public ExportDataFromActiveDirectoryLive(string server, int port, NetworkCredential credential) { Server = server; Port = port; Credential = credential; Storage = new LiveDataStorage(); }
private void AddTrustedDomains(LiveDataStorage storage) { storage.KnownDomains.Clear(); List <DataStorageDomainTrusts> domains; List <SecurityIdentifier> KnownSID = new List <SecurityIdentifier>(); domains = GetAllDomainTrusts(Server); storage.KnownDomains.AddRange(domains); KnownSID.AddRange(domains.ConvertAll(x => x.DomainSid)); var domainLocator = new DomainLocator(Server); foreach (var node in storage.nodes.Values) { if (!String.IsNullOrEmpty(node.Sid) && node.Sid.StartsWith("S-1-5-21-") && node.Shortname.Contains("\\")) { var sid = new SecurityIdentifier(node.Sid); var domainSid = sid.AccountDomainSid; if (!KnownSID.Contains(domainSid)) { string domainName; string forestName; string NetbiosName = node.Shortname.Split('\\')[0]; if (domainLocator.LocateDomainFromNetbios(NetbiosName, out domainName, out forestName)) { KnownSID.Add(domainSid); storage.KnownDomains.Add(new DataStorageDomainTrusts() { DnsDomainName = domainName, DomainSid = domainSid, NetbiosDomainName = NetbiosName, } ); } } } } }
int AnalyzeMissingObjets(ADWebService adws, ADDomainInfo domainInfo, RelationFactory relationFactory, LiveDataStorage Storage) { int num = 0; while (true) { List <string> cns = Storage.GetCNToInvestigate(); if (cns.Count > 0) { num += cns.Count; ExportCNData(adws, domainInfo, relationFactory, cns); } List <string> sids = Storage.GetSIDToInvestigate(); if (sids.Count > 0) { num += sids.Count; ExportSIDData(adws, domainInfo, relationFactory, sids); } List <int> primaryGroupId = Storage.GetPrimaryGroupIDToInvestigate(); if (primaryGroupId.Count > 0) { num += primaryGroupId.Count; ExportPrimaryGroupData(adws, domainInfo, relationFactory, primaryGroupId); } if (cns.Count == 0 && sids.Count == 0 && primaryGroupId.Count == 0) { return(num); } } }
private void ExportReportData(ADWebService adws, ADDomainInfo domainInfo, RelationFactory relationFactory, LiveDataStorage storage, GraphObjectReference objectReference, List <string> UsersToInvestigate) { ADItem aditem = null; foreach (var typology in objectReference.Objects.Keys) { var toDelete = new List <GraphSingleObject>(); foreach (var obj in objectReference.Objects[typology]) { DisplayAdvancement("Working on " + obj.Description); aditem = Search(adws, domainInfo, obj.Name); if (aditem != null) { relationFactory.AnalyzeADObject(aditem); } else { Trace.WriteLine("Unable to find the user: "******"Working on " + user); aditem = Search(adws, domainInfo, user); if (aditem != null) { objectReference.Objects[Data.CompromiseGraphDataTypology.UserDefined].Add(new GraphSingleObject(user, user)); relationFactory.AnalyzeADObject(aditem); } else { Trace.WriteLine("Unable to find the user: " + user); } } AnalyzeMissingObjets(adws, domainInfo, relationFactory, storage); relationFactory.InsertFiles(); AnalyzeMissingObjets(adws, domainInfo, relationFactory, storage); }