Beispiel #1
0
        // the host enumeration block we're using to enumerate all servers
        private static IEnumerable <UserLocation> _Find_DomainUserLocation(string[] ComputerName, string[] TargetUsers, string CurrentUser, bool Stealth, bool CheckAccess, IntPtr TokenHandle)
        {
            var LogonToken = IntPtr.Zero;

            if (TokenHandle != IntPtr.Zero)
            {
                // impersonate the the token produced by LogonUser()/Invoke-UserImpersonation
                LogonToken = InvokeUserImpersonation.Invoke_UserImpersonation(new Args_Invoke_UserImpersonation
                {
                    TokenHandle = TokenHandle,
                    Quiet       = true
                });
            }

            var UserLocations = new List <UserLocation>();

            foreach (var TargetComputer in ComputerName)
            {
                var Up = TestConnection.Ping(TargetComputer, 1);
                if (Up)
                {
                    var Sessions = GetNetSession.Get_NetSession(new Args_Get_NetSession {
                        ComputerName = new[] { TargetComputer }
                    });
                    foreach (var Session in Sessions)
                    {
                        var UserName = Session.UserName;
                        var CName    = Session.CName;

                        if (!CName.IsNullOrEmpty() && CName.StartsWith(@"\\"))
                        {
                            CName = CName.TrimStart('\\');
                        }

                        // make sure we have a result, and ignore computer$ sessions
                        if ((UserName != null) && (UserName.Trim() != "") && (!UserName.IsRegexMatch(CurrentUser)) && (!UserName.IsRegexMatch(@"\$$")))
                        {
                            if ((TargetUsers == null) || (TargetUsers.Contains(UserName)))
                            {
                                var UserLocation = new UserLocation
                                {
                                    UserDomain   = null,
                                    UserName     = UserName,
                                    ComputerName = TargetComputer,
                                    SessionFrom  = CName
                                };

                                // try to resolve the DNS hostname of $Cname
                                try
                                {
                                    var CNameDNSName = System.Net.Dns.GetHostEntry(CName).HostName;
                                    UserLocation.SessionFromName = CNameDNSName;
                                }
                                catch
                                {
                                    UserLocation.SessionFromName = null;
                                }

                                // see if we're checking to see if we have local admin access on this machine
                                if (CheckAccess)
                                {
                                    var Admin = TestAdminAccess.Test_AdminAccess(new Args_Test_AdminAccess {
                                        ComputerName = new[] { CName }
                                    }).FirstOrDefault();
                                    UserLocation.LocalAdmin = Admin != null ? Admin.IsAdmin : false;
                                }
                                else
                                {
                                    UserLocation.LocalAdmin = false;
                                }
                                UserLocations.Add(UserLocation);
                            }
                        }
                    }
                    if (!Stealth)
                    {
                        // if we're not 'stealthy', enumerate loggedon users as well
                        var LoggedOn = GetNetLoggedon.Get_NetLoggedon(new Args_Get_NetLoggedon {
                            ComputerName = new[] { TargetComputer }
                        });
                        foreach (var User in LoggedOn)
                        {
                            var UserName   = User.UserName;
                            var UserDomain = User.LogonDomain;

                            // make sure wet have a result
                            if ((UserName != null) && (UserName.Trim() != ""))
                            {
                                if ((TargetUsers == null) || (TargetUsers.Contains(UserName)) && (!UserName.IsRegexMatch(@"\$$")))
                                {
                                    var IPAddress = ResolveIPAddress.Resolve_IPAddress(new Args_Resolve_IPAddress {
                                        ComputerName = new[] { TargetComputer }
                                    }).FirstOrDefault()?.IPAddress;
                                    var UserLocation = new UserLocation
                                    {
                                        UserDomain      = UserDomain,
                                        UserName        = UserName,
                                        ComputerName    = TargetComputer,
                                        IPAddress       = IPAddress,
                                        SessionFrom     = null,
                                        SessionFromName = null
                                    };

                                    // see if we're checking to see if we have local admin access on this machine
                                    if (CheckAccess)
                                    {
                                        var Admin = TestAdminAccess.Test_AdminAccess(new Args_Test_AdminAccess {
                                            ComputerName = new[] { TargetComputer }
                                        }).FirstOrDefault();
                                        UserLocation.LocalAdmin = Admin.IsAdmin;
                                    }
                                    else
                                    {
                                        UserLocation.LocalAdmin = false;
                                    }
                                    UserLocations.Add(UserLocation);
                                }
                            }
                        }
                    }
                }
            }

            if (TokenHandle != IntPtr.Zero)
            {
                InvokeRevertToSelf.Invoke_RevertToSelf(LogonToken);
            }
            return(UserLocations);
        }
Beispiel #2
0
 public static IEnumerable <ComputerIPAddress> Get_IPAddress(Args_Resolve_IPAddress args = null)
 {
     return(ResolveIPAddress.Resolve_IPAddress(args));
 }
Beispiel #3
0
        public static IEnumerable <ComputerSite> Get_NetComputerSiteName(Args_Get_NetComputerSiteName args = null)
        {
            if (args == null)
            {
                args = new Args_Get_NetComputerSiteName();
            }
            var LogonToken = IntPtr.Zero;

            if (args.Credential != null)
            {
                LogonToken = InvokeUserImpersonation.Invoke_UserImpersonation(new Args_Invoke_UserImpersonation {
                    Credential = args.Credential
                });
            }

            var ComputerSites = new List <ComputerSite>();

            foreach (var item in args.ComputerName)
            {
                string IPAddress;
                var    Computer = item;
                //if we get an IP address, try to resolve the IP to a hostname
                if (Computer.IsRegexMatch(@"^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$"))
                {
                    IPAddress = Computer;
                    Computer  = System.Net.Dns.GetHostEntry(Computer).HostName;
                }
                else
                {
                    IPAddress = ResolveIPAddress.Resolve_IPAddress(new Args_Resolve_IPAddress {
                        ComputerName = new[] { Computer }
                    }).First().IPAddress;
                }

                var PtrInfo = IntPtr.Zero;

                var Result = NativeMethods.DsGetSiteName(Computer, out PtrInfo);

                var ComputerSite = new ComputerSite
                {
                    ComputerName = Computer,
                    IPAddress    = IPAddress
                };

                if (Result == 0)
                {
                    var Sitename = System.Runtime.InteropServices.Marshal.PtrToStringAuto(PtrInfo);
                    ComputerSite.SiteName = Sitename;
                }
                else
                {
                    Logger.Write_Verbose($@"[Get-NetComputerSiteName] Error: {new System.ComponentModel.Win32Exception((int)Result).Message}");

                    ComputerSite.SiteName = @"";
                }

                // free up the result buffer
                NativeMethods.NetApiBufferFree(PtrInfo);

                ComputerSites.Add(ComputerSite);
            }
            if (LogonToken != IntPtr.Zero)
            {
                InvokeRevertToSelf.Invoke_RevertToSelf(LogonToken);
            }
            return(ComputerSites);
        }