/// <summary>
/// Grabs computers names from the text file specified in the options, and attempts to resolve them to LDAP objects.
/// Pushes the corresponding LDAP objects to the queue.
/// </summary>
/// <param name="queue"></param>
/// <returns></returns>
protected override async Task ProduceLdap(ITargetBlock <SearchResultEntry> queue)
{
var computerFile = Options.Instance.ComputerFile;
var token = Helpers.GetCancellationToken();
OutputTasks.StartOutputTimer();
//Open the file for reading
using (var fileStream = new StreamReader(new FileStream(computerFile, FileMode.Open, FileAccess.Read)))
{
string computer;
// Loop over each line in the file
while ((computer = fileStream.ReadLine()) != null)
{
//If the cancellation token is set, cancel enumeration
if (token.IsCancellationRequested)
{
break;
}
string sid;
if (!computer.StartsWith("S-1-5-21"))
{
//The computer isn't a SID so try to convert it to one
sid = await ResolutionHelpers.ResolveHostToSid(computer, DomainName);
}
else
{
//The computer is already a sid, so just store it off
sid = computer;
}
try
{
//Convert the sid to a hex representation and find the entry in the domain
var hexSid = Helpers.ConvertSidToHexSid(sid);
var entry = await Searcher.GetOne($"(objectsid={hexSid})", Props, SearchScope.Subtree);
if (entry == null)
{
//We couldn't find the entry for whatever reason
Console.WriteLine($"Failed to resolve {computer}");
continue;
}
//Success! Send the computer to be processed
await queue.SendAsync(entry);
}
catch
{
Console.WriteLine($"Failed to resolve {computer}");
}
}
}
queue.Complete();
}
/// <summary>
/// Produces stealth LDAP targets
/// </summary>
/// <param name="queue"></param>
/// <returns></returns>
protected override async Task ProduceLdap(ITargetBlock <SearchResultEntry> queue)
{
var token = Helpers.GetCancellationToken();
//If we haven't generated our stealth targets, we'll build it now
if (!_stealthTargetsBuilt)
{
Console.WriteLine("[+] Finding Stealth Targets from LDAP Properties");
Console.WriteLine();
var targetSids = await FindPathTargetSids();
SetStealthTargetSids(targetSids);
_stealthTargetsBuilt = true;
OutputTasks.StartOutputTimer();
//Output our stealth targets to the queue
foreach (var searchResult in Searcher.QueryLdap(Query, Props, SearchScope.Subtree, Options.Instance.SearchBase))
{
if (token.IsCancellationRequested)
{
Console.WriteLine("[-] Terminating Producer as cancellation was requested. Waiting for pipeline to finish");
break;
}
await queue.SendAsync(searchResult);
}
queue.Complete();
}
else
{
// We've already built our stealth targets, and we're doing a loop
OutputTasks.StartOutputTimer();
var targets = new List <SearchResultEntry>();
targets.AddRange(_stealthTargetSids.Values);
if (!Options.Instance.ExcludeDomainControllers)
{
targets.AddRange(DomainControllerSids.Values);
}
foreach (var searchResult in targets)
{
if (token.IsCancellationRequested)
{
break;
}
await queue.SendAsync(searchResult);
}
queue.Complete();
}
}
protected override async Task ProduceLdap(ITargetBlock <SearchResultEntry> queue)
{
var token = Helpers.GetCancellationToken();
OutputTasks.StartOutputTimer();
foreach (var searchResult in Searcher.QueryLdap(Query, Props, SearchScope.Subtree))
{
if (token.IsCancellationRequested)
{
Console.WriteLine("[-] Terminating Producer as cancellation was requested. Waiting for pipeline to finish");
break;
}
await queue.SendAsync(searchResult);
}
queue.Complete();
}
/// <summary>
/// Uses the LDAP filter and properties specified to grab data from LDAP, and push it to the queue.
/// </summary>
/// <param name="queue"></param>
/// <returns></returns>
protected override async Task ProduceLdap(ITargetBlock <SearchResultEntry> queue)
{
var token = Helpers.GetCancellationToken();
OutputTasks.StartOutputTimer();
//Do a basic LDAP search and grab results
foreach (var searchResult in Searcher.QueryLdap(Query, Props, SearchScope.Subtree, Options.Instance.SearchBase))
{
//If our cancellation token is set, cancel out of our loop
if (token.IsCancellationRequested)
{
Console.WriteLine("[-] Terminating Producer as cancellation was requested. Waiting for pipeline to finish");
break;
}
await queue.SendAsync(searchResult);
}
queue.Complete();
}