예제 #1
0
        public static DS_DOMAIN_TRUSTS[] GetDsEnumerateDomainTrusts()
        {
            string SourceDomainName = Searcher.LdapInfo.DomainName;

            logger.Debug($"Enumerating Domain Trust for {SourceDomainName}");

            uint   domainCount = 0;
            IntPtr BufferPtr   = new IntPtr();

            try
            {
                var result = DsEnumerateDomainTrusts(SourceDomainName, 63, out BufferPtr, out domainCount);
                logger.Debug($"{domainCount} Trust Domain(s) Enumerated");

                if ((domainCount > 0) && (result == 0))
                {
                    var BufferOffset = BufferPtr;
                    var trustResults = new DS_DOMAIN_TRUSTS[domainCount];

                    for (int i = 0; i < domainCount; i++)
                    {
                        trustResults[i] = (DS_DOMAIN_TRUSTS)Marshal.PtrToStructure(BufferOffset, typeof(DS_DOMAIN_TRUSTS));

                        BufferOffset = (IntPtr)(BufferOffset.ToInt64() + (long)Marshal.SizeOf(typeof(DS_DOMAIN_TRUSTS)));
                    }

                    NetApiBufferFree(BufferPtr);
                    return(trustResults);
                }
                return(null);
            }
            catch (Exception e)
            {
                logger.Error(e.Message);
                return(null);
            }
        }
예제 #2
0
        public List <Trust> AnalyzeTrust(DS_DOMAIN_TRUSTS[] trustResults)
        {
            if (trustResults == null)
            {
                return(null);
            }

            DS_DOMAIN_TRUSTS currentDomain = new DS_DOMAIN_TRUSTS();

            foreach (var domain in trustResults)
            {
                if (domain.DnsDomainName.ToUpper() == SourceDomainName.ToUpper())
                {
                    currentDomain = domain;
                    break;
                }
            }

            foreach (var trust in trustResults)
            {
                var dnsDomainName = trust.DnsDomainName;

                if (dnsDomainName.ToUpper() == SourceDomainName.ToUpper())
                {
                    continue;
                }

                var trustAttributes = (TrustAttributes)trust.TrustAttributes;
                var trustFlags      = (TrustFlags)trust.Flags;
                var netbiosName     = trust.NetbiosDomainName;
                //var domainSid = (new SecurityIdentifier(trust.DomainSid)).ToString();
                bool sidFiltering = trustAttributes.HasFlag(TrustAttributes.FilterSids) ? true : false;
                bool isTransitive = trustAttributes.HasFlag(TrustAttributes.NonTransitive) ? false : true;

                TrustDirection trustDirection;

                if (trustFlags.HasFlag(TrustFlags.DirectInBound) && trustFlags.HasFlag(TrustFlags.DirectOutBound))
                {
                    trustDirection = TrustDirection.BiDirectional;
                }
                else if (trustFlags.HasFlag(TrustFlags.DirectInBound))
                {
                    trustDirection = TrustDirection.InBound;
                }
                else if (trustFlags.HasFlag(TrustFlags.DirectOutBound))
                {
                    trustDirection = TrustDirection.OutBound;
                }
                else
                {
                    trustDirection = TrustDirection.Disable;
                }

                TrustType trustType;

                //If the target domain is the current tree root or if target domain is a child domain of the current domain
                if ((trustFlags.HasFlag(TrustFlags.TreeRoot) &&
                     trustFlags.HasFlag(TrustFlags.InForest) &&
                     (currentDomain.DnsDomainName.ToUpper().Contains(dnsDomainName.ToUpper()))) ||
                    (trustResults[trust.ParentIndex].DnsDomainName.ToUpper() == SourceDomainName.ToUpper()))
                {
                    trustType = TrustType.ParentChild;
                }
                else if (trustFlags.HasFlag(TrustFlags.TreeRoot) && trustFlags.HasFlag(TrustFlags.InForest))
                {
                    trustType = TrustType.TreeRoot;
                }
                else if (trustFlags.HasFlag(TrustFlags.InForest))
                {
                    trustType = TrustType.ShortCut;
                }
                else if (trustAttributes.HasFlag(TrustAttributes.ForestTransitive))
                {
                    trustType = TrustType.Forest;
                }
                else
                {
                    trustType = TrustType.External;
                }


                Trusts.Add(new Trust()
                {
                    SourceDomainName = SourceDomainName,
                    NetBIOSName      = netbiosName,
                    TargetDomainName = dnsDomainName,
                    //DomainSid = domainSid,
                    IsTransitive   = isTransitive,
                    TrustDirection = trustDirection,
                    TrustType      = trustType,
                    FilteringSID   = sidFiltering
                });
            }

            return(Trusts);
        }