LDAP Sentinel

The LDAP Sentinel is a LDAP quering reflective DLL which provides a graphical user interface on Commander to query Active Directory for different objects and attributes. This can be extremely handy when you want to search for SPNs, Domain Admins or other Groups/Services within the Active Directory. You can start LDAP Sentinel by right clicking a badger and selecting Arsenal->LDAP Sentinel.

LDAP Sentinel provides several prebuilt queries to query the Active Directory. It also provides a query filter if you want to search for a specific attribute. These queries are exactly the same as Microsoft’s Ldap Syntax, which means it becomes pretty easy to write your own queries.

In the above figure, I used a built in query to search for all SPNs and selected the Forest checkbox to query the forest as a whole. The below figure shows the output on the badger’s console.

Simiarly, LDAP Sentinel provides you tons of prebuilt queries by default to enumerate the Active Directory objects and attributes.

One more example below shows the LDAP filter to search Canonical Names for the Domain Admins Group (cn=Domain Admins).

This filter will search and return all users in the Domain Admin group.

LDAP Sentinel also provides an option to run raw LDAP queries on any domain/forest of your choice. All queries will run in memory using the ActiveDS WinAPIs. The below figure shows an LDAP query running on the bruteratel.corp domain to find all users whose passwords are set to ‘Never Expire’. The future versions of LDAP Sentinel will include several built-in LDAP queries so that users wont have to write most common LDAP queries manually.