# Need to link to blog

#
# Update param parsing func
#
def ldapsearch_parse_params( demon, params ):
    packer = Packer()

    num_params = len(params)

    query = ''
    attributes = ''
    scope = 3
    result_limit = 0
    hostname = ''
    domain = ''
    ldaps = 0

    if num_params < 1:
        demon.ConsoleWrite( demon.CONSOLE_ERROR, "Not enough parameters" )
        return None

    if num_params > 7:
        demon.ConsoleWrite( demon.CONSOLE_ERROR, "Too many parameters" )
        return None

    query = params[ 0 ]

    if num_params >= 2:
        attributes = params[ 1 ]

    if num_params >= 3:
        result_limit = int( params[ 2 ] )

    if num_params >= 4:
        scope = int ( params[ 3 ] )

    if num_params >= 5:
        hostname = params[ 4 ]

    if num_params >= 6:
        domain = params[ 5 ]

    if num_params >= 7:
        ldaps = int( params[ 6 ] )

    packer.addstr(query)
    packer.addstr(attributes)
    packer.adduint32(result_limit)
    packer.adduint32(scope)
    packer.addstr(hostname)
    packer.addstr(domain)
    packer.adduint32(ldaps)

    return packer.getbuffer()
  
#
# Update help text
#
RegisterCommand( ldapsearch, "", "ldapsearch", "Execute LDAP searches (NOTE: specify *,ntsecuritydescriptor as attribute parameter if you want all attributes + base64 encoded ACL of the objects, this can then be resolved using BOFHound. Could possibly break pagination, although everything seemed fine during testing.)", 0, "query [opt: attribute] [opt: results_limit] [opt: scope] [opt: DC hostname or IP] [opt: Distingished Name] [opt: ldaps]", "\"(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=4194304))\"" )