コード例 #1
0
ファイル: FindDomainUser.cs プロジェクト: secau-perth/EDD
        string[] FindUser(List <string> computers, string username)
        {
            List <string> results = new List <string>();

            Amass findUser = new Amass();

            foreach (string computerHostName in computers)
            {
                List <Amass.WKSTA_USER_INFO_1> currentLoggedInAccounts = findUser.GetLoggedOnUsers(computerHostName);

                foreach (Amass.WKSTA_USER_INFO_1 loggedInHere in currentLoggedInAccounts)
                {
                    if (String.Equals(loggedInHere.wkui1_username, username, StringComparison.OrdinalIgnoreCase))
                    {
                        results.Add($"{loggedInHere.wkui1_username} is currently logged into {computerHostName}");
                    }
                }

                List <Amass.SESSION_INFO_10> currentSessionInfo = findUser.GetRemoteSessionInfo(computerHostName);

                foreach (Amass.SESSION_INFO_10 sessInformation in currentSessionInfo)
                {
                    if (String.Equals(sessInformation.sesi10_username, username, StringComparison.OrdinalIgnoreCase))
                    {
                        results.Add($"{sessInformation.sesi10_username} has a session on {computerHostName}");
                    }
                }
            }

            return(results.ToArray());
        }
コード例 #2
0
        public override string[] Execute(ParsedArgs args)
        {
            try
            {
                if (string.IsNullOrEmpty(args.ComputerName))
                {
                    throw new EDDException("ComputerName cannot be empty");
                }

                Amass loggedInInfo = new Amass();
                List <Amass.WKSTA_USER_INFO_1> loggedInAccounts = loggedInInfo.GetLoggedOnUsers(args.ComputerName);

                List <string> results = new List <string>();

                foreach (Amass.WKSTA_USER_INFO_1 sessionInformation in loggedInAccounts)
                {
                    results.Add($"Account Name: {sessionInformation.wkui1_username}");
                    results.Add($"Domain Used by Account: {sessionInformation.wkui1_logon_domain}");
                    results.Add($"Operating System Domains: {sessionInformation.wkui1_oth_domains}");
                    results.Add($"Logon server: {sessionInformation.wkui1_logon_server}");
                }

                return(results.ToArray());
            }
            catch (Exception e)
            {
                return(new string[] { "[X] Failure to enumerate info - " + e });
            }
        }
コード例 #3
0
        string[] FindMembersOfGroup(List <string> computers, string groupName)
        {
            try
            {
                List <string> results = new List <string>();

                Amass         findUser  = new Amass();
                List <string> groupList = findUser.GetDomainGroupMembers(groupName);

                foreach (string computerHostName in computers)
                {
                    List <Amass.WKSTA_USER_INFO_1> currentLoggedInAccounts = findUser.GetLoggedOnUsers(computerHostName);

                    foreach (string actualUser in groupList)
                    {
                        foreach (Amass.WKSTA_USER_INFO_1 loggedInHere in currentLoggedInAccounts)
                        {
                            if (String.Equals(loggedInHere.wkui1_username, actualUser, StringComparison.OrdinalIgnoreCase))
                            {
                                results.Add($"{loggedInHere.wkui1_username} is currently logged into {computerHostName}");
                            }
                        }
                    }

                    List <Amass.SESSION_INFO_10> currentSessionInfo = findUser.GetRemoteSessionInfo(computerHostName);

                    foreach (string actualDAAgain in groupList)
                    {
                        foreach (Amass.SESSION_INFO_10 sessInformation in currentSessionInfo)
                        {
                            if (String.Equals(sessInformation.sesi10_username, actualDAAgain, StringComparison.OrdinalIgnoreCase))
                            {
                                results.Add($"{sessInformation.sesi10_username} has a session on {computerHostName}");
                            }
                        }
                    }
                }

                return(results.ToArray());
            }
            catch (Exception e)
            {
                return(new string[] { "[X] Failure to enumerate info - " + e });
            }
        }