rusthound_ce/
lib.rs

1//! <p align="center">
2//!     <picture>
3//!         <img src="https://github.com/g0h4n/RustHound-CE/raw/main/img/rusthoundce-transparent-dark-theme.png" alt="rusthound-ce logo" width='250' />
4//!     </picture>
5//! </p>
6//! <hr />
7//!
8//! RustHound-CE is a cross-platform and cross-compiled BloodHound collector tool written in Rust, making it compatible with Linux, Windows, and macOS. It therefore generates all the JSON files that can be analyzed by BloodHound Community Edition. This version is only compatible with [BloodHound Community Edition](https://github.com/SpecterOps/BloodHound). The version compatible with [BloodHound Legacy](https://github.com/BloodHoundAD/BloodHound) can be found on [NeverHack's github](https://github.com/NH-RED-TEAM/RustHound).
9//!
10//!
11//! You can either run the binary:
12//! ```ignore
13//! ---------------------------------------------------
14//! Initializing RustHound-CE at 13:37:00 UTC on 01/12/23
15//! Powered by g0h4n from OpenCyber | NH-RED-TEAM
16//! ---------------------------------------------------
17//!
18//! RustHound-CE
19//! g0h4n https://twitter.com/g0h4n_0
20//! Active Directory data collector for BloodHound.
21//!
22//! Usage: rusthound [OPTIONS] --domain <domain>
23//!
24//! Options:
25//!   -v...          Set the level of verbosity
26//!   -h, --help     Print help
27//!   -V, --version  Print version
28//!
29//! REQUIRED VALUES:
30//!   -d, --domain <domain>  Domain name like: DOMAIN.LOCAL
31//!
32//! OPTIONAL VALUES:
33//!   -u, --ldapusername <ldapusername>  LDAP username, like: user@domain.local
34//!   -p, --ldappassword <ldappassword>  LDAP password
35//!   -f, --ldapfqdn <ldapfqdn>          Domain Controller FQDN like: DC01.DOMAIN.LOCAL or just DC01
36//!   -i, --ldapip <ldapip>              Domain Controller IP address like: 192.168.1.10
37//!   -P, --ldapport <ldapport>          LDAP port [default: 389]
38//!   -n, --name-server <name-server>    Alternative IP address name server to use for DNS queries
39//!   -o, --output <output>              Output directory where you would like to save JSON files [default: ./]
40//!
41//! OPTIONAL FLAGS:
42//!   -c, --collectionmethod [<COLLECTIONMETHOD>]
43//!           Which information to collect. Supported: All (LDAP,SMB,HTTP requests), DCOnly (no computer connections, only LDAP requests). (default: All) [possible values: All, DCOnly]
44//!       --ldaps
45//!           Force LDAPS using for request like: ldaps://DOMAIN.LOCAL/
46//!   -k, --kerberos
47//!           Use Kerberos authentication. Grabs credentials from ccache file (KRB5CCNAME) based on target parameters for Linux.
48//!       --dns-tcp
49//!           Use TCP instead of UDP for DNS queries
50//!       --dc-only
51//!           Collects data only from the domain controller. Will not try to retrieve CA security/configuration or check for Web Enrollment
52//!   -z, --zip
53//!           Compress the JSON files into a zip archive
54//!
55//! OPTIONAL MODULES:
56//!       --fqdn-resolver  Use fqdn-resolver module to get computers IP address
57//! ```
58//! 
59//! Or build your own using the ldap_search() function:
60//! 
61//! ```ignore
62//! # use rusthound::ldap::ldap_search;
63//! # let ldaps = true;
64//! # let ip = "127.0.0.1".to_owned();
65//! # let port = 676
66//! # let domain = "DOMAIN".to_owned()
67//! # let ldapfqdn = "domain.com".to_owned()
68//! # let username = "user".to_owned()
69//! # let password = "pwd".to_owned()
70//! # let kerberos= false;
71//! let result = ldap_search(
72//!     &ldaps,
73//!     &Some(ip),
74//!     &Some(port),
75//!     &domain,
76//!     &ldapfqdn,
77//!     &username,
78//!     &password,
79//!     kerberos,
80//! );
81//! ```
82//! 
83pub mod args;
84pub mod banner;
85pub mod ldap;
86pub mod utils;
87
88pub mod enums;
89pub mod json;
90pub mod objects;
91
92extern crate bitflags;
93extern crate chrono;
94extern crate regex;
95
96// Reimport key functions and structure
97#[doc(inline)]
98pub use ldap::ldap_search;
99#[doc(inline)]
100pub use ldap3::SearchEntry;