public void GetDomainTrusts() { Console.WriteLine("Starting Domain Trust Enumeration"); Domain CurrentDomain; CurrentDomain = Helpers.GetDomain(); if (CurrentDomain == null) { Console.WriteLine("Bad Domain for GetDomainTrusts"); return; } Tracker.Push(Helpers.GetDomain()); while (Tracker.Count > 0) { CurrentDomain = Tracker.Pop(); if (SeenDomains.Contains(CurrentDomain.Name)) { continue; } if (CurrentDomain == null) { continue; } options.WriteVerbose("Enumerating trusts for " + CurrentDomain.Name); SeenDomains.Add(CurrentDomain.Name); TrustRelationshipInformationCollection Trusts = GetNetDomainTrust(CurrentDomain); foreach (TrustRelationshipInformation Trust in Trusts) { DomainTrust dt = new DomainTrust(); dt.SourceDomain = Trust.SourceName; dt.TargetDomain = Trust.TargetName; dt.TrustType = Trust.TrustType; dt.TrustDirection = Trust.TrustDirection; EnumeratedTrusts.Add(dt); try { Domain Tar = Helpers.GetDomain(Trust.TargetName); if (Tar != null) { Tracker.Push(Tar); } } catch { options.WriteVerbose("Unable to contact " + Trust.TargetName + " to enumerate trusts."); } } } using (StreamWriter writer = new StreamWriter(options.GetFilePath("trusts.csv"))) { writer.WriteLine("SourceDomain,TargetDomain,TrustDirection,TrustType,Transitive"); foreach (DomainTrust d in EnumeratedTrusts) { writer.WriteLine(d.ToCSV()); } } }
public void EnumerateGroupMembership() { EnumerationData data = new EnumerationData(); Console.WriteLine("Starting Group Member Enumeration"); List <string> Domains = new List <string>(); String[] props = new String[] { "samaccountname", "distinguishedname", "cn", "dnshostname", "samaccounttype", "primarygroupid", "memberof" }; if (options.SearchForest) { Domains = Helpers.GetForestDomains(); } else if (options.Domain != null) { Domains.Add(Helpers.GetDomain(options.Domain).Name); } else { Domains.Add(Helpers.GetDomain().Name); } Writer w = new Writer(options); Thread write = new Thread(unused => w.Write()); write.Start(); Stopwatch watch = Stopwatch.StartNew(); foreach (string DomainName in Domains) { Console.WriteLine("Starting Group Membership Enumeration for " + DomainName); string DomainSid = Helpers.GetDomainSid(DomainName); EnumerationData.Reset(); EnumerationData.DomainName = DomainName; EnumerationData.DomainSID = DomainSid; DirectorySearcher DomainSearcher = Helpers.GetDomainSearcher(DomainName); DomainSearcher.Filter = "(memberof=*)"; DomainSearcher.PropertiesToLoad.AddRange(props); ManualResetEvent[] doneEvents = new ManualResetEvent[options.Threads]; SearchResultCollection coll = DomainSearcher.FindAll(); for (int i = 0; i < options.Threads; i++) { doneEvents[i] = new ManualResetEvent(false); Enumerator e = new Enumerator(doneEvents[i], options); Thread consumer = new Thread(unused => e.ThreadCallback()); consumer.Start(); } int lTotal = 0; foreach (SearchResult r in coll) { lTotal += 1; EnumerationData.SearchResults.Enqueue(r); } DomainSearcher.Dispose(); EnumerationData.total = lTotal; EnumerationData.SearchResults.Enqueue(null); WaitHandle.WaitAll(doneEvents); Console.WriteLine(String.Format("Done group enumeration for domain {0} with {1} objects", DomainName, EnumerationData.count)); } watch.Stop(); Console.WriteLine("Group Member Enumeration done in " + watch.Elapsed); EnumerationData.EnumResults.Enqueue(null); write.Join(); }