public void Ctor_Flags(SecurityMasks masks, byte[] expectedValue) { var control = new SecurityDescriptorFlagControl(masks); Assert.True(control.IsCritical); Assert.Equal(masks, control.SecurityMasks); Assert.True(control.ServerSide); Assert.Equal("1.2.840.113556.1.4.801", control.Type); Assert.Equal(expectedValue, control.GetValue()); }
public void Ctor_Default() { var control = new SecurityDescriptorFlagControl(); Assert.True(control.IsCritical); Assert.Equal(SecurityMasks.None, control.SecurityMasks); Assert.True(control.ServerSide); Assert.Equal("1.2.840.113556.1.4.801", control.Type); Assert.Equal(new byte[] { 48, 132, 0, 0, 0, 3, 2, 1, 0 }, control.GetValue()); }
public void Ctor_Default() { var control = new SecurityDescriptorFlagControl(); Assert.True(control.IsCritical); Assert.Equal(SecurityMasks.None, control.SecurityMasks); Assert.True(control.ServerSide); Assert.Equal("1.2.840.113556.1.4.801", control.Type); var expected = (RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) ? new byte[] { 48, 132, 0, 0, 0, 3, 2, 1, 0 } : new byte[] { 48, 3, 2, 1, 0 }; Assert.Equal(expected, control.GetValue()); }
private static SearchRequest GetRequest(string dn, string filter, string[] returnAttrs, SearchScope scope = SearchScope.Subtree) { var request = new SearchRequest(dn, filter, scope, returnAttrs); // turn off referral chasing so that data // from other partitions is not returned var searchControl = new SearchOptionsControl(SearchOption.DomainScope); //To retrieve nTSecurityDescriptor attribute https://github.com/BloodHoundAD/SharpHound3/blob/master/SharpHound3/DirectorySearch.cs#L157 var securityDescriptorFlagControl = new SecurityDescriptorFlagControl { SecurityMasks = SecurityMasks.Dacl | SecurityMasks.Owner }; request.Controls.Add(securityDescriptorFlagControl); request.Controls.Add(searchControl); return(request); }
/// <summary> /// Performs an LDAP search returning multiple objects/pages /// </summary> /// <param name="ldapFilter"></param> /// <param name="props"></param> /// <param name="scope"></param> /// <param name="adsPath"></param> /// <param name="globalCatalog"></param> /// <returns>An IEnumerable with search results</returns> internal IEnumerable <SearchResultEntry> QueryLdap(string ldapFilter, string[] props, SearchScope scope, string adsPath = null, bool globalCatalog = false) { var connection = globalCatalog ? GetGlobalCatalogConnection() : GetLdapConnection(); try { var searchRequest = CreateSearchRequest(ldapFilter, scope, props, adsPath); var pageRequest = new PageResultRequestControl(500); searchRequest.Controls.Add(pageRequest); var securityDescriptorFlagControl = new SecurityDescriptorFlagControl { SecurityMasks = SecurityMasks.Dacl | SecurityMasks.Owner }; searchRequest.Controls.Add(securityDescriptorFlagControl); while (true) { SearchResponse searchResponse; try { searchResponse = (SearchResponse)connection.SendRequest(searchRequest); } catch (Exception e) { //Console.WriteLine(ldapFilter); //Console.WriteLine("\nUnexpected exception occured:\n\t{0}: {1}", // e.GetType().Name, e.Message); yield break; } if (searchResponse.Controls.Length != 1 || !(searchResponse.Controls[0] is PageResultResponseControl)) { //Mq.Error("Server does not support paging"); yield break; } var pageResponse = (PageResultResponseControl)searchResponse.Controls[0]; foreach (SearchResultEntry entry in searchResponse.Entries) { yield return(entry); } if (pageResponse.Cookie.Length == 0) { break; } pageRequest.Cookie = pageResponse.Cookie; } } finally { if (!globalCatalog) { _connectionPool.Add(connection); } else { connection.Dispose(); } } }
public IEnumerable <SearchResultEntry> DoSearch(string filter, SearchScope scope, string[] props, string domainName = null, string adsPath = null, bool useGc = false) { Debug("Creating connection"); var conn = useGc ? GetGcConnection(domainName) : GetLdapConnection(domainName); if (conn == null) { Debug("Connection null"); yield break; } Debug("Getting search request"); var request = GetSearchRequest(filter, scope, props, domainName, adsPath); if (request == null) { Debug($"Unable to contact domain {domainName}"); Verbose($"Unable to contact domain {domainName}"); yield break; } Debug("Creating page control"); var prc = new PageResultRequestControl(500); request.Controls.Add(prc); if (IsMethodSet(ResolvedCollectionMethod.ACL)) { var sdfc = new SecurityDescriptorFlagControl { SecurityMasks = SecurityMasks.Dacl | SecurityMasks.Owner }; request.Controls.Add(sdfc); } PageResultResponseControl pageResponse = null; Debug("Starting loop"); while (true) { SearchResponse response; try { response = (SearchResponse)conn.SendRequest(request); if (response != null) { pageResponse = (PageResultResponseControl)response.Controls[0]; } } catch (Exception e) { Debug("Error in loop"); Debug(e.Message); yield break; } if (response == null || pageResponse == null) { continue; } foreach (SearchResultEntry entry in response.Entries) { yield return(entry); } if (pageResponse.Cookie.Length == 0 || response.Entries.Count == 0) { Debug("Loop finished"); yield break; } prc.Cookie = pageResponse.Cookie; } }
public IEnumerable <Wrapper <SearchResultEntry> > DoWrappedSearch(string filter, SearchScope scope, string[] props, string domainName = null, string adsPath = null, bool useGc = false) { var conn = useGc ? GetGcConnection(domainName) : GetLdapConnection(domainName); if (conn == null) { Verbose("Unable to contact LDAP"); yield break; } var request = GetSearchRequest(filter, scope, props, domainName, adsPath); if (request == null) { Verbose($"Unable to contact domain {domainName}"); yield break; } var prc = new PageResultRequestControl(500); request.Controls.Add(prc); if (IsMethodSet(ResolvedCollectionMethod.ACL)) { var sdfc = new SecurityDescriptorFlagControl { SecurityMasks = SecurityMasks.Dacl | SecurityMasks.Owner }; request.Controls.Add(sdfc); } PageResultResponseControl pageResponse = null; while (true) { SearchResponse response; try { response = (SearchResponse)conn.SendRequest(request); if (response != null) { pageResponse = (PageResultResponseControl)response.Controls[0]; } } catch (Exception e) { Debug("Exception in Domain Searcher."); Debug(e.Message); yield break; } if (response == null || pageResponse == null) { continue; } foreach (SearchResultEntry entry in response.Entries) { yield return(new Wrapper <SearchResultEntry> { Item = entry }); } if (pageResponse.Cookie.Length == 0) { break; } prc.Cookie = pageResponse.Cookie; } }
public IEnumerable <SearchResultEntry> DoSearch(string filter, SearchScope scope, string[] props, string domainName = null, string adsPath = null, bool useGc = false) { using (var conn = useGc ? GetGcConnection() : GetLdapConnection(domainName)) { if (conn == null) { yield break; } var request = GetSearchRequest(filter, scope, props, domainName, adsPath); if (request == null) { Verbose($"Unable to contact domain {domainName}"); yield break; } var prc = new PageResultRequestControl(500); request.Controls.Add(prc); if (_options.CollectMethod.Equals(CollectionMethod.ACL)) { var sdfc = new SecurityDescriptorFlagControl { SecurityMasks = SecurityMasks.Dacl | SecurityMasks.Owner }; request.Controls.Add(sdfc); } PageResultResponseControl pageResponse = null; while (true) { SearchResponse response; try { response = (SearchResponse)conn.SendRequest(request); if (response != null) { pageResponse = (PageResultResponseControl)response.Controls[0]; } } catch { yield break; } if (response == null || pageResponse == null) { continue; } foreach (SearchResultEntry entry in response.Entries) { yield return(entry); } if (pageResponse.Cookie.Length == 0 || response.Entries.Count == 0) { yield break; } prc.Cookie = pageResponse.Cookie; } } }