Skip to content

Commit

Permalink
chore: pull v3
Browse files Browse the repository at this point in the history
  • Loading branch information
urangel committed Sep 26, 2023
2 parents 2e0a949 + 485054c commit b33079a
Show file tree
Hide file tree
Showing 5 changed files with 36 additions and 18 deletions.
10 changes: 8 additions & 2 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,10 +39,16 @@ jobs:

- name: Pack
run: dotnet pack --no-restore -c Release -p:PackageVersion=${{ steps.version.outputs.result }} -o .

- name: Prep Packages
run: dotnet nuget add source --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }} --store-password-in-clear-text --name github "https://nuget.pkg.github.com/BloodHoundAD/index.json"

- name: Publish NuGet
run: dotnet nuget push *.nupkg -s https://api.nuget.org/v3/index.json -k ${{ secrets.NUGET_TOKEN }}
- name: Publish to GitHub Packages
run: dotnet nuget push *.nupkg --api-key ${{ secrets.GITHUB_TOKEN }} --source "github"

- name: Publish NuGet
run: dotnet nuget push *.nupkg -s https://api.nuget.org/v3/index.json -k ${{ secrets.NUGET_TOKEN }} --skip-duplicate

ghpages:
name: ghpages
needs: nuget
Expand Down
5 changes: 3 additions & 2 deletions src/CommonLib/LDAPProperties.cs
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,8 @@ public static class LDAPProperties
public const string OperatingSystem = "operatingsystem";
public const string ServicePack = "operatingsystemservicepack";
public const string DNSHostName = "dnshostname";
public const string LAPSExpirationTime = "ms-mcs-admpwdexpirationtime";
public const string LAPSExpirationTime = "mslaps-passwordexpirationtime";
public const string LegacyLAPSExpirationTime = "ms-mcs-admpwdexpirationtime";
public const string Members = "member";
public const string SecurityDescriptor = "ntsecuritydescriptor";
public const string SecurityIdentifier = "securityidentifier";
Expand Down Expand Up @@ -63,4 +64,4 @@ public static class LDAPProperties
public const string CertificateTemplates = "certificatetemplates";
public const string CrossCertificatePair = "crosscertificatepair";
}
}
}
33 changes: 22 additions & 11 deletions src/CommonLib/Processors/LDAPPropertyProcessor.cs
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,20 @@
using System.Security.Principal;
using System.Threading.Tasks;
using SharpHoundCommonLib.Enums;
using SharpHoundCommonLib.LDAPQueries;
using SharpHoundCommonLib.OutputTypes;

namespace SharpHoundCommonLib.Processors
{
public class LDAPPropertyProcessor
{
private static readonly string[] ReservedAttributes = CommonProperties.TypeResolutionProps
.Concat(CommonProperties.BaseQueryProps).Concat(CommonProperties.GroupResolutionProps)
.Concat(CommonProperties.ComputerMethodProps).Concat(CommonProperties.ACLProps)
.Concat(CommonProperties.ObjectPropsProps).Concat(CommonProperties.ContainerProps)
.Concat(CommonProperties.SPNTargetProps).Concat(CommonProperties.DomainTrustProps)
.Concat(CommonProperties.GPOLocalGroupProps).ToArray();

private readonly ILDAPUtils _utils;

public LDAPPropertyProcessor(ILDAPUtils utils)
Expand Down Expand Up @@ -144,7 +152,7 @@ public async Task<UserProperties> ReadUserProperties(ISearchResultEntry entry)
bool enabled, trustedToAuth, sensitive, dontReqPreAuth, passwdNotReq, unconstrained, pwdNeverExpires;
if (int.TryParse(uac, out var flag))
{
var flags = (UacFlags) flag;
var flags = (UacFlags)flag;
enabled = (flags & UacFlags.AccountDisable) == 0;
trustedToAuth = (flags & UacFlags.TrustedToAuthForDelegation) != 0;
sensitive = (flags & UacFlags.NotDelegated) != 0;
Expand Down Expand Up @@ -272,7 +280,7 @@ public async Task<ComputerProperties> ReadComputerProperties(ISearchResultEntry
bool enabled, unconstrained, trustedToAuth;
if (int.TryParse(uac, out var flag))
{
var flags = (UacFlags) flag;
var flags = (UacFlags)flag;
enabled = (flags & UacFlags.AccountDisable) == 0;
unconstrained = (flags & UacFlags.TrustedForDelegation) == UacFlags.TrustedForDelegation;
trustedToAuth = (flags & UacFlags.TrustedToAuthForDelegation) != 0;
Expand Down Expand Up @@ -367,7 +375,8 @@ public async Task<ComputerProperties> ReadComputerProperties(ISearchResultEntry

var hsa = entry.GetArrayProperty(LDAPProperties.HostServiceAccount);
var smsaPrincipals = new List<TypedPrincipal>();
if (hsa != null) {
if (hsa != null)
{
foreach (var dn in hsa)
{
var resolvedPrincipal = _utils.ResolveDistinguishedName(dn);
Expand Down Expand Up @@ -400,7 +409,7 @@ public static Dictionary<string, object> ReadAIACAProperties(ISearchResultEntry
public static Dictionary<string, object> ReadEnrollmentServiceProperties(ISearchResultEntry entry)
{
var props = GetCommonProps(entry);
if (entry.GetIntProperty("flags", out var flags)) props.Add("flags", (PKIEnrollmentServiceFlags) flags);
if (entry.GetIntProperty("flags", out var flags)) props.Add("flags", (PKIEnrollmentServiceFlags)flags);

return props;
}
Expand All @@ -421,14 +430,14 @@ public static Dictionary<string, object> ReadCertTemplateProperties(ISearchResul
props.Add("oid", entry.GetProperty(LDAPProperties.CertTemplateOID));
if (entry.GetIntProperty(LDAPProperties.PKIEnrollmentFlag, out var enrollmentFlagsRaw))
{
var enrollmentFlags = (PKIEnrollmentFlag) enrollmentFlagsRaw;
var enrollmentFlags = (PKIEnrollmentFlag)enrollmentFlagsRaw;
props.Add("enrollmentflag", enrollmentFlags);
props.Add("requiresmanagerapproval", enrollmentFlags.HasFlag(PKIEnrollmentFlag.PEND_ALL_REQUESTS));
}

if (entry.GetIntProperty(LDAPProperties.PKINameFlag, out var nameFlagsRaw))
{
var nameFlags = (PKICertificateNameFlag) nameFlagsRaw;
var nameFlags = (PKICertificateNameFlag)nameFlagsRaw;
props.Add("certificatenameflag", nameFlags);
props.Add("enrolleesuppliessubject",
nameFlags.HasFlag(PKICertificateNameFlag.ENROLLEE_SUPPLIES_SUBJECT));
Expand Down Expand Up @@ -456,15 +465,14 @@ public static Dictionary<string, object> ReadCertTemplateProperties(ISearchResul
/// <param name="entry"></param>
public Dictionary<string, object> ParseAllProperties(ISearchResultEntry entry)
{
var flag = IsTextUnicodeFlags.IS_TEXT_UNICODE_STATISTICS;
var props = new Dictionary<string, object>();

var type = typeof(LDAPProperties);
var reserved = type.GetFields(BindingFlags.Static | BindingFlags.Public).Select(x => x.GetValue(null).ToString()).ToArray();

foreach (var property in entry.PropertyNames())
{
if (reserved.Contains(property, StringComparer.InvariantCultureIgnoreCase))
if (ReservedAttributes.Contains(property, StringComparer.OrdinalIgnoreCase))
continue;

var collCount = entry.PropCount(property);
Expand All @@ -475,8 +483,7 @@ public Dictionary<string, object> ParseAllProperties(ISearchResultEntry entry)
{
var testBytes = entry.GetByteProperty(property);

if (testBytes == null || testBytes.Length == 0 ||
!IsTextUnicode(testBytes, testBytes.Length, ref flag)) continue;
if (testBytes == null || testBytes.Length == 0) continue;

var testString = entry.GetProperty(property);

Expand All @@ -489,7 +496,7 @@ public Dictionary<string, object> ParseAllProperties(ISearchResultEntry entry)
else
{
var arrBytes = entry.GetByteArrayProperty(property);
if (arrBytes.Length == 0 || !IsTextUnicode(arrBytes[0], arrBytes[0].Length, ref flag))
if (arrBytes.Length == 0)
continue;

var arr = entry.GetArrayProperty(property);
Expand All @@ -516,6 +523,10 @@ private static object BestGuessConvert(string property)
//This string corresponds to the max int, and is usually set in accountexpires
if (property == "9223372036854775807") return -1;

//Try parsing as an int
if (int.TryParse(property, out var num)) return num;

//Just return the property as a string
return property;
}

Expand Down
4 changes: 2 additions & 2 deletions src/CommonLib/SearchResultEntryWrapper.cs
Original file line number Diff line number Diff line change
Expand Up @@ -262,12 +262,12 @@ public bool IsGMSA()

public bool HasLAPS()
{
return GetProperty(LDAPProperties.LAPSExpirationTime) != null;
return GetProperty(LDAPProperties.LAPSExpirationTime) != null || GetProperty(LDAPProperties.LegacyLAPSExpirationTime) != null;
}

public SearchResultEntry GetEntry()
{
return _entry;
}
}
}
}
2 changes: 1 addition & 1 deletion src/CommonLib/SharpHoundCommonLib.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
<PackageDescription>Common library for C# BloodHound enumeration tasks</PackageDescription>
<PackageLicenseExpression>GPL-3.0-only</PackageLicenseExpression>
<RepositoryUrl>https://github.com/BloodHoundAD/SharpHoundCommon</RepositoryUrl>
<Version>3.0.6</Version>
<Version>3.0.7</Version>
<AssemblyName>SharpHoundCommonLib</AssemblyName>
<RootNamespace>SharpHoundCommonLib</RootNamespace>
</PropertyGroup>
Expand Down

0 comments on commit b33079a

Please sign in to comment.