Added mocks to test error cases for LocalGroupProcessor

SpecterOps · Nov 19, 2024 · a7d503f · a7d503f
1 parent dbb3cd5
commit a7d503f
Show file tree

Hide file tree

Showing 12 changed files with 630 additions and 34 deletions.
diff --git a/test/unit/CommonLibTest.csproj b/test/unit/CommonLibTest.csproj
@@ -42,9 +42,6 @@
     <ItemGroup>
         <CoverageFiles Include="../../docfx/coverage/coverage.opencover.xml" />
     </ItemGroup>
-    <ItemGroup>
-        <Folder Include="Facades\SAMMocks" />
-    </ItemGroup>
     <Target Name="Report" AfterTargets="VSTest" DependsOnTargets="GenerateCoverageResult">
         <ReportGenerator VerbosityLevel="Error" ProjectDirectory="$(MSBuildProjectDirectory)" ReportFiles="@(CoverageFiles)" ReportTypes="Html;Badges" TargetDirectory="$(CoverletOutput)report\" />
     </Target>

diff --git a/...SAMMocks/ErrorCaseMocks/LocalGroupProcessorErrorCases/MockFailDomainBuiltIn_GetAliases.cs b/...SAMMocks/ErrorCaseMocks/LocalGroupProcessorErrorCases/MockFailDomainBuiltIn_GetAliases.cs
@@ -0,0 +1,46 @@
+using System;
+using System.Collections.Generic;
+using SharpHoundRPC;
+using SharpHoundRPC.SAMRPCNative;
+using SharpHoundRPC.Shared;
+using SharpHoundRPC.Wrappers;
+
+namespace CommonLibTest.Facades
+{
+    public class MockFailDomainBuiltIn_GetAliases : ISAMDomain
+    {
+        public Result<(string Name, SharedEnums.SidNameUse Type)> LookupPrincipalByRid(int rid)
+        {
+            throw new System.NotImplementedException();
+        }
+
+        public Result<IEnumerable<(string Name, int Rid)>> GetAliases()
+        {
+            // var results = new List<(string, int)>
+            // {
+            //     ("Administrators", 544),
+            //     ("Users", 545)
+            // };
+            // return results;
+            return NtStatus.StatusAccessDenied;
+        }
+
+        public Result<ISAMAlias> OpenAlias(int rid, SAMEnums.AliasOpenFlags desiredAccess = SAMEnums.AliasOpenFlags.ListMembers)
+        {
+            switch (rid)
+            {
+                case 544:
+                    return new MockDCAliasAdministrators();
+                case 545:
+                    return new MockDCAliasUsers();
+                default:
+                    throw new IndexOutOfRangeException();
+            }
+        }
+
+        public Result<ISAMAlias> OpenAlias(string name)
+        {
+            throw new System.NotImplementedException();
+        }
+    }
+}
diff --git a/...SAMMocks/ErrorCaseMocks/LocalGroupProcessorErrorCases/MockFailDomainBuiltIn_GetMembers.cs b/...SAMMocks/ErrorCaseMocks/LocalGroupProcessorErrorCases/MockFailDomainBuiltIn_GetMembers.cs
@@ -0,0 +1,42 @@
+using System;
+using System.Collections.Generic;
+using SharpHoundRPC;
+using SharpHoundRPC.SAMRPCNative;
+using SharpHoundRPC.Shared;
+using SharpHoundRPC.Wrappers;
+
+namespace CommonLibTest.Facades
+{
+    public class MockFailDomainBuiltIn_GetMembers : ISAMDomain
+    {
+        public Result<(string Name, SharedEnums.SidNameUse Type)> LookupPrincipalByRid(int rid)
+        {
+            throw new System.NotImplementedException();
+        }
+
+        public Result<IEnumerable<(string Name, int Rid)>> GetAliases()
+        {
+            var results = new List<(string, int)>
+            {
+                ("Users", 545)
+            };
+            return results;
+        }
+
+        public Result<ISAMAlias> OpenAlias(int rid, SAMEnums.AliasOpenFlags desiredAccess = SAMEnums.AliasOpenFlags.ListMembers)
+        {
+            switch (rid)
+            {
+                case 545:
+                    return new MockFailSAMAliasUsers_GetMembers();
+                default:
+                    throw new IndexOutOfRangeException();
+            }
+        }
+
+        public Result<ISAMAlias> OpenAlias(string name)
+        {
+            throw new System.NotImplementedException();
+        }
+    }
+}
diff --git a/.../SAMMocks/ErrorCaseMocks/LocalGroupProcessorErrorCases/MockFailDomainBuiltIn_OpenAlias.cs b/.../SAMMocks/ErrorCaseMocks/LocalGroupProcessorErrorCases/MockFailDomainBuiltIn_OpenAlias.cs
@@ -0,0 +1,45 @@
+using System;
+using System.Collections.Generic;
+using SharpHoundRPC;
+using SharpHoundRPC.SAMRPCNative;
+using SharpHoundRPC.Shared;
+using SharpHoundRPC.Wrappers;
+
+namespace CommonLibTest.Facades
+{
+    public class MockFailDomainBuiltIn_OpenAlias : ISAMDomain
+    {
+        public Result<(string Name, SharedEnums.SidNameUse Type)> LookupPrincipalByRid(int rid)
+        {
+            throw new System.NotImplementedException();
+        }
+
+        public Result<IEnumerable<(string Name, int Rid)>> GetAliases()
+        {
+            var results = new List<(string, int)>
+            {
+                ("Administrators", 544)
+            };
+            return results;
+        }
+
+        public Result<ISAMAlias> OpenAlias(int rid, SAMEnums.AliasOpenFlags desiredAccess = SAMEnums.AliasOpenFlags.ListMembers)
+        {
+            // switch (rid)
+            // {
+            //     case 544:
+            //         return new MockDCAliasAdministrators();
+            //     case 545:
+            //         return new MockDCAliasUsers();
+            //     default:
+            //         throw new IndexOutOfRangeException();
+            // }
+            return NtStatus.StatusAccessDenied;
+        }
+
+        public Result<ISAMAlias> OpenAlias(string name)
+        {
+            throw new System.NotImplementedException();
+        }
+    }
+}
diff --git a/...SAMMocks/ErrorCaseMocks/LocalGroupProcessorErrorCases/MockFailSAMAliasUsers_GetMembers.cs b/...SAMMocks/ErrorCaseMocks/LocalGroupProcessorErrorCases/MockFailSAMAliasUsers_GetMembers.cs
@@ -0,0 +1,16 @@
+using System.Collections.Generic;
+using SharpHoundRPC;
+using SharpHoundRPC.Wrappers;
+using System.Security.Principal;
+
+namespace CommonLibTest.Facades
+{
+    public class MockFailSAMAliasUsers_GetMembers : ISAMAlias
+    {
+        public Result<IEnumerable<SecurityIdentifier>> GetMembers()
+        {
+            return NtStatus.StatusAccessDenied;
+        }
+    }
+}
+
diff --git a/...des/SAMMocks/ErrorCaseMocks/LocalGroupProcessorErrorCases/MockFailSAMServer_GetAliases.cs b/...des/SAMMocks/ErrorCaseMocks/LocalGroupProcessorErrorCases/MockFailSAMServer_GetAliases.cs
@@ -0,0 +1,58 @@
+using System;
+using System.Collections.Generic;
+using System.Diagnostics.CodeAnalysis;
+using System.Security.Principal;
+using SharpHoundRPC;
+using SharpHoundRPC.SAMRPCNative;
+using SharpHoundRPC.Shared;
+using SharpHoundRPC.Wrappers;
+
+namespace CommonLibTest.Facades
+{
+    [SuppressMessage("Interoperability", "CA1416:Validate platform compatibility")]
+    public class MockFailSAMServer_GetAliases : ISAMServer
+    {
+        public bool IsNull { get; }
+        public Result<IEnumerable<(string Name, int Rid)>> GetDomains()
+        {
+            var domains = new List<(string, int)>
+            {
+                ("BUILTIN", 1)
+            };
+            return domains;
+        }
+
+        public virtual Result<SecurityIdentifier> LookupDomain(string name)
+        {
+            throw new System.NotImplementedException();
+        }
+
+        public Result<SecurityIdentifier> GetMachineSid(string testName = null)
+        {
+            var securityIdentifier = new SecurityIdentifier(Consts.MockWorkstationMachineSid);
+            return Result<SecurityIdentifier>.Ok(securityIdentifier);
+        }
+
+        public Result<(string Name, SharedEnums.SidNameUse Type)> LookupPrincipalBySid(SecurityIdentifier securityIdentifier)
+        {
+            throw new System.NotImplementedException();
+        }
+
+        public Result<ISAMDomain> OpenDomain(string domainName,
+            SAMEnums.DomainAccessMask requestedDomainAccess = SAMEnums.DomainAccessMask.ListAccounts | SAMEnums.DomainAccessMask.Lookup)
+        {
+            if (domainName.Equals("builtin", StringComparison.OrdinalIgnoreCase))
+            {
+                return new MockFailDomainBuiltIn_GetAliases();
+            }
+
+            throw new NotImplementedException();
+        }
+
+        public Result<ISAMDomain> OpenDomain(SecurityIdentifier securityIdentifier,
+            SAMEnums.DomainAccessMask requestedDomainAccess = SAMEnums.DomainAccessMask.ListAccounts | SAMEnums.DomainAccessMask.Lookup)
+        {
+            throw new System.NotImplementedException();
+        }
+    }
+}
diff --git a/...des/SAMMocks/ErrorCaseMocks/LocalGroupProcessorErrorCases/MockFailSAMServer_GetDomains.cs b/...des/SAMMocks/ErrorCaseMocks/LocalGroupProcessorErrorCases/MockFailSAMServer_GetDomains.cs
@@ -0,0 +1,60 @@
+using System;
+using System.Collections.Generic;
+using System.Diagnostics.CodeAnalysis;
+using System.Security.Principal;
+using SharpHoundRPC;
+using SharpHoundRPC.SAMRPCNative;
+using SharpHoundRPC.Shared;
+using SharpHoundRPC.Wrappers;
+
+namespace CommonLibTest.Facades
+{
+    [SuppressMessage("Interoperability", "CA1416:Validate platform compatibility")]
+    public class MockFailSAMServer_GetDomains : ISAMServer
+    {
+        public bool IsNull { get; }
+        public Result<IEnumerable<(string Name, int Rid)>> GetDomains()
+        {
+            // var domains = new List<(string, int)>
+            // {
+            //     ("BUILTIN", 1)
+            // };
+            // return domains;
+
+            return Result<IEnumerable<(string Name, int Rid)>>.Fail(NtStatus.StatusAccessDenied);
+        }
+
+        public virtual Result<SecurityIdentifier> LookupDomain(string name)
+        {
+            throw new System.NotImplementedException();
+        }
+
+        public Result<SecurityIdentifier> GetMachineSid(string testName = null)
+        {
+            var securityIdentifier = new SecurityIdentifier(Consts.MockWorkstationMachineSid);
+            return Result<SecurityIdentifier>.Ok(securityIdentifier);
+        }
+
+        public Result<(string Name, SharedEnums.SidNameUse Type)> LookupPrincipalBySid(SecurityIdentifier securityIdentifier)
+        {
+            throw new System.NotImplementedException();
+        }
+
+        public Result<ISAMDomain> OpenDomain(string domainName,
+            SAMEnums.DomainAccessMask requestedDomainAccess = SAMEnums.DomainAccessMask.ListAccounts | SAMEnums.DomainAccessMask.Lookup)
+        {
+            if (domainName.Equals("builtin", StringComparison.OrdinalIgnoreCase))
+            {
+                return new MockDCDomainBuiltIn();
+            }
+
+            throw new NotImplementedException();
+        }
+
+        public Result<ISAMDomain> OpenDomain(SecurityIdentifier securityIdentifier,
+            SAMEnums.DomainAccessMask requestedDomainAccess = SAMEnums.DomainAccessMask.ListAccounts | SAMEnums.DomainAccessMask.Lookup)
+        {
+            throw new System.NotImplementedException();
+        }
+    }
+}
diff --git a/.../SAMMocks/ErrorCaseMocks/LocalGroupProcessorErrorCases/MockFailSAMServer_GetMachineSid.cs b/.../SAMMocks/ErrorCaseMocks/LocalGroupProcessorErrorCases/MockFailSAMServer_GetMachineSid.cs
@@ -0,0 +1,60 @@
+using System;
+using System.Collections.Generic;
+using System.Diagnostics.CodeAnalysis;
+using System.Security.Principal;
+using SharpHoundRPC;
+using SharpHoundRPC.SAMRPCNative;
+using SharpHoundRPC.Shared;
+using SharpHoundRPC.Wrappers;
+
+namespace CommonLibTest.Facades
+{
+    [SuppressMessage("Interoperability", "CA1416:Validate platform compatibility")]
+    public class MockFailSAMServer_GetMachineSid : ISAMServer
+    {
+        public bool IsNull { get; }
+        public Result<IEnumerable<(string Name, int Rid)>> GetDomains()
+        {
+            var domains = new List<(string, int)>
+            {
+                ("BUILTIN", 1)
+            };
+            return domains;
+        }
+
+        public virtual Result<SecurityIdentifier> LookupDomain(string name)
+        {
+            throw new System.NotImplementedException();
+        }
+
+        public Result<SecurityIdentifier> GetMachineSid(string testName = null)
+        {
+            // var securityIdentifier = new SecurityIdentifier(Consts.MockWorkstationMachineSid);
+            // return Result<SecurityIdentifier>.Ok(securityIdentifier);
+
+            return Result<SecurityIdentifier>.Fail(NtStatus.StatusAccessDenied);
+        }
+
+        public Result<(string Name, SharedEnums.SidNameUse Type)> LookupPrincipalBySid(SecurityIdentifier securityIdentifier)
+        {
+            throw new System.NotImplementedException();
+        }
+
+        public Result<ISAMDomain> OpenDomain(string domainName,
+            SAMEnums.DomainAccessMask requestedDomainAccess = SAMEnums.DomainAccessMask.ListAccounts | SAMEnums.DomainAccessMask.Lookup)
+        {
+            if (domainName.Equals("builtin", StringComparison.OrdinalIgnoreCase))
+            {
+                return new MockDCDomainBuiltIn();
+            }
+
+            throw new NotImplementedException();
+        }
+
+        public Result<ISAMDomain> OpenDomain(SecurityIdentifier securityIdentifier,
+            SAMEnums.DomainAccessMask requestedDomainAccess = SAMEnums.DomainAccessMask.ListAccounts | SAMEnums.DomainAccessMask.Lookup)
+        {
+            throw new System.NotImplementedException();
+        }
+    }
+}