Merge branch 'v3' of github.com:BloodHoundAD/SharpHoundCommon into adcs

SpecterOps · Sep 29, 2023 · 90cbb09 · 90cbb09
2 parents b33079a + 6f3dfed
commit 90cbb09
Show file tree

Hide file tree

Showing 7 changed files with 82 additions and 37 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -6,12 +6,14 @@ jobs:
   build:
     runs-on: windows-latest
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
 
     - name: Setup .NET
-      uses: actions/setup-dotnet@v1
+      uses: actions/setup-dotnet@v3
       with:
-        dotnet-version: 5.0.x
+        dotnet-version: |
+          7.0.x
+          5.0.x
 
     - name: Restore dependencies
       run: dotnet restore

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: windows-latest
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Parse Version
         uses: web3j/[email protected]
@@ -21,9 +21,11 @@ jobs:
           start: 1
 
       - name: Setup .NET
-        uses: actions/setup-dotnet@v1
+        uses: actions/setup-dotnet@v3
         with:
-          dotnet-version: 5.0.x
+          dotnet-version: |
+              7.0.x
+              5.0.x
 
       - name: Restore Dependencies
         run: dotnet restore
@@ -38,16 +40,26 @@ jobs:
           path: docfx/coverage/report/
 
       - name: Pack
-        run: dotnet pack --no-restore -c Release -p:PackageVersion=${{ steps.version.outputs.result }} -o .
+        run: | 
+          mkdir pkgs
+          dotnet pack --no-restore -c Release -p:PackageVersion=${{ steps.version.outputs.result }} -o ./pkgs
         
-      - name: Prep Packages
-        run: dotnet nuget add source --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }} --store-password-in-clear-text --name github "https://nuget.pkg.github.com/BloodHoundAD/index.json"
-
-      - name: Publish to GitHub Packages
-        run: dotnet nuget push *.nupkg --api-key ${{ secrets.GITHUB_TOKEN }} --source "github"
+#      - name: Prep Packages
+#        run: dotnet nuget add source --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }} --store-password-in-clear-text --name github "https://nuget.pkg.github.com/BloodHoundAD/index.json"
 
-      - name: Publish NuGet
-        run: dotnet nuget push *.nupkg -s https://api.nuget.org/v3/index.json -k ${{ secrets.NUGET_TOKEN }} --skip-duplicate
+#      - name: Publish to GitHub Packages
+#        run: dotnet nuget push *.nupkg --api-key ${{ secrets.GITHUB_TOKEN }} --source "github"
+#
+#      - name: Publish NuGet
+#        run: dotnet nuget push *.nupkg -s https://api.nuget.org/v3/index.json -k ${{ secrets.NUGET_TOKEN }} --skip-duplicate
+
+      - name: Publish to SpecterOps Packages
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_KEY }}
+        run: |
+          dotnet tool install -g sleet
+          sleet push ./pkgs --skip-existing
         
   ghpages:
     name: ghpages

diff --git a/sleet.json b/sleet.json
@@ -0,0 +1,11 @@
+{
+  "sources": [
+    {
+      "name": "feed",
+      "type": "s3",
+      "path": "https://s3.amazonaws.com/bloodhound-ad",
+      "region": "us-east-1",
+      "bucketName": "bloodhound-ad"
+    }
+  ]
+}
diff --git a/src/CommonLib/LDAPProperties.cs b/src/CommonLib/LDAPProperties.cs
@@ -13,6 +13,7 @@ public static class LDAPProperties
         public const string GPLink = "gplink";
         public const string TrustDirection = "trustdirection";
         public const string TrustAttributes = "trustattributes";
+        public const string TrustType = "trusttype";
         public const string CanonicalName = "cn";
         public const string GPCFileSYSPath = "gpcfilesyspath";
         public const string Description = "description";
@@ -41,6 +42,7 @@ public static class LDAPProperties
         public const string SecurityIdentifier = "securityidentifier";
         public const string ObjectSID = "objectsid";
         public const string ObjectGUID = "objectguid";
+        public const string DistinguishedName = "distinguishedname";
         public const string PrimaryGroupID = "primarygroupid";
         public const string GroupPolicyOptions = "gpoptions";
         public const string UnixUserPassword = "unixuserpassword";

diff --git a/src/CommonLib/LDAPQueries/CommonProperties.cs b/src/CommonLib/LDAPQueries/CommonProperties.cs
@@ -3,61 +3,79 @@
     public static class CommonProperties
     {
         public static readonly string[] TypeResolutionProps =
-            {"samaccounttype", "objectsid", "objectguid", "objectclass", "samaccountname", "msds-groupmsamembership"};
+        {
+            LDAPProperties.SAMAccountType, LDAPProperties.ObjectSID, LDAPProperties.ObjectGUID,
+            LDAPProperties.ObjectClass, LDAPProperties.SAMAccountName, LDAPProperties.GroupMSAMembership
+        };
 
-        public static readonly string[] ObjectID = {"objectsid", "objectguid"};
-        public static readonly string[] ObjectSID = {"objectsid"};
-        public static readonly string[] GPCFileSysPath = {"gpcfilesyspath"};
+        public static readonly string[] ObjectID = { LDAPProperties.ObjectSID, LDAPProperties.ObjectGUID };
+        public static readonly string[] ObjectSID = { LDAPProperties.ObjectSID };
+        public static readonly string[] GPCFileSysPath = { LDAPProperties.GPCFileSYSPath };
 
         public static readonly string[] BaseQueryProps =
         {
-            "objectsid", "distinguishedname", "objectguid", "ms-mcs-admpwdexpirationtime", "isDeleted",
-            "useraccountcontrol"
+            LDAPProperties.ObjectSID, LDAPProperties.DistinguishedName, LDAPProperties.ObjectGUID,
+            LDAPProperties.LegacyLAPSExpirationTime, LDAPProperties.LAPSExpirationTime, LDAPProperties.IsDeleted,
+            LDAPProperties.UserAccountControl
         };
 
         public static readonly string[] GroupResolutionProps =
         {
-            "samaccountname", "distinguishedname", "samaccounttype", "member", "cn", "primarygroupid", "dnshostname"
+            LDAPProperties.SAMAccountName, LDAPProperties.DistinguishedName, LDAPProperties.SAMAccountType,
+            LDAPProperties.Members, LDAPProperties.CanonicalName, LDAPProperties.PrimaryGroupID,
+            LDAPProperties.DNSHostName
         };
 
         public static readonly string[] ComputerMethodProps =
         {
-            "samaccountname", "distinguishedname", "dnshostname", "samaccounttype", "operatingsystem", "pwdlastset"
+            LDAPProperties.SAMAccountName, LDAPProperties.DistinguishedName, LDAPProperties.DNSHostName,
+            LDAPProperties.SAMAccountType, LDAPProperties.OperatingSystem, LDAPProperties.PasswordLastSet
         };
 
         public static readonly string[] ACLProps =
         {
-            "samaccountname", "distinguishedname", "dnshostname", "samaccounttype", "ntsecuritydescriptor",
-            "displayname", "objectclass", "objectsid", "name"
+            LDAPProperties.SAMAccountName, LDAPProperties.DistinguishedName, LDAPProperties.DNSHostName,
+            LDAPProperties.SAMAccountType, LDAPProperties.SecurityDescriptor,
+            LDAPProperties.DisplayName, LDAPProperties.ObjectClass, LDAPProperties.ObjectSID, LDAPProperties.Name
         };
 
         public static readonly string[] ObjectPropsProps =
         {
-            "samaccountname", "distinguishedname", "samaccounttype", "pwdlastset", "lastlogon", "lastlogontimestamp",
-            "objectsid",
-            "sidhistory", "dnshostname", "operatingsystem",
-            "operatingsystemservicepack", "serviceprincipalname", "displayname", "mail", "title",
-            "homedirectory", "description", "admincount", "userpassword", "gpcfilesyspath", "objectclass",
-            "msds-behavior-version", "objectguid", "name", "gpoptions", "msds-allowedToDelegateTo",
-            "msDS-AllowedToActOnBehalfOfOtherIdentity", "whenCreated", "msds-hostserviceaccount"
+            LDAPProperties.SAMAccountName, LDAPProperties.DistinguishedName, LDAPProperties.SAMAccountType,
+            LDAPProperties.PasswordLastSet, LDAPProperties.LastLogon, LDAPProperties.LastLogonTimestamp,
+            LDAPProperties.ObjectSID,
+            LDAPProperties.SIDHistory, LDAPProperties.DNSHostName, LDAPProperties.OperatingSystem,
+            LDAPProperties.ServicePack, LDAPProperties.ServicePrincipalNames, LDAPProperties.DisplayName,
+            LDAPProperties.Email, LDAPProperties.Title,
+            LDAPProperties.HomeDirectory, LDAPProperties.Description, LDAPProperties.AdminCount,
+            LDAPProperties.UserPassword, LDAPProperties.GPCFileSYSPath, LDAPProperties.ObjectClass,
+            LDAPProperties.DomainFunctionalLevel, LDAPProperties.ObjectGUID, LDAPProperties.Name,
+            LDAPProperties.GroupPolicyOptions, LDAPProperties.AllowedToDelegateTo,
+            LDAPProperties.AllowedToActOnBehalfOfOtherIdentity, LDAPProperties.WhenCreated,
+            LDAPProperties.HostServiceAccount, LDAPProperties.UnixUserPassword, LDAPProperties.MsSFU30Password,
+            LDAPProperties.UnicodePassword
         };
 
         public static readonly string[] ContainerProps =
         {
-            "displayname", "name", "objectguid", "gplink", "gpoptions", "objectclass"
+            LDAPProperties.DisplayName, LDAPProperties.Name, LDAPProperties.ObjectGUID, LDAPProperties.GPLink,
+            LDAPProperties.GroupPolicyOptions, LDAPProperties.ObjectClass
         };
 
         public static readonly string[] SPNTargetProps =
         {
-            "serviceprincipalname", "samaccountname", "samaccounttype"
+            LDAPProperties.ServicePrincipalNames, LDAPProperties.SAMAccountName, LDAPProperties.SAMAccountType
         };
 
         public static readonly string[] DomainTrustProps =
-            {"trustattributes", "securityidentifier", "trustdirection", "trusttype", "cn"};
+        {
+            LDAPProperties.TrustAttributes, LDAPProperties.SecurityIdentifier, LDAPProperties.TrustDirection,
+            LDAPProperties.TrustType, LDAPProperties.CanonicalName
+        };
 
         public static readonly string[] GPOLocalGroupProps =
         {
-            "gplink", "name"
+            LDAPProperties.GPLink, LDAPProperties.Name
         };
 
         public static readonly string[] CertAbuseProps =

diff --git a/src/CommonLib/SharpHoundCommonLib.csproj b/src/CommonLib/SharpHoundCommonLib.csproj
@@ -9,7 +9,7 @@
         <PackageDescription>Common library for C# BloodHound enumeration tasks</PackageDescription>
         <PackageLicenseExpression>GPL-3.0-only</PackageLicenseExpression>
         <RepositoryUrl>https://github.com/BloodHoundAD/SharpHoundCommon</RepositoryUrl>
-        <Version>3.0.7</Version>
+        <Version>3.0.8</Version>
         <AssemblyName>SharpHoundCommonLib</AssemblyName>
         <RootNamespace>SharpHoundCommonLib</RootNamespace>
     </PropertyGroup>

diff --git a/src/SharpHoundRPC/SharpHoundRPC.csproj b/src/SharpHoundRPC/SharpHoundRPC.csproj
@@ -8,7 +8,7 @@
         <Company>SpecterOps</Company>
         <PackageDescription>SAM/LSA Wrapper for C# BloodHound tasks</PackageDescription>
         <PackageLicenseExpression>GPL-3.0-only</PackageLicenseExpression>
-        <Version>1.0.0</Version>
+        <Version>3.0.8</Version>
         <AssemblyName>SharpHoundRPC</AssemblyName>
         <RootNamespace>SharpHoundRPC</RootNamespace>
     </PropertyGroup>