Connect serially, process in parallel, terminates after 1 attempt whe…

…n there's connection problems
imseandavis · Sep 19, 2022 · 11f744b · 11f744b
1 parent 498614e
commit 11f744b
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 14 deletions.
diff --git a/main.go b/main.go
@@ -135,11 +135,22 @@ func main() {
 	inputqueue := make(chan string, 128)
 	outputqueue := make(chan string, 128)
 
+	var connectMutex sync.Mutex
+	var connectError error
+
 	var jobs sync.WaitGroup
 
 	jobs.Add(*parallel)
 	for i := 0; i < *parallel; i++ {
 		go func() {
+			connectMutex.Lock()
+
+			if connectError != nil {
+				connectMutex.Unlock()
+				jobs.Done()
+				return
+			}
+
 			var conn *ldap.Conn
 			switch tlsmode {
 			case NoTLS:
@@ -159,10 +170,14 @@ func main() {
 
 			if err != nil {
 				log.Printf("Problem connecting to LDAP server: %v", err)
+				connectError = err
 				jobs.Done()
+				connectMutex.Unlock()
 				return
 			}
 
+			connectMutex.Unlock()
+
 			for username := range inputqueue {
 				request := ldap.NewSearchRequest(
 					"", // The base dn to search
@@ -196,23 +211,25 @@ func main() {
 		}
 	}()
 
-	var line int
-	for names.Scan() {
-		if pb != nil && line%500 == 0 {
-			pb.Set(line)
-		}
+	go func() {
+		var line int
+		for names.Scan() {
+			if pb != nil && line%500 == 0 {
+				pb.Set(line)
+			}
 
-		username := names.Text()
-		if username != "" {
-			if strings.ContainsAny(username, `"/\:;|=,+*?<>`) {
-				continue
+			username := names.Text()
+			if username != "" {
+				if strings.ContainsAny(username, `"/\:;|=,+*?<>`) {
+					continue
+				}
+				inputqueue <- username
 			}
-			inputqueue <- username
+			line++
 		}
-		line++
-	}
+		close(inputqueue)
+	}()
 
-	close(inputqueue)
 	jobs.Wait()
 	close(outputqueue)
 }
diff --git a/readme.MD b/readme.MD
@@ -1,9 +1,11 @@
 # LDAP Nom Nom
 *Anonymously bruteforce Active Directory usernames from Domain Controllers by abusing LDAP Ping requests (cLDAP)*
 
+No Windows audit logs generated. High speed ~ up to 10K usernames tested per second.
+
 [![GitHub all releases](https://img.shields.io/github/downloads/lkarlslund/ldapnomnom/total)](https://github.com/lkarlslund/ldapnomnom/releases) ![GitHub Workflow Status](https://img.shields.io/github/workflow/status/lkarlslund/ldapnomnom/Build%20and%20publish%20pre-release)
 
-- Tries to autodetects DC from environment variables on domain joined machines or falls back to machine hostname FDQN DNS suffix
+- Tries to autodetect DC from environment variables on domain joined machines or falls back to machine hostname FDQN DNS suffix
 - Reads usernames to test from stdin (default) or file
 - Outputs to stdout (default) or file
 - Parallelized (defaults to 8 connections)