Add interesting_perms module for advanced LDAP ACL enumeration

[TurkiNeptune]

Description

Added a new LDAP module interesting_perms designed to audit Active Directory for abusable permissions and extended rights natively.

Standard LDAP enumeration can be noisy and often misses inherited rights. This module solves that by:

• Automatically filtering out default built-in objects (RIDs < 1000) to highlight actual misconfigurations.
• Natively mapping binary SIDs to human-readable user principals on the fly for rapid recon.
• Utilizing tokenGroups via a BASE scope query to unroll nested groups, allowing operators to see their true effective inherited permissions across the domain.
• Providing targeted triage options (-o self=1) to instantly view explicit outbound permissions for a newly compromised account.

AI Assistance Statement:
This PR was created with the assistance of AI in refining side features.

Type of change

Insert an "x" inside the brackets for relevant items (do not delete options)

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Deprecation of feature or functionality
• This change requires a documentation update
• This requires a third party update (such as Impacket, Dploot, lsassy, etc)
• This PR was created with the assistance of AI (list what type of assistance, tool(s)/model(s) in the description)

Setup guide for the review

Testing Environment:

• Locally running machine: Kali Linux
• Target: Windows Server (Active Directory Domain Controller)

Testing the Feature:
No special GPO changes, registry settings, or additional software are required. Standard AD LDAP access with a valid domain user is sufficient.

1. Basic Execution (Filters out built-in noise):
   nxc ldap <IP> -u <USER> -p <PASS> -M interesting_perms

2. Testing Explicit Self-Permissions:
   Create an explicit ACE for your testing user over another object, then run:
   nxc ldap <IP> -u <USER> -p <PASS> -M interesting_perms -o self=1

3. Testing Effective Nested Permissions (tokengroup=1):
   Ensure your testing user is in a group that has privileges over other objects.
   nxc ldap <IP> -u <USER> -p <PASS> -M interesting_perms -o tokengroup=1
   Expected Result: The module will print [*] Unrolled X inherited SIDs... and display the inherited rights.

Checklist:

Insert an "x" inside the brackets for completed and relevant items (do not delete options)

• I have ran Ruff against my changes (poetry: poetry run ruff check ., use --fix to automatically fix what it can)
• I have added or updated the tests/e2e_commands.txt file if necessary (new modules or features are required to be added to the e2e tests)
• If reliant on changes of third party dependencies, such as Impacket, dploot, lsassy, etc, I have linked the relevant PRs in those projects
• I have linked relevant sources that describes the added technique (blog posts, documentation, etc)
• I have performed a self-review of my own code (not an AI review)
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation (PR here: https://github.com/Pennyw0rth/NetExec-Wiki)

[azoxlpf]

Thanks for the PR! But this is unfortunately duplicate #1176

[TurkiNeptune]

np have a good rest of your day

[NeffIsBack]

Closing then