Merge pull request #75 from BloodHoundAD/fix-eca-processing

fix: eca processing without ca registry
SpecterOps · Nov 7, 2023 · 826efc6 · 826efc6
2 parents 8bc108f + 017a23b
commit 826efc6
Showing 1 changed file with 9 additions and 3 deletions.
diff --git a/src/Runtime/ObjectProcessors.cs b/src/Runtime/ObjectProcessors.cs
@@ -611,6 +611,9 @@ private async Task<EnterpriseCA> ProcessEnterpriseCA(ISearchResultEntry entry, R
             }
 
             // Collect properties from CA server registry
+            bool cASecurityCollected = false;
+            bool enrollmentAgentRestrictionsCollected = false;
+            bool isUserSpecifiesSanEnabledCollected = false;
             var caName = entry.GetProperty(LDAPProperties.Name);
             var dnsHostName = entry.GetProperty(LDAPProperties.DNSHostName);
             if ((_methods & ResolvedCollectionMethod.CARegistry) != 0 && caName != null && dnsHostName != null)
@@ -627,12 +630,15 @@ private async Task<EnterpriseCA> ProcessEnterpriseCA(ISearchResultEntry entry, R
                     CASecurity = await _certAbuseProcessor.ProcessRegistryEnrollmentPermissions(caName, resolvedSearchResult.Domain, dnsHostName, ret.HostingComputer)
                 };
 
+                cASecurityCollected = cARegistryData.CASecurity.Collected;
+                enrollmentAgentRestrictionsCollected = cARegistryData.EnrollmentAgentRestrictions.Collected;
+                isUserSpecifiesSanEnabledCollected = cARegistryData.IsUserSpecifiesSanEnabled.Collected;
                 ret.CARegistryData = cARegistryData;
             }
 
-            ret.Properties.Add("casecuritycollected", ret.CARegistryData.CASecurity.Collected);
-            ret.Properties.Add("enrollmentagentrestrictionscollected", ret.CARegistryData.EnrollmentAgentRestrictions.Collected);
-            ret.Properties.Add("isuserspecifiessanenabledcollected", ret.CARegistryData.IsUserSpecifiesSanEnabled.Collected);
+            ret.Properties.Add("casecuritycollected", cASecurityCollected);
+            ret.Properties.Add("enrollmentagentrestrictionscollected", enrollmentAgentRestrictionsCollected);
+            ret.Properties.Add("isuserspecifiessanenabledcollected", isUserSpecifiesSanEnabledCollected);
 
             return ret;
         }