#!/usr/bin/env bash
set -euo pipefail

usage(){
  echo "Usage: $(basename "$0") <ip> [user] [pass]" >&2
  echo "- Tries to auto-detect base DN, then dumps common trees." >&2
  exit 1
}

ip=${1:-${TARGET:-}}
user=${2:-}
pass=${3:-}
[[ -z "$ip" ]] && usage

bind_args=(-x)
if [[ -n "$user" ]]; then
  bind_args=(-x -D "$user" -w "$pass")
fi

outdir=${OUTDIR:-scans}
mkdir -p "$outdir"
ts=$(date +%Y%m%d_%H%M%S)
base="$outdir/${ip//\//_}_ldap_${ts}"

echo "[+] Query namingContexts"
BASES=$(ldapsearch -H "ldap://$ip" "${bind_args[@]}" -s base -b "" namingContexts 2>/dev/null | awk '/^namingContexts:/{print $2}')
if [[ -z "$BASES" ]]; then
  echo "[!] Could not determine base DNs. Try manual -b."
  exit 1
fi
echo "$BASES" | tee "$base.bases.txt"

for b in $BASES; do
  echo "[+] Dumping base: $b" | tee -a "$base.dump.txt"
  ldapsearch -H "ldap://$ip" "${bind_args[@]}" -b "$b" '(objectClass=*)' 2>/dev/null | tee -a "$base.dump.txt"
done
echo "[+] Saved to $base.*"