public bool AnalysisTask <T>(string server) where T : IPingCastleReport
{
Trace.WriteLine("Working on " + server);
if (server == "*" && InteractiveMode)
{
Trace.WriteLine("Setting reachable domains to on because interactive + server = *");
AnalyzeReachableDomains = true;
}
if (server.Contains("*"))
{
List <string> domains = GetListOfDomainToExploreFromGenericName(server);
int i = 1;
foreach (var domain in domains)
{
Console.ForegroundColor = ConsoleColor.Yellow;
Console.WriteLine("");
string display = "Starting the report for " + domain + " (" + i++ + "/" + domains.Count + ")";
Console.WriteLine(display);
Console.WriteLine(new String('=', display.Length));
Console.ResetColor();
PerformTheAnalysis <T>(domain);
}
}
else
{
var data = PerformTheAnalysis <T>(server);
var hcData = data as HealthcheckData;
// do additional exploration based on trust results ?
if (hcData != null && (ExploreTerminalDomains || ExploreForestTrust))
{
if (hcData.Trusts != null)
{
List <string> domainToExamine = new List <string>();
foreach (var trust in hcData.Trusts)
{
string attributes = TrustAnalyzer.GetTrustAttribute(trust.TrustAttributes);
string direction = TrustAnalyzer.GetTrustDirection(trust.TrustDirection);
if (direction.Contains("Inbound") || direction.Contains("Disabled"))
{
continue;
}
if (attributes.Contains("Intra-Forest"))
{
continue;
}
// explore forest trust only if explore forest trust is set
if (attributes.Contains("Forest Trust"))
{
if (ExploreForestTrust)
{
if (!ShouldTheDomainBeNotExplored(trust.TrustPartner))
{
domainToExamine.Add(trust.TrustPartner);
}
if (trust.KnownDomains != null)
{
foreach (var di in trust.KnownDomains)
{
if (!ShouldTheDomainBeNotExplored(di.DnsName))
{
domainToExamine.Add(di.DnsName);
}
}
}
}
}
else
{
if (ExploreTerminalDomains)
{
if (!ShouldTheDomainBeNotExplored(trust.TrustPartner))
{
domainToExamine.Add(trust.TrustPartner);
}
}
}
}
Console.ForegroundColor = ConsoleColor.Yellow;
Console.WriteLine("List of domains that will be queried");
Console.ResetColor();
foreach (var domain in domainToExamine)
{
Console.WriteLine(domain);
}
foreach (string domain in domainToExamine)
{
PerformTheAnalysis <T>(domain);
}
}
}
return(hcData != null);
}
return(true);
}
private void GenerateTrustInformation()
{
List <string> knowndomains = new List <string>();
GenerateSubSection("Discovered domains");
Add(@"
<div class=""row"">
<div class=""col-md-12 table-responsive"">
<table class=""table table-striped table-bordered"">
<thead><tr>
<th>Domain</th>
<th>Trust Partner</th>
<th>Type</th>
<th>Attribut</th>
<th>Direction</th>
<th>SID Filtering active</th>
<th>TGT Delegation</th>
<th>Creation</th>
<th>Is Active ?</th>
</tr>
</thead>
<tbody>
");
foreach (HealthcheckData data in Report)
{
if (!knowndomains.Contains(data.DomainFQDN))
{
knowndomains.Add(data.DomainFQDN);
}
data.Trusts.Sort(
(HealthCheckTrustData a, HealthCheckTrustData b)
=>
{
return(String.Compare(a.TrustPartner, b.TrustPartner));
}
);
foreach (HealthCheckTrustData trust in data.Trusts)
{
if (!knowndomains.Contains(trust.TrustPartner))
{
knowndomains.Add(trust.TrustPartner);
}
Add(@"
<tr>
<td class='text'>" + PrintDomain(data.Domain) + @"</td>
<td class='text'>" + PrintDomain(trust.Domain) + @"</td>
<td class='text'>" + TrustAnalyzer.GetTrustType(trust.TrustType) + @"</td>
<td class='text'>" + TrustAnalyzer.GetTrustAttribute(trust.TrustAttributes) + @"</td>
<td class='text'>" + TrustAnalyzer.GetTrustDirection(trust.TrustDirection) + @"</td>
<td class='text'>" + TrustAnalyzer.GetSIDFiltering(trust) + @"</td>
<td class='text'>" + TrustAnalyzer.GetTGTDelegation(trust) + @"</td>
<td class='text'>" + trust.CreationDate.ToString("u") + @"</td>
<td class='text'>" + trust.IsActive + @"</td>
</tr>
");
}
}
Add(@"
</tbody>
</table>
</div>
</div>
");
GenerateSubSection("Other discovered domains");
Add(@"
<div class=""row"">
<div class=""col-md-12 table-responsive"">
<table class=""table table-striped table-bordered"">
<thead><tr>
<th>From</th>
<th>Reachable domain</th>
<th>Via</th>
<th>Netbios</th>
<th>Creation date</th>
</tr>
</thead>
<tbody>
");
foreach (HealthcheckData data in Report)
{
foreach (HealthCheckTrustData trust in data.Trusts)
{
if (trust.KnownDomains == null)
{
continue;
}
trust.KnownDomains.Sort((HealthCheckTrustDomainInfoData a, HealthCheckTrustDomainInfoData b)
=>
{
return(String.Compare(a.DnsName, b.DnsName));
}
);
foreach (HealthCheckTrustDomainInfoData di in trust.KnownDomains)
{
if (knowndomains.Contains(di.DnsName))
{
continue;
}
knowndomains.Add(di.DnsName);
Add(@"
<tr>
<td class='text'>" );
Add(PrintDomain(data.Domain));
Add(@"</td>
<td class='text'>" );
AddEncoded(di.DnsName);
Add(@"</td>
<td class='text'>" );
AddEncoded(trust.TrustPartner);
Add(@"</td>
<td class='text'>" );
AddEncoded(di.NetbiosName);
Add(@"</td>
<td class='text'>" );
Add(di.CreationDate);
Add(@"</td>
</tr>
");
}
}
}
foreach (HealthcheckData data in Report)
{
if (data.ReachableDomains != null)
{
foreach (HealthCheckTrustDomainInfoData di in data.ReachableDomains)
{
if (knowndomains.Contains(di.DnsName))
{
continue;
}
knowndomains.Add(di.DnsName);
Add(@"
<tr>
<td class='text'>" );
Add(PrintDomain(data.Domain));
Add(@"</td>
<td class='text'>" );
AddEncoded(di.DnsName);
Add(@"</td>
<td class='text'>Unknown</td>
<td class='text'>" );
AddEncoded(di.NetbiosName);
Add(@"</td>
<td class='text'>Unknown</td>
</tr>
");
}
}
}
Add(@"
</tbody>
</table>
</div>
</div>
");
// prepare a SID map to locate unknown account
SortedDictionary <string, string> sidmap = new SortedDictionary <string, string>();
GenerateSubSection("SID Map");
Add(@"
<div class=""row"">
<div class=""col-md-12 table-responsive"">
<table class=""table table-striped table-bordered"">
<thead><tr>
<th>Domain</th>
<th>Domain SID</th>
</tr>
</thead>
<tbody>
");
foreach (HealthcheckData data in Report)
{
if (!sidmap.ContainsKey(data.DomainFQDN) && !String.IsNullOrEmpty(data.DomainSid))
{
sidmap.Add(data.DomainFQDN, data.DomainSid);
}
foreach (HealthCheckTrustData trust in data.Trusts)
{
if (!sidmap.ContainsKey(trust.TrustPartner) && !String.IsNullOrEmpty(trust.SID))
{
sidmap.Add(trust.TrustPartner, trust.SID);
}
foreach (HealthCheckTrustDomainInfoData di in trust.KnownDomains)
{
if (!sidmap.ContainsKey(di.DnsName) && !String.IsNullOrEmpty(di.Sid))
{
sidmap.Add(di.DnsName, di.Sid);
}
}
}
}
foreach (HealthcheckData data in Report)
{
if (data.ReachableDomains != null)
{
foreach (HealthCheckTrustDomainInfoData di in data.ReachableDomains)
{
if (!sidmap.ContainsKey(di.DnsName) && !String.IsNullOrEmpty(di.Sid))
{
sidmap.Add(di.DnsName, di.Sid);
}
}
}
}
foreach (string domain in sidmap.Keys)
{
Add(@"
<tr>
<td class='text'>" );
AddEncoded(domain);
Add(@"</td>
<td class='text'>" );
Add(sidmap[domain]);
Add(@"</td>
</tr>
");
}
Add(@"
</tbody>
</table>
</div>
</div>
");
}
