public static JObject AssessPrivRights(JToken privRights)
{
JObject jsonData = JankyDb.Instance;
JArray intPrivRights = (JArray)jsonData["privRights"];
// create an object to put the results in
JObject assessedPrivRights = new JObject();
//set an intentionally non-matchy domainSid value unless we doing online checks.
string domainSid = "X";
if (GlobalVar.OnlineChecks)
{
domainSid = LDAPstuff.GetDomainSid();
}
//iterate over the entries
foreach (JProperty privRight in privRights.Children <JProperty>())
{
// our interest level always starts at 1. Everything is boring until proven otherwise.
int interestLevel = 2;
foreach (JToken intPrivRight in intPrivRights)
{
// if the priv is interesting
if ((string)intPrivRight["privRight"] == privRight.Name)
{
//create a jobj to put the trustees into
JObject trustees = new JObject();
//then for each trustee it's granted to
if (privRight.Value is JArray)
{
foreach (JToken trusteeJToken in privRight.Value)
{
string trustee = trusteeJToken.ToString();
string trusteeClean = trustee.Trim('*');
trustees.Add(GlobalVar.OnlineChecks
? GetTrustee(trusteeClean)
: new JProperty(trusteeClean, "Unable to resolve SID"));
}
}
else
{
string trusteeClean = privRight.Value.ToString().Trim('*');
trustees.Add(GlobalVar.OnlineChecks
? GetTrustee(trusteeClean)
: new JProperty(trusteeClean, "Unable to resolve SID"));
}
// add the results to our jobj of trustees if they are interesting enough.
if (interestLevel >= GlobalVar.IntLevelToShow)
{
assessedPrivRights.Add(new JProperty(privRight.Name, trustees));
}
}
}
}
return(assessedPrivRights);
}
public static JObject AssessPrivRights(JToken privRights)
{
JObject jankyDb = JankyDb.Instance;
JArray intPrivRights = (JArray)jankyDb["privRights"];
// create an object to put the results in
JObject assessedPrivRights = new JObject();
//set an intentionally non-matchy domainSid value unless we doing online checks.
string domainSid = "X";
if (GlobalVar.OnlineChecks)
{
domainSid = LDAPstuff.GetDomainSid();
}
//iterate over the entries
foreach (JProperty privRight in privRights.Children <JProperty>())
{
foreach (JToken intPrivRight in intPrivRights)
{
// if the priv is interesting
if ((string)intPrivRight["privRight"] == privRight.Name)
{
bool privIsInteresting = false;
string privRightDesc = GetOsPrivDescription(privRight.Name);
if (privRightDesc.EndsWith("I"))
{
privRightDesc = privRightDesc.Trim('I');
privIsInteresting = true;
}
//create a jobj to put the trustees into
JObject trustees = new JObject();
//then for each trustee it's granted to
if (privRight.Value is JArray)
{
foreach (JToken trusteeJToken in privRight.Value)
{
int interestLevel = 3;
string trustee = trusteeJToken.ToString();
string trusteeClean = trustee.Trim('*');
string trusteeHighOrLow = Sid.GetWKSidHighOrLow(trusteeClean);
if ((trusteeHighOrLow == "Low") && privIsInteresting)
{
interestLevel = 10;
}
if (trusteeHighOrLow == "High")
{
interestLevel = 0;
}
if (interestLevel >= GlobalVar.IntLevelToShow)
{
try
{
trustees.Add(GetTrustee(trusteeClean));
}
catch (Exception e)
{
Utility.Output.DebugWrite(e.ToString());
}
}
}
}
else
{
int interestLevel = 2;
string trusteeClean = privRight.Value.ToString().Trim('*');
string trusteeHighOrLow = Sid.GetWKSidHighOrLow(trusteeClean);
if ((trusteeHighOrLow == "Low") && privIsInteresting)
{
interestLevel = 10;
}
if (trusteeHighOrLow == "High")
{
interestLevel = 0;
}
if (interestLevel >= GlobalVar.IntLevelToShow)
{
trustees.Add(GetTrustee(trusteeClean));
}
}
// add the results to our jobj of trustees if they are interesting enough.
if (trustees.HasValues)
{
trustees.Add("Description", privRightDesc);
assessedPrivRights.Add(new JProperty(privRight.Name, trustees));
}
}
}
}
return(assessedPrivRights);
}
public static JObject AssessPrivRights(JToken privRights)
{
JObject jsonData = JankyDb.Instance;
JArray intPrivRights = (JArray)jsonData["privRights"]["item"];
// create an object to put the results in
JObject assessedPrivRights = new JObject();
//set an intentionally non-matchy domainSid value unless we doing online checks.
string domainSid = "X";
if (GlobalVar.OnlineChecks)
{
domainSid = LDAPstuff.GetDomainSid();
}
//iterate over the entries
foreach (JProperty privRight in privRights.Children <JProperty>())
{
// our interest level always starts at 1. Everything is boring until proven otherwise.
int interestLevel = 1;
foreach (JToken intPrivRight in intPrivRights)
{
// if the priv is interesting
if ((string)intPrivRight["privRight"] == privRight.Name)
{
//create a jobj to put the trustees into
JObject trustees = new JObject();
//then for each trustee it's granted to
foreach (string trustee in privRight.Value)
{
string displayName = "unknown";
// clean up the trustee SID
string trusteeClean = trustee.Trim('*');
// check if it's a well known trustee in our JankyDB
JToken checkedSid = Utility.CheckSid(trusteeClean);
// extract some info if they match.
if (checkedSid != null)
{
displayName = (string)checkedSid["displayName"];
}
// if they don't match, try to resolve the sid with the domain.
// tbh it would probably be better to do this the other way around and prefer the resolved sid output over the contents of jankydb. @liamosaur?
else
{
if (GlobalVar.OnlineChecks)
{
try
{
if (trusteeClean.StartsWith(domainSid))
{
string resolvedSid = LDAPstuff.GetUserFromSid(trusteeClean);
displayName = resolvedSid;
}
}
catch (IdentityNotMappedException)
{
displayName = "Failed to resolve SID with domain.";
}
}
}
trustees.Add(trusteeClean, displayName);
}
// add the results to our jobj of trustees if they are interesting enough.
string matchedPrivRightName = privRight.Name;
if (interestLevel >= GlobalVar.IntLevelToShow)
{
assessedPrivRights.Add(matchedPrivRightName, trustees);
}
}
}
}
return(assessedPrivRights);
}