C# (CSharp) EnvironmentConfig.Machine Beispiele

Beispiel #1

        public void DRSR_DRSReadNgcKey_V1_Success()
        {
            DrsrTestChecker.Check();
            EnvironmentConfig.Machine dcServer = EnvironmentConfig.Machine.WritableDC1;
            DsServer dcServerMachine           = (DsServer)EnvironmentConfig.MachineStore[dcServer];
            uint?    outVersion;
            DRS_MSG_READNGCKEYREPLY?outMessage;

            string          newObjDN  = ldapAdapter.TestAddComputerObj(dcServerMachine);
            AddObjectUpdate addUpdate = new AddObjectUpdate(dcServer, newObjDN);

            updateStorage.PushUpdate(addUpdate);

            string     ngcKey = newObjDN;
            ResultCode r      = ldapAdapter.SetNgcKey(dcServerMachine, newObjDN, ngcKey);

            BaseTestSite.Assert.AreEqual <ResultCode>(ResultCode.Success, r, "IDL_DRSReadNgcKey: modify the msDS-KeyCredentialLink of " + newObjDN);

            BaseTestSite.Log.Add(LogEntryKind.Comment, "IDL_DRSBind: Binding to DC server: {0}", dcServer);
            uint ret = drsTestClient.DrsBind(dcServer, EnvironmentConfig.User.ParentDomainAdmin, DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE);

            BaseTestSite.Assert.AreEqual <uint>(0, ret, "IDL_DRSBind: Checking return value - got: {0}, expect: 0, should return 0 with a success bind to DC", ret);

            ret = drsTestClient.DrsReadNgcKey(dcServer, (uint)1, newObjDN, out outVersion, out outMessage);
            BaseTestSite.Assert.AreEqual <uint>(0, ret, "IDL_DRSReadNgcKey: Checking return value - got: {0}, expect: 0, should return 0 if successful.", ret);

            string readNgcKey = Encoding.Unicode.GetString(outMessage.Value.V1.pNgcKey);

            BaseTestSite.Assert.AreEqual <string>(ngcKey, readNgcKey, "IDL_DRSReadNgcKey: Checking Ngc Key on an object - got: {0}, expect: {1}", readNgcKey, ngcKey);
        }

Beispiel #2

Datei: DRSRFailureTestClient.cs Projekt: raystyle/WindowsProtocolTestSuits

        // <summary>
        // the function is used to create a DrsUpdateRef request
        // </summary>
        public DRS_MSG_UPDREFS CreateRequestForDrsUpdateRef(
            EnvironmentConfig.Machine machine,
            DsServer dest,
            DRS_OPTIONS options,
            NamingContext nc = NamingContext.ConfigNC)
        {
            string nc_name = null;
            Guid   nc_guid = Guid.Empty;
            string nc_sid  = null;
            DSNAME nc_obj;

            switch (nc)
            {
            case NamingContext.ConfigNC:
                nc_obj = dest.Domain.ConfigNC;
                break;

            case NamingContext.SchemaNC:
                nc_obj = dest.Domain.SchemaNC;
                break;

            case NamingContext.AppNC:
                if (EnvironmentConfig.TestDS)
                {
                    nc_obj = ((AddsDomain)dest.Domain).OtherNCs[0];
                }
                else
                {
                    nc_obj = ((AdldsDomain)dest.Domain).AppNCs[0];
                }
                break;

            case NamingContext.DomainNC:
                if (!EnvironmentConfig.TestDS)
                {
                    nc_obj = new DSNAME();
                }
                nc_obj = ((AddsDomain)dest.Domain).DomainNC;
                break;

            default:
                nc_obj = new DSNAME();
                break;
            }

            nc_name = LdapUtility.ConvertUshortArrayToString(nc_obj.StringName);
            nc_guid = nc_obj.Guid;
            nc_sid  = convertSidToString(nc_obj.Sid);

            DRS_MSG_UPDREFS?req = DRSClient.CreateUpdateRefsRequest(
                nc_name,
                nc_guid,
                nc_sid,
                dest.DsaNetworkAddress,
                dest.NtdsDsaObjectGuid,
                options);

            return((DRS_MSG_UPDREFS)req);
        }

Beispiel #3

Datei: CrossDomainMoveTest.cs Projekt: pirenga/CVE-2020-1206-POC

        public void DRSR_DRSInterDomainMove_LDAP_Move_Object_From_Child_To_Parent()
        {
            DrsrTestChecker.Check();
            EnvironmentConfig.Machine parentDcType = EnvironmentConfig.Machine.WritableDC1;
            DsServer parentDc = (DsServer)EnvironmentConfig.MachineStore[parentDcType];

            EnvironmentConfig.Machine childDcType = EnvironmentConfig.Machine.CDC;
            DsServer childDc = (DsServer)EnvironmentConfig.MachineStore[childDcType];
            DsUser   user    = EnvironmentConfig.UserStore[EnvironmentConfig.User.ParentDomainAdmin];

            string srcObjDn = ldapAdapter.TestAddUserObj(childDc);

            BaseTestSite.Log.Add(LogEntryKind.Comment, "LDAP add a new object: {0}.", srcObjDn);
            string newObjRdn      = DrsrHelper.GetRDNFromDN(srcObjDn);
            string tgtParentObjDn = "CN=Users," + DrsrHelper.GetNamingContextDN(parentDc.Domain, NamingContext.DomainNC);
            string newObjDn       = newObjRdn + "," + tgtParentObjDn;

            bool bNewObjAdded = ldapAdapter.IsObjectExist(parentDc, newObjDn);

            if (bNewObjAdded)
            {
                ResultCode rCode = ldapAdapter.DeleteObject(parentDc, newObjDn);
                BaseTestSite.Assume.AreEqual <ResultCode>(ResultCode.Success, rCode, "LDAP: {0} should be removed.", newObjDn);
            }

            using (LdapConnection connection = new LdapConnection(new LdapDirectoryIdentifier(childDc.DnsHostName))) // connecting to the child domain in which the object exists
            {
                connection.Credential = new System.Net.NetworkCredential(user.Username, user.Password, parentDc.Domain.DNSName);
                connection.SessionOptions.ProtocolVersion = 3;
                connection.SessionOptions.SspiFlag        = connection.SessionOptions.SspiFlag | 1; //Set Delegate flag.
                connection.AuthType = AuthType.Kerberos;
                connection.Bind();
                try
                {
                    BaseTestSite.Log.Add(LogEntryKind.Comment, "LDAP ModifyDN: moving object {0} to {1}.", srcObjDn, newObjDn);
                    ModifyDNRequest modDnRequest = new ModifyDNRequest(srcObjDn, tgtParentObjDn, newObjRdn);
                    modDnRequest.Controls.Add(new CrossDomainMoveControl(parentDc.DnsHostName)); // parent domain to which the object need to move
                    ModifyDNResponse modDnResponse = (ModifyDNResponse)connection.SendRequest(modDnRequest);
                    BaseTestSite.Assert.AreEqual <ResultCode>(ResultCode.Success, modDnResponse.ResultCode,
                                                              "LDAP ModifyDN: server should invoke IDL_DRSInterDomainMove on target Dc and move the object.");

                    bool bOldObjDeleted = ldapAdapter.IsObjectExist(childDc, srcObjDn);
                    bNewObjAdded = ldapAdapter.IsObjectExist(parentDc, newObjDn);
                    BaseTestSite.Assert.IsFalse(bOldObjDeleted, "LDAP ModifyDN: the old object should be deleted from source DC.");
                    BaseTestSite.Assert.IsTrue(bNewObjAdded, "LDAP ModifyDN: the new object should be added into target DC.");
                }
                catch (DirectoryOperationException e)
                {
                    BaseTestSite.Log.Add(LogEntryKind.Debug, "LDAP ModifyDN: ResultCode:{0}", e.Response.ResultCode.ToString());
                    BaseTestSite.Log.Add(LogEntryKind.Debug, "LDAP ModifyDN: ErrorMessage:{0}", e.Response.ErrorMessage.ToString());
                    BaseTestSite.Assert.AreEqual <ResultCode>(ResultCode.Success, e.Response.ResultCode,
                                                              "LDAP ModifyDN: server should invoke the IDL_DRSInterDomainMove on target Dc and move the object.");
                }
            }
        }

Beispiel #4

Datei: VerifyNames.cs Projekt: raystyle/WindowsProtocolTestSuits

        public void DRSR_DRSVerifyNames_Verify_Dsnames()
        {
            DrsrTestChecker.Check();
            // Init the data.
            EnvironmentConfig.Machine srv = EnvironmentConfig.Machine.WritableDC1;
            DsServer server = (DsServer)EnvironmentConfig.MachineStore[srv];

            uint ret = 0;

            ret = drsTestClient.DrsBind(
                srv,
                EnvironmentConfig.User.ParentDomainAdmin,
                DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
                );

            BaseTestSite.Assert.AreEqual <uint>(0, ret,
                                                "IDL_DRSBind: Checking return value - got: {0}, expect: {1}, return value should always be 0 with a success bind to DC",
                                                ret, 0);

            // Create a DSNAME
            string dn     = server.Site.DN;
            DSNAME dsSite = ldapAdapter.GetDsName(server, dn).Value;

            // Prefix table
            SCHEMA_PREFIX_TABLE prefixTable = OIDUtility.CreatePrefixTable();

            // Create the attribute block. Here we go to RDN attribute.
            string rdnAttrId = DRSConstants.RDN_OID;
            uint   attrTyp   = OIDUtility.MakeAttid(prefixTable, rdnAttrId);

            ATTRVAL      attrVal      = DrsuapiClient.CreateATTRVAL(null);
            ATTRVALBLOCK attrValBlock = DrsuapiClient.CreateATTRVALBLOCK(new ATTRVAL[] { attrVal });
            ATTR         attr         = DrsuapiClient.CreateATTR(attrTyp, attrValBlock);
            ATTRBLOCK    attrBlock    = DrsuapiClient.CreateATTRBLOCK(new ATTR[] { attr });

            // Actual RPC call.
            ret = drsTestClient.DrsVerifyNames(
                srv,
                dwInVersion_Values.V1,
                DRS_MSG_VERIFYREQ_V1_dwFlags_Values.DRS_VERIFY_DSNAMES,
                new DSNAME[] { dsSite },
                new string[] { dn },
                attrBlock,
                prefixTable
                );

            BaseTestSite.Assert.AreEqual <uint>(0, ret,
                                                "IDL_DRSVerifyNames: Checking return value - got: {0}, expect: {1}, return value should always be 0",
                                                ret, 0);
            // Unbind
            ret = drsTestClient.DrsUnbind(srv);
            BaseTestSite.Assert.AreEqual <uint>(0, ret,
                                                "IDL_DRSUnbind: Checking return value - got: {0}, expect: {1}, return value should always be 0",
                                                ret, 0);
        }

Beispiel #5

Datei: DrsrKCCFailures.cs Projekt: yangckw/WindowsProtocolTestSuites

        private void DRSUpdateRefs_NONExist_NC(DrsUpdateRefs_Versions ver)
        {
            uint ret = drsTestClient.DrsBind(EnvironmentConfig.Machine.WritableDC1, EnvironmentConfig.User.ParentDomainAdmin, DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE);

            DRS_MSG_UPDREFS req;

            EnvironmentConfig.Machine machine = EnvironmentConfig.Machine.WritableDC1;
            DsServer    dest = (DsServer)EnvironmentConfig.MachineStore[EnvironmentConfig.Machine.WritableDC2];
            DRS_OPTIONS options;

            try
            {
                BaseTestSite.Log.Add(LogEntryKind.Checkpoint, "Try to delete replication destination from repsTo for later testing. It MAY fails if there is no such record to delete");

                options = DRS_OPTIONS.DRS_DEL_REF;

                req = drsTestClient.CreateRequestForDrsUpdateRef(
                    machine,
                    ver,
                    dest,
                    options
                    );
                ret = drsTestClient.DRSClient.DrsUpdateRefs(EnvironmentConfig.DrsContextStore[machine], (uint)ver, req);
            }
            catch
            {
                BaseTestSite.Log.Add(LogEntryKind.Checkpoint, "No similar record to delete in repsTo. It's OK to continue");
            }


            options = DRS_OPTIONS.DRS_ADD_REF;
            req     = drsTestClient.CreateRequestForDrsUpdateRef(
                machine,
                ver,
                dest,
                options,
                NamingContext.None         // invalid value
                );
            ret = drsTestClient.DRSClient.DrsUpdateRefs(EnvironmentConfig.DrsContextStore[machine], (uint)ver, req);
            BaseTestSite.Assert.AreEqual <uint>((uint)Win32ErrorCode_32.ERROR_DS_DRA_BAD_NC, ret, "the server should return ERROR_DS_DRA_BAD_NC");

            options = DRS_OPTIONS.DRS_DEL_REF;
            req     = drsTestClient.CreateRequestForDrsUpdateRef(
                machine,
                ver,
                dest,
                options
                );
            ret = drsTestClient.DRSClient.DrsUpdateRefs(EnvironmentConfig.DrsContextStore[machine], (uint)ver, req);
        }

Beispiel #6

Datei: GetMemberships.cs Projekt: pirenga/CVE-2020-1206-POC

        public void DRSR_DRSGetMemberships_Get_Global_Groups_Non_Transitive()
        {
            DrsrTestChecker.Check();
            // Init the data.
            EnvironmentConfig.Machine srv = EnvironmentConfig.Machine.WritableDC1;
            DsServer server = (DsServer)EnvironmentConfig.MachineStore[srv];
            DsUser   user   = EnvironmentConfig.UserStore[EnvironmentConfig.User.ParentDomainAdmin];

            uint ret = 0;

            ret = drsTestClient.DrsBind(
                srv,
                EnvironmentConfig.User.ParentDomainAdmin,
                DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
                );

            BaseTestSite.Assert.AreEqual <uint>(
                0,
                ret,
                "IDL_DRSBind: should return 0 with a success bind to DC");

            DSNAME dsUser = ldapAdapter.GetDsName(
                server,
                ldapAdapter.GetUserDn(
                    server,
                    user
                    )
                ).Value;

            ret = drsTestClient.DrsGetMemberships(
                srv,
                dwInVersion_Values.V1,
                dsUser,
                false,
                REVERSE_MEMBERSHIP_OPERATION_TYPE.RevMembGlobalGroupsNonTransitive,
                ((AddsDomain)(server.Domain)).DomainNC);

            BaseTestSite.Assert.AreEqual <uint>(
                0,
                ret,
                "IDL_DRSGetMemberships: return value should be 0");

            // Unbind
            ret = drsTestClient.DrsUnbind(srv);
            BaseTestSite.Assert.AreEqual <uint>(
                0,
                ret,
                "IDL_DRSUnbind: return value should be 0");
        }

Beispiel #7

Datei: KCCUpdates.cs Projekt: pirenga/CVE-2020-1206-POC

 /// <summary>
 /// constructor
 /// </summary>
 /// <param name="svr">sut</param>
 /// <param name="toDel">source</param>
 /// <param name="op">flags</param>
 /// <param name="cred">credential</param>
 public DelReplicaSource(EnvironmentConfig.Machine svr, EnvironmentConfig.Machine toDel, DRS_OPTIONS op, EnvironmentConfig.User cred, NamingContext nc = NamingContext.ConfigNC, bool needKCC = true)
 {
     sut    = svr;
     target = toDel;
     if ((op & DRS_OPTIONS.DRS_LOCAL_ONLY) == 0)
     {
         options = op | DRS_OPTIONS.DRS_REF_OK;
     }
     else
     {
         options = op;
     }
     user  = cred;
     doKCC = needKCC;
 }

Beispiel #8

        public void DRSR_DRSRemoveDsServer_Remove_DC()
        {
            DrsrTestChecker.Check();
            // Init the data.
            EnvironmentConfig.Machine srv = EnvironmentConfig.Machine.WritableDC1;
            EnvironmentConfig.Machine dst = EnvironmentConfig.Machine.CDC;

            DsServer server = (DsServer)EnvironmentConfig.MachineStore[srv];
            DsServer child  = (DsServer)EnvironmentConfig.MachineStore[dst];

            DsUser user = EnvironmentConfig.UserStore[EnvironmentConfig.User.ParentDomainAdmin];

            uint ret = 0;

            ret = drsTestClient.DrsBind(
                srv,
                EnvironmentConfig.User.ParentDomainAdmin,
                DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
                );

            BaseTestSite.Assert.AreEqual <uint>(
                0,
                ret,
                "IDL_DRSBind: should return 0 with a success bind to DC");

            string serverDn = child.ServerObjectName;
            string domainDn = child.Domain.Name;

            ret = drsTestClient.DrsRemoveDsServer(
                srv,
                IDL_DRSRemoveDsServer_dwInVersion_Values.V1,
                serverDn,
                domainDn,
                true);  // DANGEROUS: We're actually going to remove this server!

            BaseTestSite.Assert.AreEqual <uint>(
                ret,
                0,
                "IDL_DRSRemoveDsServer: return value should be 0");

            // Unbind
            ret = drsTestClient.DrsUnbind(srv);
            BaseTestSite.Assert.AreEqual <uint>(
                0,
                ret,
                "IDL_DRSUnbind: return value should be 0");
        }

Beispiel #9

Datei: GetMemberships.cs Projekt: pirenga/CVE-2020-1206-POC

        public void DRSR_DRSGetMemberships_Get_Group_Members_Transitive()
        {
            DrsrTestChecker.Check();

            // Init the data.
            EnvironmentConfig.Machine srv = EnvironmentConfig.Machine.WritableDC1;
            DsServer server = (DsServer)EnvironmentConfig.MachineStore[srv];
            DsUser   user   = EnvironmentConfig.UserStore[EnvironmentConfig.User.ParentDomainAdmin];

            uint ret = 0;

            ret = drsTestClient.DrsBind(
                srv,
                EnvironmentConfig.User.ParentDomainAdmin,
                DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
                );

            BaseTestSite.Assert.AreEqual <uint>(
                0,
                ret,
                "IDL_DRSBind: should return 0 with a success bind to DC");
            string groupDn = "CN=Domain Users,CN=Users," + DrsrHelper.GetDNFromFQDN(ADCommonServerAdapter.Instance(Site).PrimaryDomainDnsName);
            DSNAME dsGroup = LdapUtility.CreateDSNameForObject(
                server,
                groupDn
                );

            ret = drsTestClient.DrsGetMemberships(
                srv,
                dwInVersion_Values.V1,
                dsGroup,
                false,
                REVERSE_MEMBERSHIP_OPERATION_TYPE.GroupMembersTransitive,
                null);

            BaseTestSite.Assert.AreEqual <uint>(
                0,
                ret,
                "IDL_DRSGetMemberships: return value should be 0");

            // Unbind
            ret = drsTestClient.DrsUnbind(srv);
            BaseTestSite.Assert.AreEqual <uint>(
                0,
                ret,
                "IDL_DRSUnbind: return value should be 0");
        }

Beispiel #10

Datei: DrsrKCCFailures.cs Projekt: raystyle/WindowsProtocolTestSuits

        public void DRSR_DRSUpdateRefs_V1_uuidDsaObjDest_NULL()
        {
            DrsrTestChecker.Check();
            uint ret = drsTestClient.DrsBind(EnvironmentConfig.Machine.WritableDC1, EnvironmentConfig.User.ParentDomainAdmin, DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE);

            DRS_MSG_UPDREFS req;

            EnvironmentConfig.Machine machine = EnvironmentConfig.Machine.WritableDC1;
            DsServer    dest = (DsServer)EnvironmentConfig.MachineStore[EnvironmentConfig.Machine.WritableDC2];
            DRS_OPTIONS options;

            try
            {
                BaseTestSite.Log.Add(LogEntryKind.Checkpoint, "Try to delete replication destination from repsTo for later testing. It MAY fails if there is no such record to delete");

                options = DRS_OPTIONS.DRS_DEL_REF;

                req = drsTestClient.CreateRequestForDrsUpdateRef(
                    machine,
                    dest,
                    options
                    );
                ret = drsTestClient.DRSClient.DrsUpdateRefs(EnvironmentConfig.DrsContextStore[machine], 1, req);
            }
            catch
            {
                BaseTestSite.Log.Add(LogEntryKind.Checkpoint, "No similar record to delete in repsTo. It's OK to continue");
            }

            options = DRS_OPTIONS.DRS_ADD_REF;
            req     = drsTestClient.CreateRequestForDrsUpdateRef(
                machine,
                dest,
                options
                );
            req.V1.uuidDsaObjDest = Guid.Empty; // Invalid value
            ret = drsTestClient.DRSClient.DrsUpdateRefs(EnvironmentConfig.DrsContextStore[machine], 1, req);
            BaseTestSite.Assert.AreEqual <uint>((uint)Win32ErrorCode_32.ERROR_DS_DRA_INVALID_PARAMETER, ret, "the server should return ERROR_DS_DRA_INVALID_PARAMETER");
            options = DRS_OPTIONS.DRS_DEL_REF;
            req     = drsTestClient.CreateRequestForDrsUpdateRef(
                machine,
                dest,
                options
                );
            ret = drsTestClient.DRSClient.DrsUpdateRefs(EnvironmentConfig.DrsContextStore[machine], 1, req);
        }

Beispiel #11

Datei: RodcTests.cs Projekt: pirenga/CVE-2020-1206-POC

        public void DRSR_RODC_ReadOnly_LDAP()
        {
            DrsrTestChecker.Check();
            // although this case is really not related to DRSR, using LDAP write access
            // to a RODC here could really prove that the DC is Read-only

            // A proper-functioning RODC should just return a referral.

            EnvironmentConfig.Machine rodcEnum = EnvironmentConfig.Machine.RODC;
            EnvironmentConfig.Machine dc1Enum  = EnvironmentConfig.Machine.WritableDC1;
            EnvironmentConfig.Machine dc2Enum  = EnvironmentConfig.Machine.WritableDC2;
            DsServer dc1  = (DsServer)EnvironmentConfig.MachineStore[dc1Enum];
            DsServer dc2  = (DsServer)EnvironmentConfig.MachineStore[dc2Enum];
            DsServer rodc = (DsServer)EnvironmentConfig.MachineStore[rodcEnum];

            // try to add a user on the RODC without referral chasing
            rodc.LdapConn.SessionOptions.ReferralChasing = ReferralChasingOptions.None;

            // to avoid naming conflict
            Random rnd = new Random();
            string nc  = LdapUtility.ConvertUshortArrayToString(((AddsDomain)rodc.Domain).DomainNC.StringName);

            string dn = "CN=ShouldNotExist" + rnd.Next().ToString() + ",CN=Users," + nc;

            AddResponse resp = null;

            try
            {
                AddRequest req = new AddRequest(dn, "user");
                resp = (AddResponse)rodc.LdapConn.SendRequest(req);
            }
            catch (DirectoryOperationException e)
            {
                BaseTestSite.Assert.Fail(e.Message);
            }

            // first, verify the response is a referral
            BaseTestSite.Assert.IsTrue(resp.ResultCode == ResultCode.Referral, "Expected a referral");
            BaseTestSite.Log.Add(LogEntryKind.Checkpoint, "referral host is " + resp.Referral[0].Host);
            // then, verify it is referring to the writable DC
            BaseTestSite.Assert.IsTrue(
                dc1.DnsHostName.ToLower().Trim() == resp.Referral[0].Host.ToLower().Trim() ||
                dc2.DnsHostName.ToLower().Trim() == resp.Referral[0].Host.ToLower().Trim(),
                "The referral should point to the writable DC");
        }

Beispiel #12

        public void DRSR_DRSRemoveDsServer_Verify_LastDC()
        {
            DrsrTestChecker.Check();
            // Init the data.
            EnvironmentConfig.Machine srv = EnvironmentConfig.Machine.WritableDC1;
            DsServer server = (DsServer)EnvironmentConfig.MachineStore[srv];

            DsUser user = EnvironmentConfig.UserStore[EnvironmentConfig.User.ParentDomainAdmin];

            uint ret = 0;

            ret = drsTestClient.DrsBind(
                srv,
                EnvironmentConfig.User.ParentDomainAdmin,
                DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
                );

            BaseTestSite.Assert.AreEqual <uint>(0, ret,
                                                "IDL_DRSBind: Checking return value - got: {0}, expect: {1}, return value should always be 0 with a success bind to DC",
                                                ret, 0);

            string serverDn = server.ServerObjectName;
            string domainDn = server.Domain.Name;

            ret = drsTestClient.DrsRemoveDsServer(
                srv,
                IDL_DRSRemoveDsServer_dwInVersion_Values.V1,
                serverDn,
                domainDn,
                false);

            BaseTestSite.Assert.AreEqual <uint>(0, ret,
                                                "IDL_DRSRemoveDsServer: Checking return value - got: {0}, expect: {1}, return value should always be 0",
                                                ret, 0);
            // Unbind
            ret = drsTestClient.DrsUnbind(srv);
            BaseTestSite.Assert.AreEqual <uint>(0, ret,
                                                "IDL_DRSUnbind: Checking return value - got: {0}, expect: {1}, return value should always be 0",
                                                ret, 0);
        }

Beispiel #13

        public DRS_MSG_REPMOD createDRS_MSG_REPMOD_Request(
            EnvironmentConfig.Machine machine,
            DsServer src,
            DRS_OPTIONS replicaFlags,
            DRS_MSG_REPMOD_FIELDS modifyFields,
            DRS_OPTIONS options
            )
        {
            #region generate the parameters
            string ncReplicaDistinguishedName = LdapUtility.ConvertUshortArrayToString(src.Domain.ConfigNC.StringName);
            Guid   ncReplicaObjectGuid        = src.Domain.ConfigNC.Guid;
            NT4SID ncReplicaObjectSid         = src.Domain.ConfigNC.Sid;
            Guid   sourceDsaGuid = src.NtdsDsaObjectGuid;
            string sourceDsaName = src.DsaNetworkAddress;

            #endregion

            REPLTIMES s = new REPLTIMES();
            s.rgTimes = new byte[84];
            for (int i = 0; i < s.rgTimes.Length; i++)
            {
                s.rgTimes[i] = 1;
            }

            string sid = convertSidToString(ncReplicaObjectSid);

            DRS_MSG_REPMOD?req = DRSClient.CreateReplicaModifyRequest(
                ncReplicaDistinguishedName,
                ncReplicaObjectGuid,
                sid,
                sourceDsaGuid,
                sourceDsaName,
                s,
                replicaFlags,
                modifyFields,
                options);
            return((DRS_MSG_REPMOD)req);
        }

Beispiel #14

Datei: RodcTests.cs Projekt: pirenga/CVE-2020-1206-POC

        public void DRSR_RODC_FAS_Add_Attribute()
        {
            int timeOut = 0;

            DrsrTestChecker.Check();

            EnvironmentConfig.Machine rodcEnum = EnvironmentConfig.Machine.RODC;
            EnvironmentConfig.Machine dc1Enum  = EnvironmentConfig.Machine.WritableDC1;
            DsServer   dc1  = (DsServer)EnvironmentConfig.MachineStore[dc1Enum];
            DsServer   rodc = (DsServer)EnvironmentConfig.MachineStore[rodcEnum];
            ResultCode r    = ResultCode.Other;

            // FAS: first try "Employee-Number"
            string nc = LdapUtility.GetDnFromNcType(dc1, NamingContext.SchemaNC);
            string searchFlagsAttr = "searchFlags";
            string attrDn          = "CN=Employee-Number," + nc;
            string attrName        = "employeeNumber";

            uint searchFlags = 0;

            // wait until FAS is modified on DC01
            for (timeOut = 0; timeOut < kMaxTimeOut; ++timeOut)
            {
                searchFlags = Convert.ToUInt32(
                    ldapAdapter.GetAttributeValueInString(dc1, attrDn, searchFlagsAttr)
                    );

                if ((searchFlags & kRODC_FAS) != 0)
                {
                    BaseTestSite.Log.Add(LogEntryKind.Comment, "FAS already effective.");
                    // the attribute is already in the FAS
                    break;
                }

                ldapAdapter.ModifyAttribute(dc1, attrDn, new DirectoryAttribute(searchFlagsAttr, kRODC_FAS.ToString()));

                System.Threading.Thread.Sleep(kMaxTimeoutInMilliseconds);
            }

            BaseTestSite.Assert.IsTrue((searchFlags & kRODC_FAS) != 0, "FAS is set successfully on {0}", dc1.NetbiosName);

            uint ret = drsTestClient.DrsBind(rodcEnum, EnvironmentConfig.User.ParentDomainAdmin, DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE);

            Assert.IsTrue(ret == 0);
            ret = drsTestClient.DrsReplicaSync(rodcEnum, DrsReplicaSync_Versions.V1, dc1Enum, DRS_OPTIONS.DRS_FULL_SYNC_NOW, false, NamingContext.SchemaNC);
            BaseTestSite.Assert.IsTrue(ret == 0, "Start replica from {0} to {1}.", dc1.NetbiosName, rodc.NetbiosName);

            // wait until FAS is replicated to RODC
            BaseTestSite.Log.Add(LogEntryKind.Comment, "Waiting for FAS to be replicated, searchFlags: {0}", searchFlags);
            bool isReplicated = false;

            for (timeOut = 0; timeOut < kMaxTimeOut; ++timeOut)
            {
                if (IsObjectReplicated(dc1, rodc, NamingContext.SchemaNC, attrDn))
                {
                    // exit the loop when FAS is replicated to the RODC
                    isReplicated = true;
                    BaseTestSite.Log.Add(LogEntryKind.Comment, "FAS applied.");
                    break;
                }
                System.Threading.Thread.Sleep(kMaxTimeoutInMilliseconds);
            }
            BaseTestSite.Assert.IsTrue(isReplicated, "Replica from {0} succeeded.", dc1.NetbiosName);

            // create the user first if it doesn't exist.
            string userDn = ldapAdapter.TestAddUserObj(dc1);

            Assert.IsNotNull(userDn);

            // take a "snapshot" of the current RODC replication state.
            // We'll use this snapshot to impersonate earlier state of the RODC
            // AFTER the changes are replicated to the actual RODC.

            USN_VECTOR?            usnFrom   = null;
            UPTODATE_VECTOR_V1_EXT?utdVector = null;

            SnapshotReplicationState(dc1, rodc, NamingContext.DomainNC, out usnFrom, out utdVector);

            // modify Employee Number
            int newValue = _rnd.Next();

            DirectoryAttribute employeeNumberAttr = new DirectoryAttribute(attrName, newValue.ToString());

            r = ldapAdapter.ModifyAttribute(dc1, userDn, employeeNumberAttr);

            Assert.AreEqual <ResultCode>(ResultCode.Success, r);

            //ret = drsTestClient.DrsBind(rodcEnum, EnvironmentConfig.User.ParentDomainAdmin, DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE);
            //Assert.IsTrue(ret == 0);
            ret = drsTestClient.DrsReplicaSync(rodcEnum, DrsReplicaSync_Versions.V1, dc1Enum, DRS_OPTIONS.DRS_ASYNC_OP, false, NamingContext.DomainNC);
            BaseTestSite.Assert.IsTrue(ret == 0, "Start replica from {0} to {1}.", dc1.NetbiosName, rodc.NetbiosName);

            // Wait until the change is replicated by the actual RODC

            bool replicated = false;

            for (timeOut = 0; timeOut < kMaxTimeOut; ++timeOut)
            {
                // First, check the originating USNs on RODC to make sure the replication has completed.
                if (IsObjectReplicated(dc1, rodc, NamingContext.DomainNC, userDn))
                {
                    replicated = true;
                    break;
                }

                // sleep
                System.Threading.Thread.Sleep(kMaxTimeoutInMilliseconds);
            }

            uint?outVersion;
            DRS_MSG_GETCHGREPLY?outMessage = null;

            // DRSBind
            DRS_EXTENSIONS_IN_FLAGS clientCapabilities
                = DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
                  | DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_GETCHGREPLY_V6
                  | DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_STRONG_ENCRYPTION;

            ret = drsTestClient.DrsBind(dc1Enum, EnvironmentConfig.User.RODCMachineAccount, clientCapabilities);
            Assert.IsTrue(ret == 0);

            if (replicated)
            {
                ret = drsTestClient.DrsGetNCChangesV2(
                    dc1Enum,
                    dc1,
                    rodc,
                    userDn,
                    usnFrom.Value,
                    utdVector.Value,
                    false,
                    out outVersion,
                    out outMessage);
            }

            // remove the temp user
            ldapAdapter.DeleteObject(dc1, userDn);

            // DRSUnbind
            ret = drsTestClient.DrsUnbind(dc1Enum);
            Assert.IsTrue(ret == 0);

            BaseTestSite.Assert.IsTrue(replicated, "Replica from {0} succeeded.", dc1.NetbiosName);

            // check in outMessage that the secret attributes are not replicated.
            DRS_MSG_GETCHGREPLY_V6 replyV6 = outMessage.Value.V6;

            REPLENTINFLIST[] objectList = replyV6.pObjects;

            if (objectList != null)
            {
                foreach (REPLENTINFLIST entInf in objectList)
                {
                    for (int i = 0; i < entInf.Entinf.AttrBlock.attrCount; ++i)
                    {
                        ATTR   attr        = entInf.Entinf.AttrBlock.pAttr[i];
                        string displayName = GetLdapDisplayName(dc1, attr.attrTyp, replyV6.PrefixTableSrc);

                        if (displayName == attrName)
                        {
                            // examine the new value
                            string value = System.Text.Encoding.Unicode.GetString(
                                attr.AttrVal.pAVal[0].pVal);

                            BaseTestSite.Assert.AreNotEqual <string>(
                                newValue.ToString(),
                                value,
                                "{0} is in FAS, should not be replicated", attrName);
                        }
                    }
                }
            }


            // FAS: Remove "Employee-Number" from the FAS
            DirectoryAttribute searchAttr = new DirectoryAttribute(searchFlagsAttr, "0");

            r = ldapAdapter.ModifyAttribute(dc1, attrDn, searchAttr);
        }

Beispiel #15

Datei: AddObjectUpdate.cs Projekt: pirenga/CVE-2020-1206-POC

 /// <summary>
 /// constructor
 /// </summary>
 /// <param name="dcType"></param>
 /// <param name="objDN"></param>
 public AddObjectUpdate(EnvironmentConfig.Machine dcType, string objDN)
 {
     dsServerType = dcType;
     objectDN     = objDN;
 }

Beispiel #16

Datei: RodcTests.cs Projekt: pirenga/CVE-2020-1206-POC

        public void DRSR_RODC_Credential_Caching_Revealed()
        {
            int timeOut = 0;

            DrsrTestChecker.Check();

            EnvironmentConfig.Machine rodcEnum = EnvironmentConfig.Machine.RODC;
            EnvironmentConfig.Machine dc1Enum  = EnvironmentConfig.Machine.WritableDC1;
            DsServer dc1  = (DsServer)EnvironmentConfig.MachineStore[dc1Enum];
            DsServer rodc = (DsServer)EnvironmentConfig.MachineStore[rodcEnum];

            // take a snapshot of the current replication state of the RODC
            USN_VECTOR?            usnFrom   = null;
            UPTODATE_VECTOR_V1_EXT?utdVector = null;

            SnapshotReplicationState(dc1, rodc, NamingContext.DomainNC, out usnFrom, out utdVector);


            // we need a user and put it into the Revealed List.
            // create the user first if it doesn't exist.
            string nc     = LdapUtility.GetDnFromNcType(dc1, NamingContext.DomainNC);
            string userDn = ldapAdapter.TestAddUserObj(dc1);

            Assert.IsNotNull(userDn);

            // add this user to the "Allowed RODC Password Replication Group"
            string allowedDn = "CN=Allowed RODC Password Replication Group, CN=Users,"
                               + LdapUtility.GetDnFromNcType(dc1, NamingContext.DomainNC);

            ResultCode r = ldapAdapter.AddObjectToGroup(dc1, userDn, allowedDn);

            Assert.IsTrue(r == ResultCode.Success);
            // Set password of the user
            LdapUtility.ChangeUserPassword(dc1, userDn, "1*admin");

            // wait until the object is replicated by the actual RODC
            bool replicated = false;

            for (timeOut = 0; timeOut < kMaxTimeOut; ++timeOut)
            {
                if (IsObjectReplicated(dc1, rodc, NamingContext.DomainNC, userDn))
                {
                    replicated = true;
                    break;
                }

                System.Threading.Thread.Sleep(kMaxTimeoutInMilliseconds);
            }

            // wait until the "Allowed RODC Password Replication Group object is replicated by the actual RODC
            replicated = false;
            for (timeOut = 0; timeOut < kMaxTimeOut; ++timeOut)
            {
                if (IsObjectReplicated(dc1, rodc, NamingContext.DomainNC, allowedDn))
                {
                    replicated = true;
                    break;
                }

                System.Threading.Thread.Sleep(kMaxTimeoutInMilliseconds);
            }

            BaseTestSite.Assert.IsTrue(replicated, "{0} should be replicated to the RODC", allowedDn);

            // DRSBind
            DRS_EXTENSIONS_IN_FLAGS clientCapabilities
                = DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
                  | DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_GETCHGREPLY_V6
                  | DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_STRONG_ENCRYPTION;

            uint ret = drsTestClient.DrsBind(dc1Enum, EnvironmentConfig.User.RODCMachineAccount, clientCapabilities);

            Assert.IsTrue(ret == 0);

            uint?outVersion;
            DRS_MSG_GETCHGREPLY?outMessage = null;

            ret = drsTestClient.DrsGetNCChangesV2(
                dc1Enum,
                dc1,
                rodc,
                userDn,
                usnFrom.Value,
                utdVector.Value,
                true,  // request secrets
                out outVersion,
                out outMessage);

            // DRSUnbind
            ret = drsTestClient.DrsUnbind(dc1Enum);
            Assert.IsTrue(ret == 0);

            ldapAdapter.DeleteObject(dc1, userDn);

            // check in outMessage that the secret attributes are not replicated.
            DRS_MSG_GETCHGREPLY_V6 replyV6 = outMessage.Value.V6;

            REPLENTINFLIST[] objectList = replyV6.pObjects;

            bool   secretFound         = false;
            string firstSecretAttrbute = null;

            foreach (REPLENTINFLIST entInf in objectList)
            {
                for (int i = 0; i < entInf.Entinf.AttrBlock.attrCount; ++i)
                {
                    ATTR attr = entInf.Entinf.AttrBlock.pAttr[i];
                    if (IsSecretAttribute(dc1, attr.attrTyp, replyV6.PrefixTableSrc, out firstSecretAttrbute))
                    {
                        if (attr.AttrVal.pAVal != null)
                        {
                            secretFound = true;
                        }
                    }
                }
            }

            BaseTestSite.Assert.IsTrue(
                secretFound,
                "Secret attribute {0} should appear in the response when user is in the revealed list",
                firstSecretAttrbute);
        }

Beispiel #17

Datei: RodcTests.cs Projekt: pirenga/CVE-2020-1206-POC

        public void DRSR_RODC_Unidirectional_Replication_Denied()
        {
            DrsrTestChecker.Check();

            EnvironmentConfig.Machine rodcEnum = EnvironmentConfig.Machine.RODC;
            EnvironmentConfig.Machine dc1Enum  = EnvironmentConfig.Machine.WritableDC1;
            DsServer dc1  = (DsServer)EnvironmentConfig.MachineStore[dc1Enum];
            DsServer rodc = (DsServer)EnvironmentConfig.MachineStore[rodcEnum];

            // DRSBind
            DRS_EXTENSIONS_IN_FLAGS clientCapabilities
                = DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
                  | DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_GETCHGREPLY_V6
                  | DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_STRONG_ENCRYPTION;

            uint ret = drsTestClient.DrsBind(rodcEnum, EnvironmentConfig.User.MainDCAccount, clientCapabilities);

            Assert.IsTrue(ret == 0);

            // test user DN
            string nc     = LdapUtility.GetDnFromNcType(dc1, NamingContext.DomainNC);
            string userDn = "CN=" + EnvironmentConfig.DomainUserName + ",CN=Users," + nc;

            EnvironmentConfig.ExpectSuccess = false;

            uint?outVersion;
            DRS_MSG_GETCHGREPLY?outMessage;

            bool exceptionCaught = false;

            try
            {
                ret = drsTestClient.DrsGetNCChanges(
                    rodcEnum,
                    DrsGetNCChanges_Versions.V8,
                    dc1Enum,
                    DRS_OPTIONS.NONE,
                    NamingContext.DomainNC,
                    EXOP_REQ_Codes.EXOP_REPL_SECRETS,
                    FSMORoles.None,
                    userDn,
                    out outVersion,
                    out outMessage);
            }
            catch (Exception e)
            {
                if (EnvironmentConfig.UseNativeRpcLib)
                {
                    // windows behavior, an RODC cannot process GetNCChange request
                    // Illegal RODC RPC call
                    BaseTestSite.Assert.IsInstanceOfType(
                        e,
                        typeof(SEHException),
                        "The call should not be accepted by the RODC");
                }
                else
                {
                    BaseTestSite.Assert.AreEqual <int>(87, int.Parse(e.Message), "RPC error code " + e.Message);
                }
                exceptionCaught = true;
            }
            finally
            {
                EnvironmentConfig.ExpectSuccess = true;
            }

            BaseTestSite.Assert.IsTrue(exceptionCaught, "An exception should be raised to indicate invalid GetNCChange calls");
        }

Beispiel #18

        public void DRSR_DRSRemoveDsDomain_Remove_Domain()
        {
            DrsrTestChecker.Check();
            // Init the data.
            EnvironmentConfig.Machine srv = EnvironmentConfig.Machine.WritableDC1;

            // The destination server in an external forest. The external forest will be
            // removed after this call.
            EnvironmentConfig.Machine dst = EnvironmentConfig.Machine.CDC;

            DsServer server = (DsServer)EnvironmentConfig.MachineStore[srv];

            DsServer child = (DsServer)EnvironmentConfig.MachineStore[dst];

            DsUser user = EnvironmentConfig.UserStore[EnvironmentConfig.User.ParentDomainAdmin];

            uint ret = 0;

            ret = drsTestClient.DrsBind(
                srv,
                EnvironmentConfig.User.ParentDomainAdmin,
                DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
                );

            BaseTestSite.Assert.AreEqual <uint>(
                0,
                ret,
                "IDL_DRSBind: should return 0 with a success bind to DC");

            string domainDn = child.Domain.Name;

            // We call RemoveDsServer to remove an actual
            // DC in the external forest, so that a crossRef object
            // pointing to a removed NC will exists.
            string serverDn = child.ServerObjectName;

            ret = drsTestClient.DrsRemoveDsServer(
                srv,
                IDL_DRSRemoveDsServer_dwInVersion_Values.V1,
                serverDn,
                domainDn,
                true);

            BaseTestSite.Assert.AreEqual <uint>(
                0,
                ret,
                "IDL_DRSRemoveDsDomain: should return 0 after removal of server");

            // Note that by far, the NTDS DSA object of this server should be removed already.
            ret = drsTestClient.DrsRemoveDsDomain(
                srv,
                IDL_DRSRemoveDsDomain_dwInVersion_Values.V1,
                domainDn
                );

            BaseTestSite.Assert.AreEqual <uint>(
                ret,
                0,
                "IDL_DRSRemoveDsDomain: return value should be 0");

            // Unbind
            ret = drsTestClient.DrsUnbind(srv);
            BaseTestSite.Assert.AreEqual <uint>(
                0,
                ret,
                "IDL_DRSUnbind: return value should be 0");
        }

Beispiel #19

Datei: RodcTests.cs Projekt: pirenga/CVE-2020-1206-POC

        public void DRSR_RODC_Credential_Caching_Not_Revealed()
        {
            uint timeOut = 0;

            DrsrTestChecker.Check();

            EnvironmentConfig.Machine rodcEnum = EnvironmentConfig.Machine.RODC;
            EnvironmentConfig.Machine dc1Enum  = EnvironmentConfig.Machine.WritableDC1;
            DsServer dc1  = (DsServer)EnvironmentConfig.MachineStore[dc1Enum];
            DsServer rodc = (DsServer)EnvironmentConfig.MachineStore[rodcEnum];

            // take a snapshot of the current replication state of the RODC
            USN_VECTOR?            usnFrom   = null;
            UPTODATE_VECTOR_V1_EXT?utdVector = null;

            SnapshotReplicationState(dc1, rodc, NamingContext.DomainNC, out usnFrom, out utdVector);

            // we need a user and put it into the Revealed List.
            // create the user first if it doesn't exist.
            string userDn = ldapAdapter.TestAddUserObj(dc1);

            Assert.IsNotNull(userDn);

            // at this time, the user is NOT in the revealed list
            // wait until the object is replicated by the actual RODC
            bool replicated = false;

            for (timeOut = 0; timeOut < kMaxTimeOut; ++timeOut)
            {
                if (IsObjectReplicated(dc1, rodc, NamingContext.DomainNC, userDn))
                {
                    replicated = true;
                    break;
                }

                System.Threading.Thread.Sleep(kMaxTimeoutInMilliseconds);
            }
            BaseTestSite.Assert.IsTrue(replicated, "The object should be replicated to the RODC");
            // DRSBind
            DRS_EXTENSIONS_IN_FLAGS clientCapabilities
                = DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
                  | DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_GETCHGREPLY_V6
                  | DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_STRONG_ENCRYPTION;

            uint ret = drsTestClient.DrsBind(dc1Enum, EnvironmentConfig.User.RODCMachineAccount, clientCapabilities);

            Assert.IsTrue(ret == 0);

            uint?outVersion;
            DRS_MSG_GETCHGREPLY?outMessage;

            ret = drsTestClient.DrsGetNCChangesV2(
                dc1Enum,
                dc1,
                rodc,
                userDn,
                usnFrom.Value,
                utdVector.Value,
                true,              // request secrets
                out outVersion,
                out outMessage);

            BaseTestSite.Assert.IsTrue(
                (uint)Win32ErrorCode_32.ERROR_DS_DRA_SECRETS_DENIED == ret,
                "Replication of secrets should be denied when the object is not in the revealed list"
                );

            // remove the temp user
            ldapAdapter.DeleteObject(dc1, userDn);

            // DRSUnbind
            ret = drsTestClient.DrsUnbind(dc1Enum);
        }

Beispiel #20

Datei: EnvironmentConfig.cs Projekt: yangckw/WindowsProtocolTestSuites

        /// <summary>
        /// init objects for MachineStore
        /// </summary>
        static void InitMachineObjects()
        {
            #region machine objects
            string[] enum_vals = Enum.GetNames(typeof(EnvironmentConfig.Machine));
            //first loop only initialize physical machines
            foreach (string s in enum_vals)
            {
                DsMachine machine             = null;
                EnvironmentConfig.Machine val = (EnvironmentConfig.Machine)Enum.Parse(typeof(EnvironmentConfig.Machine), s);

                switch (val)
                {
                case Machine.None:
                    continue;

                case Machine.Endpoint:
                    //initialize client
                    machine             = new ClientMachine();
                    machine.Domain      = DomainStore[DomainEnum.PrimaryDomain];
                    machine.NetbiosName = ADCommonServerAdapter.Instance(testSite).ENDPOINTNetbiosName;
                    machine.DnsHostName = machine.NetbiosName + "." + machine.Domain.DNSName;
                    break;

                case Machine.MainDC:
                    if (MachineStore.ContainsKey(Machine.WritableDC1))
                    {
                        machine = MachineStore[Machine.WritableDC1];
                    }
                    else
                    {
                        machine = ldapAd.GetDCInfo(ADCommonServerAdapter.Instance(testSite).PDCNetbiosName + "." + ADCommonServerAdapter.Instance(testSite).PrimaryDomainDnsName, UserStore[User.ParentDomainAdmin]);
                        if (testDS)
                        {
                            //do this in AD LDS will assign an AD LDS domain
                            machine.Domain = DomainStore[DomainEnum.PrimaryDomain];
                        }
                    }
                    break;

                case Machine.RODC:
                    if (string.IsNullOrWhiteSpace(ADCommonServerAdapter.Instance(testSite).RODCNetbiosName))
                    {
                        continue;
                    }
                    try
                    {
                        machine = ldapAd.GetDCInfo(ADCommonServerAdapter.Instance(testSite).RODCNetbiosName + "." + ADCommonServerAdapter.Instance(testSite).PrimaryDomainDnsName, UserStore[User.ParentDomainAdmin]);
                        if (testDS)
                        {
                            //do this in AD LDS will assign an AD LDS domain
                            machine.Domain = DomainStore[DomainEnum.PrimaryDomain];
                        }
                        ((AddsServer)machine).IsRODC = true;
                    }
                    catch (System.DirectoryServices.Protocols.LdapException)
                    {
                        continue;
                    }
                    break;

                case Machine.WritableDC1:
                    if (MachineStore.ContainsKey(Machine.MainDC))
                    {
                        machine = MachineStore[Machine.MainDC];
                    }
                    else
                    {
                        machine = ldapAd.GetDCInfo(ADCommonServerAdapter.Instance(testSite).PDCNetbiosName + "." + ADCommonServerAdapter.Instance(testSite).PrimaryDomainDnsName, UserStore[User.ParentDomainAdmin]);
                        if (testDS)
                        {
                            //do this in AD LDS will assign an AD LDS domain
                            machine.Domain = DomainStore[DomainEnum.PrimaryDomain];
                        }
                    }
                    break;

                case Machine.WritableDC2:
                    if (string.IsNullOrWhiteSpace(ADCommonServerAdapter.Instance(testSite).SDCNetbiosName))
                    {
                        continue;
                    }
                    try
                    {
                        machine = ldapAd.GetDCInfo(ADCommonServerAdapter.Instance(testSite).SDCNetbiosName + "." + ADCommonServerAdapter.Instance(testSite).PrimaryDomainDnsName, UserStore[User.ParentDomainAdmin]);
                        if (testDS)
                        {
                            //do this in AD LDS will assign an AD LDS domain
                            machine.Domain = DomainStore[DomainEnum.PrimaryDomain];
                        }
                    }
                    catch (System.DirectoryServices.Protocols.LdapException)
                    {
                        continue;
                    }
                    break;

                default:
                    //by default, it should be a DC

                    if (testDS)
                    {
                        if (string.IsNullOrEmpty(testSite.Properties[s + ".NetbiosName"]))
                        {
                            continue;
                        }

                        machine = ldapAd.GetDCInfo(testSite.Properties[s + ".NetbiosName"] + "." + GetDomainFromMachineType(val).DNSName, GetDomainFromMachineType(val).Admin);
                    }
                    else
                    {
                        if (string.IsNullOrEmpty(testSite.Properties[s + ".LDSPort"]))
                        {
                            continue;
                        }
                        machine = ldapAd.GetDCInfo(
                            ADCommonServerAdapter.Instance(testSite).PDCNetbiosName
                            + "."
                            + ADCommonServerAdapter.Instance(testSite).PrimaryDomainDnsName
                            + ":"
                            + testSite.Properties[s + ".LDSPort"],
                            UserStore[User.ParentDomainAdmin]);
                        ((AdldsServer)machine).DsaNetworkAddress =
                            ADCommonServerAdapter.Instance(testSite).PDCNetbiosName
                            + "."
                            + ADCommonServerAdapter.Instance(testSite).PrimaryDomainDnsName
                            + ":"
                            + ((AdldsServer)machine).DsaNetworkAddress;
                    }
                    ((DsServer)machine).IsWindows = bool.Parse(testSite.Properties[s + ".IsWindows"]);

                    if (machine != null)
                    {
                        switch (val)
                        {
                        case Machine.CDC:
                            machine.Domain = DomainStore[DomainEnum.ChildDomain];
                            break;

                        case Machine.ExternalDC:
                            machine.Domain = DomainStore[DomainEnum.ExternalDomain];
                            break;

                        default:
                            machine.Domain = DomainStore[DomainEnum.PrimaryDomain];
                            break;
                        }
                    }
                    break;
                }
                if (machine != null)
                {
                    MachineStore.Add(val, machine);

                    if (val != Machine.MainDC)
                    {
                        PhysicalMachineStore.Add(val, machine);
                    }
                }
            }

            //second loop initialize roles
            foreach (string s in enum_vals)
            {
                EnvironmentConfig.Machine val = (EnvironmentConfig.Machine)Enum.Parse(typeof(EnvironmentConfig.Machine), s);

                switch (val)
                {
                case Machine.DC_With_DomainNamingMasterRole:
                    break;

                case Machine.DC_With_RidAllocationMasterRole:
                    break;

                case Machine.GCServer:
                    break;

                case Machine.PDC:
                    break;

                default:
                    continue;
                }
                MachineStore.Add(val, MachineStore[Machine.WritableDC1]);
            }

            #endregion
        }

Beispiel #21

Datei: VerifyNames.cs Projekt: raystyle/WindowsProtocolTestSuits

        public void DRSR_DRSVerifyNames_Verify_SAM_Account_Names()
        {
            DrsrTestChecker.Check();
            // Init the data.
            EnvironmentConfig.Machine srv = EnvironmentConfig.Machine.WritableDC1;
            DsServer server = (DsServer)EnvironmentConfig.MachineStore[srv];
            DsUser   user   = EnvironmentConfig.UserStore[EnvironmentConfig.User.ParentDomainAdmin];

            uint ret = 0;

            ret = drsTestClient.DrsBind(
                srv,
                EnvironmentConfig.User.ParentDomainAdmin,
                DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
                );

            BaseTestSite.Assert.AreEqual <uint>(
                0,
                ret,
                "IDL_DRSBind: should return 0 with a success bind to DC");

            // Create a DSNAME with only SAMAccountName.
            string userDn         = ldapAdapter.GetUserDn(server, user);
            string sAMAccountName = (string)ldapAdapter.GetAttributeValue(server, userDn, "sAMAccountName");
            DSNAME dsUser         = DrsuapiClient.CreateDsName(sAMAccountName, Guid.Empty, null);

            // Prefix table
            SCHEMA_PREFIX_TABLE prefixTable = OIDUtility.CreatePrefixTable();

            // Create the attribute block. Here we go to RDN attribute.
            string rdnAttrId = DRSConstants.RDN_OID;
            uint   attrTyp   = OIDUtility.MakeAttid(prefixTable, rdnAttrId);

            ATTRVAL      attrVal      = DrsuapiClient.CreateATTRVAL(null);
            ATTRVALBLOCK attrValBlock = DrsuapiClient.CreateATTRVALBLOCK(new ATTRVAL[] { attrVal });
            ATTR         attr         = DrsuapiClient.CreateATTR(attrTyp, attrValBlock);
            ATTRBLOCK    attrBlock    = DrsuapiClient.CreateATTRBLOCK(new ATTR[] { attr });

            // Actual RPC call.
            ret = drsTestClient.DrsVerifyNames(
                srv,
                dwInVersion_Values.V1,
                DRS_MSG_VERIFYREQ_V1_dwFlags_Values.DRS_VERIFY_SAM_ACCOUNT_NAMES,
                new DSNAME[] { dsUser },
                new string[] { userDn },
                attrBlock,
                prefixTable
                );

            BaseTestSite.Assert.AreEqual <uint>(
                0,
                ret,
                "IDL_DRSVerifyNames: return value should be 0"
                );

            // Unbind
            ret = drsTestClient.DrsUnbind(srv);
            BaseTestSite.Assert.AreEqual <uint>(
                0,
                ret,
                "IDL_DRSUnbind: return value should be 0");
        }

Beispiel #22

Datei: DrsrKCCFailures.cs Projekt: yangckw/WindowsProtocolTestSuites

 DRS_MSG_REPDEL GenerateReplicaDelReq(EnvironmentConfig.Machine machine, EnvironmentConfig.Machine src)
 {
     return(drsTestClient.CreateReplicaDelReq(machine, (DsServer)EnvironmentConfig.MachineStore[src], DRS_OPTIONS.DRS_WRIT_REP, NamingContext.ConfigNC));
 }

Beispiel #23

Datei: DrsrKCCFailures.cs Projekt: yangckw/WindowsProtocolTestSuites

 DRS_MSG_REPADD GenerateReplicaAddReq(EnvironmentConfig.Machine sut, EnvironmentConfig.Machine partner, DRS_MSG_REPADD_Versions version)
 {
     return(drsTestClient.CreateReplicaAddReq(sut, version, (DsServer)EnvironmentConfig.MachineStore[partner], DRS_OPTIONS.DRS_WRIT_REP, NamingContext.ConfigNC));
 }

Beispiel #24

Datei: DrsrKCCFailures.cs Projekt: asdyxcyxc/WindowsProtocolTestSuites

        private void DRSUpdateRefs_pszDsaDest_NULL(DrsUpdateRefs_Versions ver)
        {
            uint ret = drsTestClient.DrsBind(EnvironmentConfig.Machine.WritableDC1, EnvironmentConfig.User.ParentDomainAdmin, DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE);

            DRS_MSG_UPDREFS req;

            EnvironmentConfig.Machine machine = EnvironmentConfig.Machine.WritableDC1;
            DsServer    dest = (DsServer)EnvironmentConfig.MachineStore[EnvironmentConfig.Machine.WritableDC2];
            DRS_OPTIONS options;

            try
            {
                BaseTestSite.Log.Add(LogEntryKind.Checkpoint, "Try to delete replication destination from repsTo for later testing. It MAY fails if there is no such record to delete");

                options = DRS_OPTIONS.DRS_DEL_REF;

                req = drsTestClient.CreateRequestForDrsUpdateRef(
                    machine,
                    ver,
                    dest,
                    options
                    );
                ret = drsTestClient.DRSClient.DrsUpdateRefs(EnvironmentConfig.DrsContextStore[machine], (uint)ver, req);
            }
            catch
            {
                BaseTestSite.Log.Add(LogEntryKind.Checkpoint, "No similar record to delete in repsTo. It's OK to continue");
            }

            options = DRS_OPTIONS.DRS_ADD_REF;
            req     = drsTestClient.CreateRequestForDrsUpdateRef(
                machine,
                ver,
                dest,
                options
                );

            // Invalid value
            switch (ver)
            {
            case DrsUpdateRefs_Versions.V1:
                req.V1.pszDsaDest = "";
                break;

            case DrsUpdateRefs_Versions.V2:
                req.V2.pszDsaDest = "";
                break;

            default:
                BaseTestSite.Assert.Fail("The version {0} is not supported.", ver);
                break;
            }

            ret = drsTestClient.DRSClient.DrsUpdateRefs(EnvironmentConfig.DrsContextStore[machine], (uint)ver, req);
            BaseTestSite.Assert.AreEqual <uint>((uint)Win32ErrorCode_32.ERROR_DS_DRA_INVALID_PARAMETER, ret, "the server should return ERROR_DS_DRA_INVALID_PARAMETER");
            options = DRS_OPTIONS.DRS_DEL_REF;
            req     = drsTestClient.CreateRequestForDrsUpdateRef(
                machine,
                ver,
                dest,
                options
                );
            ret = drsTestClient.DRSClient.DrsUpdateRefs(EnvironmentConfig.DrsContextStore[machine], (uint)ver, req);
        }

Beispiel #25

Datei: KCCUpdates.cs Projekt: pirenga/CVE-2020-1206-POC

 /// <summary>
 /// constructor
 /// </summary>
 /// <param name="svr">sut</param>
 /// <param name="toDel">source</param>
 /// <param name="op">flags</param>
 /// <param name="cred">credential</param>
 public RecoverReplicaSource(EnvironmentConfig.Machine svr, EnvironmentConfig.User cred)
 {
     sut  = svr;
     user = cred;
 }

Beispiel #26

Datei: KCCUpdates.cs Projekt: pirenga/CVE-2020-1206-POC

 public NeedRepSourceUpdate(EnvironmentConfig.Machine sut, EnvironmentConfig.Machine srcSvr, NamingContext nc)
 {
     server = sut;
     src    = srcSvr;
     srcNC  = nc;
 }

Beispiel #27

Datei: CrackNamesVerifier.cs Projekt: asdyxcyxc/WindowsProtocolTestSuites

        /// <summary>
        /// Verify CrackNames results.
        /// </summary>
        /// <param name="machine"></param>
        /// <param name="retVal"></param>
        /// <param name="dwInVersion"></param>
        /// <param name="req"></param>
        /// <param name="outVersion"></param>
        /// <param name="reply"></param>
        public void VerifyDrsCrackNames(
            EnvironmentConfig.Machine machine,
            uint retVal,
            uint dwInVersion,
            DRS_MSG_CRACKREQ req,
            uint?outVersion,
            DRS_MSG_CRACKREPLY?reply)
        {
            // IDL_DRSCrackNames supports only V1
            testSite.Assert.IsTrue(outVersion == 1,
                                   "IDL_DRSCrackNames: Checking outVersion - got: {0}, expect: {1}, outVersion should be 1.", outVersion, 1);
            testSite.Assert.IsNotNull(reply, "IDL_DRSCrackNames: Checking outMessage - outMessage should not be null.");
            testSite.Assert.IsNotNull(reply.Value.V1.pResult, "IDL_DRSCrackNames: Checking pResult - pResult in outMessage should not be null.");


            DsServer srv = (DsServer)EnvironmentConfig.MachineStore[machine];

            uint flag = req.V1.dwFlags;

            switch (flag)
            {
            case (uint)DRS_MSG_CRACKREQ_FLAGS.DS_NAME_FLAG_GC_VERIFY:
            {
                const uint ERROR_DS_GCVERIFY_ERROR = 0x20e1;

                bool isGc = ldapAd.IsGc(srv);
                if (!isGc)
                {
                    testSite.Assert.IsTrue(
                        retVal == ERROR_DS_GCVERIFY_ERROR,
                        "IDL_DRSCrackNames: Cannot verify the GC server {0}",
                        srv.NetbiosName);
                }
                else
                {
                    testSite.Assert.IsTrue(
                        retVal == (uint)DS_NAME_ERROR.DS_NAME_NO_ERROR,
                        "IDL_DRSCrackNames: DC {0} is not a GC server",
                        srv.NetbiosName);
                }
            }
            break;

            default:
                break;
            }

            // formats
            uint formatOffered = req.V1.formatOffered;

            switch (formatOffered)
            {
            case (uint)DS_NAME_FORMAT.DS_INVALID_NAME:
                // Invalid name, just break.
                break;

            case (uint)formatOffered_Values.DS_LIST_SITES:
                VerifyCrackNamesListAllSites(srv, req, reply);
                break;

            case (uint)formatOffered_Values.DS_LIST_SERVERS_IN_SITE:
                VerifyCrackNamesListServersInSite(srv, req, reply);
                break;

            case (uint)formatOffered_Values.DS_LIST_DOMAINS_IN_SITE:
                VerifyCrackNamesListDomainsInSite(srv, req, reply);
                break;

            case (uint)formatOffered_Values.DS_LIST_SERVERS_FOR_DOMAIN_IN_SITE:
                VerifyCrackNamesListServersForDomainInSite(srv, req, reply);
                break;

            case (uint)formatOffered_Values.DS_LIST_INFO_FOR_SERVER:
                VerifyCrackNamesListInfoForServer(srv, req, reply);
                break;

            case (uint)formatOffered_Values.DS_LIST_ROLES:
                VerifyCrackNamesListRoles(srv, req, reply);
                break;

            case (uint)formatOffered_Values.DS_LIST_DOMAINS:
                VerifyCrackNamesListDomains(srv, req, reply);
                break;

            case (uint)formatOffered_Values.DS_LIST_NCS:
                VerifyCrackNamesListNcs(srv, req, reply);
                break;

            case (uint)formatOffered_Values.DS_LIST_SERVERS_WITH_DCS_IN_SITE:
                VerifyCrackNamesListServersWithDcsInSite(srv, req, reply);
                break;

            case (uint)formatOffered_Values.DS_LIST_GLOBAL_CATALOG_SERVERS:
                VerifyCrackNamesListGlobalCatalogServers(srv, req, reply);
                break;

            case (uint)formatOffered_Values.DS_MAP_SCHEMA_GUID:
                VerifyCrackNamesMapSchemaGuid(srv, req, reply);
                break;

            case (uint)DS_NAME_FORMAT.DS_UNKNOWN_NAME:
            case (uint)DS_NAME_FORMAT.DS_FQDN_1779_NAME:
            case (uint)DS_NAME_FORMAT.DS_NT4_ACCOUNT_NAME:
            case (uint)DS_NAME_FORMAT.DS_DISPLAY_NAME:
            case (uint)DS_NAME_FORMAT.DS_UNIQUE_ID_NAME:
            case (uint)DS_NAME_FORMAT.DS_CANONICAL_NAME:
            case (uint)DS_NAME_FORMAT.DS_USER_PRINCIPAL_NAME:
            case (uint)DS_NAME_FORMAT.DS_CANONICAL_NAME_EX:
            case (uint)DS_NAME_FORMAT.DS_SERVICE_PRINCIPAL_NAME:
            case (uint)DS_NAME_FORMAT.DS_SID_OR_SID_HISTORY_NAME:
            case (uint)DS_NAME_FORMAT.DS_DNS_DOMAIN_NAME:
            case (uint)formatOffered_Values.DS_NT4_ACCOUNT_NAME_SANS_DOMAIN:
            case (uint)formatOffered_Values.DS_NT4_ACCOUNT_NAME_SANS_DOMAIN_EX:
            case (uint)formatOffered_Values.DS_ALT_SECURITY_IDENTITIES_NAME:
            case (uint)formatOffered_Values.DS_STRING_SID_NAME:
            case (uint)formatOffered_Values.DS_USER_PRINCIPAL_NAME_AND_ALTSECID:
            {
                for (int i = 0; i < req.V1.cNames; ++i)
                {
                    DS_NAME_RESULT_ITEMW r = ldapAd.LookupNames(
                        srv,
                        req.V1.dwFlags,
                        req.V1.formatOffered,
                        req.V1.formatDesired,
                        req.V1.rpNames[i]
                        );

                    // status code
                    testSite.Assert.IsTrue(
                        r.status == reply.Value.V1.pResult[0].rItems[i].status,
                        "IDL_DRSCrackNames: Verify status failed, expect: {0}, got: {1}",
                        r.status,
                        reply.Value.V1.pResult[0].rItems[i].status
                        );

                    // name
                    if (r.pName == null)
                    {
                        testSite.Assert.IsNull(reply.Value.V1.pResult[0].rItems[i].pName,
                                               "IDL_DRSCrackNames: Verify pName failed, expect: null, got: {0}.",
                                               reply.Value.V1.pResult[0].rItems[i].pName);
                    }
                    else
                    {
                        testSite.Assert.IsTrue(
                            r.pName == reply.Value.V1.pResult[0].rItems[i].pName,
                            "IDL_DRSCrackNames: Verify pName failed, expect: {0}, got: {1}.",
                            r.pName,
                            reply.Value.V1.pResult[0].rItems[i].pName
                            );
                    }

                    // domain
                    if (r.pDomain == null)
                    {
                        testSite.Assert.IsNull(reply.Value.V1.pResult[0].rItems[i].pDomain,
                                               "IDL_DRSCrackNames: Verify pDomain failed, expect: null, got: {0}.",
                                               reply.Value.V1.pResult[0].rItems[i].pDomain);
                    }
                    else
                    {
                        testSite.Assert.IsTrue(
                            r.pDomain == reply.Value.V1.pResult[0].rItems[i].pDomain,
                            "IDL_DRSCrackNames: Verify pDomain failed, expect: {0}, got: {1}.",
                            r.pDomain,
                            reply.Value.V1.pResult[0].rItems[i].pDomain
                            );
                    }
                }
            }
            break;

            default:
                throw new NotImplementedException();
            }
        }

Beispiel #28

Datei: DrsGetNCChangesFailures.cs Projekt: pirenga/CVE-2020-1206-POC

        public void DRSR_DRSGetNCChanges_Failed_NoStrongEncryptionByClient()
        {
            DrsrTestChecker.Check();
            EnvironmentConfig.Machine dcServer  = EnvironmentConfig.Machine.WritableDC1;
            EnvironmentConfig.Machine dcPartner = EnvironmentConfig.Machine.WritableDC2;
            DsServer      dcServerMachine       = (DsServer)EnvironmentConfig.MachineStore[dcServer];
            DsServer      dcPartnerMachine      = (DsServer)EnvironmentConfig.MachineStore[dcPartner];
            NamingContext specifiedNC           = NamingContext.DomainNC;

            string          userdn = ldapAdpter.TestAddUserObj(dcServerMachine);
            AddObjectUpdate aou    = new AddObjectUpdate(dcServer, userdn);

            updateStorage.PushUpdate(aou);

            string groupdn = DRSTestData.DRSGetNCChange_ExistGroup + "," + LdapUtility.ConvertUshortArrayToString(((AddsDomain)dcServerMachine.Domain).DomainNC.StringName);

            DRS_OPTIONS ulFlags = DRS_OPTIONS.NONE;

            try
            {
                ldapAdpter.RemoveObjectFromGroup(dcServerMachine, userdn, groupdn);
            }
            catch
            {
                //it's OK if user is not in group
            }
            drsTestClient.SyncDCs(dcServer, dcServer);

            //add a user to group dn
            BaseTestSite.Log.Add(LogEntryKind.Comment, "Add user dn {0} to group dn {1} on DC {2}", userdn, groupdn, dcServer);
            ResultCode addret = ldapAdpter.AddObjectToGroup(dcServerMachine, userdn, groupdn);

            BaseTestSite.Assert.IsTrue(addret == ResultCode.Success, "add userdn {0} to group dn {1} failed", userdn, groupdn);
            AddObjectUpdate adduserUpdate = new AddObjectUpdate(dcServer, userdn);

            updateStorage.PushUpdate(adduserUpdate);


            DRS_EXTENSIONS_IN_FLAGS clientCapbilities = DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE | DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_GETCHGREPLY_V6; // not contains | DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_STRONG_ENCRYPTION;

            BaseTestSite.Log.Add(LogEntryKind.Comment, "Bind to DC server: {0}", dcServer);
            uint ret = drsTestClient.DrsBind(dcServer, EnvironmentConfig.User.WritableDC2Account, clientCapbilities);

            BaseTestSite.Assert.AreEqual <uint>(0, ret, "IDL_DRSBind should return 0 with a success bind to DC");

            BaseTestSite.Log.Add(LogEntryKind.Comment,
                                 "Calling IDL_DRSNCChanges (V8 request) to get changes for a specified NC from a DC server. The reply compression is not required.");
            uint?outVersion;
            DRS_MSG_GETCHGREPLY?outMessage;

            ret = drsTestClient.DrsGetNCChanges(
                dcServer,
                DrsGetNCChanges_Versions.V8,
                dcPartner,
                ulFlags,
                specifiedNC,
                EXOP_REQ_Codes.None,
                FSMORoles.None,
                null,
                out outVersion,
                out outMessage);
            BaseTestSite.Assert.AreNotEqual <uint>(0, ret, "IDL_DRSGetNCChanges should not return 0x0 for failure");
            BaseTestSite.Assert.AreEqual <uint>((uint)Win32ErrorCode_32.SEC_E_ALGORITHM_MISMATCH, ret, "Verify error code detail: IDL_DRSNCChanges should return SEC_E_ALGORITHM_MISMATCH due to DRS_EXT_STRONG_ENCRYPTION not included in bind.");
        }