// the host enumeration block we're using to enumerate all servers
private static IEnumerable <FoundFile> _Find_InterestingDomainShareFile(string[] ComputerName, string[] Include, string[] ExcludedShares, bool OfficeDocs, bool ExcludeHidden, bool FreshEXEs, bool CheckWriteAccess, DateTime?LastAccessTime, DateTime?LastWriteTime, DateTime?CreationTime, IntPtr TokenHandle)
{
var LogonToken = IntPtr.Zero;
if (TokenHandle != IntPtr.Zero)
{
// impersonate the the token produced by LogonUser()/Invoke-UserImpersonation
LogonToken = InvokeUserImpersonation.Invoke_UserImpersonation(new Args_Invoke_UserImpersonation
{
TokenHandle = TokenHandle,
Quiet = true
});
}
var FoundFiles = new List <FoundFile>();
foreach (var TargetComputer in ComputerName)
{
var SearchShares = new List <string>();
if (TargetComputer.StartsWith(@"\\"))
{
// if a share is passed as the server
SearchShares.Add(TargetComputer);
}
else
{
var Up = TestConnection.Ping(TargetComputer, 1);
if (Up)
{
// get the shares for this host and check what we find
var Shares = GetNetShare.Get_NetShare(new Args_Get_NetShare
{
ComputerName = new[] { TargetComputer }
});
foreach (var Share in Shares)
{
var ShareName = Share.Name;
var Path = @"\\" + TargetComputer + @"\" + ShareName;
// make sure we get a real share name back
if ((!string.IsNullOrEmpty(ShareName)) && (ShareName.Trim() != ""))
{
// skip this share if it's in the exclude list
if (!ExcludedShares.ContainsNoCase(ShareName))
{
// check if the user has access to this path
try
{
Directory.GetFiles(Path);
SearchShares.Add(Path);
}
catch
{
Logger.Write_Verbose($@"[!] No access to {Path}");
}
}
}
}
}
}
foreach (var Share in SearchShares)
{
Logger.Write_Verbose($@"Searching share: {Share}");
var SearchArgs = new Args_Find_InterestingFile
{
Path = new[] { Share },
Include = Include
};
if (OfficeDocs)
{
SearchArgs.OfficeDocs = OfficeDocs;
}
if (FreshEXEs)
{
SearchArgs.FreshEXEs = FreshEXEs;
}
if (LastAccessTime != null)
{
SearchArgs.LastAccessTime = LastAccessTime;
}
if (LastWriteTime != null)
{
SearchArgs.LastWriteTime = LastWriteTime;
}
if (CreationTime != null)
{
SearchArgs.CreationTime = CreationTime;
}
if (CheckWriteAccess)
{
SearchArgs.CheckWriteAccess = CheckWriteAccess;
}
FoundFiles.AddRange(Find_InterestingFile(SearchArgs));
}
}
if (TokenHandle != IntPtr.Zero)
{
InvokeRevertToSelf.Invoke_RevertToSelf(LogonToken);
}
return(FoundFiles);
}
// the host enumeration block we're using to enumerate all servers
private static IEnumerable <ShareInfo> _Find_DomainShare(string[] ComputerName, bool CheckShareAccess, IntPtr TokenHandle)
{
var LogonToken = IntPtr.Zero;
if (TokenHandle != IntPtr.Zero)
{
// impersonate the the token produced by LogonUser()/Invoke-UserImpersonation
LogonToken = InvokeUserImpersonation.Invoke_UserImpersonation(new Args_Invoke_UserImpersonation
{
TokenHandle = TokenHandle,
Quiet = true
});
}
var DomainShares = new List <ShareInfo>();
foreach (var TargetComputer in ComputerName)
{
var Up = TestConnection.Ping(TargetComputer, 1);
if (Up)
{
// get the shares for this host and check what we find
var Shares = GetNetShare.Get_NetShare(new Args_Get_NetShare
{
ComputerName = new[] { TargetComputer }
});
foreach (var Share in Shares)
{
var ShareName = Share.Name;
// $Remark = $Share.Remark
var Path = @"\\" + TargetComputer + @"\" + ShareName;
if ((!string.IsNullOrEmpty(ShareName)) && (ShareName.Trim() != ""))
{
// see if we want to check access to this share
if (CheckShareAccess)
{
// check if the user has access to this path
try
{
Directory.GetFiles(Path);
DomainShares.Add(Share);
}
catch (Exception e)
{
Logger.Write_Verbose($@"Error accessing share path {Path} : {e}");
}
}
else
{
DomainShares.Add(Share);
}
}
}
}
}
if (TokenHandle != IntPtr.Zero)
{
InvokeRevertToSelf.Invoke_RevertToSelf(LogonToken);
}
return(DomainShares);
}
