=net,DC=au
LDAP Connection = ldaps://corp.net.au:636 - ssl - user: CN=Wade Fitzpatrick,OU=Systems,OU=Employees,DC=corp,DC=net,DC=au - bound - open - <local: 10.137.1.140:60417 - remote: 10.137.1.193:636> - tls not started - listening - SyncStrategy
Bound as user: CN=Wade Fitzpatrick,OU=Systems,OU=Employees,DC=corp,DC=net,DC=au
2015-06-16 10:24:53 [21634] [DEBUG] Closing connection.
2015-06-16 10:24:53 [21634] [DEBUG] GET /
2015-06-16 10:24:53 [21634] [DEBUG] Closing connection.
```

And below, running 5 worker threads under gunicorn, we can see the number of connections decrease then reconnect as needed:
```
root@rubicon:~# netstat -anp |grep  :636
tcp        0      0 10.137.1.140:60119       10.137.1.193:636         ESTABLISHED 21634/python
tcp        0      0 10.137.1.140:60117       10.137.1.193:636         ESTABLISHED 21625/python
tcp        0      0 10.137.1.140:60116       10.137.1.193:636         ESTABLISHED 21627/python
tcp        0      0 10.137.1.140:60120       10.137.1.193:636         ESTABLISHED 21636/python
tcp        0      0 10.137.1.140:60118       10.137.1.193:636         ESTABLISHED 21626/python
tcp6       0      0 10.137.1.140:52366       10.137.1.193:636         ESTABLISHED 12140/java
root@rubicon:~# netstat -anp |grep  :636
tcp6       0      0 10.137.1.140:52366       10.137.1.193:636         ESTABLISHED 12140/java
root@rubicon:~# netstat -anp |grep  :636
tcp        0      0 10.137.1.140:36869       10.137.1.193:636         ESTABLISHED 21634/python
tcp6       0      0 10.137.1.140:52366       10.137.1.193:636         ESTABLISHED 12140/java
```

See merge request !2

fixes #64
 2015-06-16 11:31:59 +00:00
ziirish
66915e9ed2 a few fixes for !2 2015-06-16 13:30:18 +02:00
Wade Fitzpatrick
9294806557 fix: use RESTARTABLE client strategy for persistent connections 2015-06-16 10:45:25 +10:00
ziirish
244af7e9da update documentation 2015-06-15 19:45:13 +02:00
ziirish
571a53825d update README 2015-06-15 19:37:07 +02:00
ziirish
47ad38edc6 fix doc conf 2015-06-15 19:28:13 +02:00
ziirish
eafe70fff6 rename default configuration file 2015-06-15 19:04:30 +02:00
ziirish
70ec141862 add more documentation #1 2015-06-15 18:57:34 +02:00
ziirish
1e6d51f507 update documentation #1 2015-06-15 18:56:24 +02:00
ziirish
9b500ecca9 renamed config file 2015-06-15 18:55:15 +02:00
ziirish
1dbfb4f5fe renamed config file 2015-06-15 18:54:59 +02:00
ziirish
44dbf92cdb pep8 2015-06-15 18:54:13 +02:00
ziirish
d98b5691d8 renamed configuration files so that user changes are not overrided when upgrading 2015-06-15 18:47:23 +02:00
ziirish
d2f9d0a6a3 pep8 2015-06-15 09:07:37 +02:00
Wade Fitzpatrick
43ee0635fd fix: use int for ldap port and better debugging 2015-06-15 16:37:20 +10:00
ziirish
53140519ec fix: typo 2015-06-14 11:30:57 +02:00
ziirish
a230c699dc add: tmpdir option 2015-06-14 11:29:30 +02:00
ziirish
73b0331f4f change requirement for ldap backend 2015-06-14 11:21:59 +02:00
ziirish
3b5a6e7b40 pep8 2015-06-14 11:21:16 +02:00
ziirish
3ddd8e2e2e improve user bind 2015-06-12 22:44:10 +02:00
ziirish
9e5e2b0cf8 fix: use ldap3 context in order to reconnect to LDAP server (fixes #64) 2015-06-12 17:32:05 +02:00
ziirish
8f813e0d43 fix: ldap3 changes for #64 2015-06-12 17:05:52 +02:00
ziirish
55a8d2a9aa replace simpleldap with ldap3 (see #64) 2015-06-12 16:44:25 +02:00
ziirish
7564482543 pep8 2015-06-12 10:45:15 +02:00
ziirish
5dbdf8b50e improve dynamic loading 2015-06-12 10:40:26 +02:00
ziirish
7e2f96294e fix: more parser error handling + pep8 2015-06-11 11:32:45 +02:00
ziirish
958d1925f4 fix: the config parser did not handle the exceptions correctly 2015-06-11 11:23:29 +02:00
ziirish
0f1247af26 Merge branch 'master' into 'master' 
Improved ldap handling & docs; binds against AD

== New config options
- adds port and encryption options for binding over SSL/TLS
- adds 'searchattr' option, the LDAP attribute to search on, defaults to 'uid'

== LdapLoader.fetch() changes:
- uses python format() to render the search attribute and search value into the search filter
- if search filter is not specified, uses a simple attr=value search filter
- returns DN and CN of the object if found

== LdapLoader.check() changes:
- binds to the LDAP server using the DN found in fetch(). Previously it was trying to bind using 'uid' and the search base which would not work for non-POSIX accounts or objects found in sub-trees.

== LdapUser.__init__() changes:
- records the DN of the user in order to re-bind as that object

== LdapUser.login() changes:
- searches for the user again to prevent binding as a disabled user. In AD, a user may still be able to bind even though their userAccountControl attribute prevents them from logging in to a host. This check overrides the cached result in case the account was disabled since last login.
- disables the user if it can no longer be found in LDAP.

== Overall improvements
- better documentation of the classes and functions

= TODO
- add better user documentation explaining the new config options and how search filter should be used properly.

See merge request !1
Closes #63
 2015-06-11 08:43:15 +00:00
ziirish
046c7ed4cc fix: confusion between attribute and option 2015-06-11 10:38:38 +02:00
Wade Fitzpatrick
dd328b931d fix: use actual dn instead of an attribute 2015-06-11 10:25:14 +10:00
ziirish
274066c040 pep8 2015-06-10 14:53:05 +02:00
ziirish
652f854e7a Merge branch 'master' of git.ziirish.me:ziirish/burp-ui 2015-06-10 14:11:47 +02:00
ziirish
e195760449 update README with some burp-ui options 2015-06-10 14:11:34 +02:00
ziirish
4c5d5b3855 update README with some burp-ui options 2015-06-10 14:11:15 +02:00
ziirish
e25ba7573c fix: the binding was not working on LDAP servers 2015-06-10 14:06:29 +02:00
ziirish
ecf34f4308 fix: when a exception is raised, the remaining options are not loaded 2015-06-10 12:02:50 +02:00
ziirish
ae2d4cb274 add: gunicorn example config file 2015-06-10 11:26:15 +02:00
ziirish
8ac74a274f improve logging for #65 2015-06-10 11:12:12 +02:00
ziirish
7f8ec96d01 update README with some burp-ui options 2015-06-10 11:11:41 +02:00
Wade Fitzpatrick
1c118edd9c Correct failure behaviour in login 2015-06-10 15:20:52 +10:00
Wade Fitzpatrick
db1a8ce10d Documented new config options for LDAP auth to AD 2015-06-10 14:57:50 +10:00
Wade Fitzpatrick
4b7bf5993f Improved ldap handling & docs; binds against AD 2015-06-10 14:00:56 +10:00
ziirish
b0ea5523fb Merge branch 'master' of git.ziirish.me:ziirish/burp-ui 2015-06-05 14:29:29 +02:00
ziirish
298e380431 fix: url redirect was not working 2015-06-05 14:28:30 +02:00
ziirish
36f0bf6c14 typo 2015-06-04 18:53:04 +02:00
ziirish
611cd4d8e1 even more documentation 2015-06-04 17:38:43 +02:00
ziirish
2cf1a28d81 more documentation 2015-06-02 16:24:13 +02:00