public void EnumerateLocalAdmins()
{
Console.WriteLine("Starting Local Admin Enumeration");
List <string> Domains = new List <string>();
if (options.SearchForest)
{
Domains = Helpers.GetForestDomains();
}
else if (options.Domain != null)
{
Domains.Add(Helpers.GetDomain(options.Domain).Name);
}
else
{
Domains.Add(Helpers.GetDomain().Name);
}
EnumerationQueue <LocalAdminInfo> outQueue = new EnumerationQueue <LocalAdminInfo>();
Writer w = new Writer();
Thread write = new Thread(unused => w.Write(outQueue, options));
write.Start();
foreach (String DomainName in Domains)
{
int count = 0;
string DomainSID = Helpers.GetDomainSid(DomainName);
EnumerationQueue <string> inQueue = new EnumerationQueue <string>();
DirectorySearcher searcher = Helpers.GetDomainSearcher(DomainName);
searcher.Filter = "(sAMAccountType=805306369)";
searcher.PropertiesToLoad.Add("dnshostname");
foreach (SearchResult x in searcher.FindAll())
{
var y = x.Properties["dnshostname"];
if (y.Count > 0)
{
inQueue.add(y[0].ToString());
count++;
}
}
options.WriteVerbose(String.Format("Enumerating {0} machines in domain {1}", count, DomainName));
searcher.Dispose();
for (int i = 0; i < options.Threads; i++)
{
inQueue.add(null);
}
List <Thread> threads = new List <Thread>();
for (int i = 0; i < options.Threads; i++)
{
Enumerator e = new Enumerator();
Thread consumer = new Thread(unused => e.ConsumeAndEnumerate(inQueue, outQueue, DomainSID));
consumer.Start();
threads.Add(consumer);
}
foreach (var t in threads)
{
t.Join();
}
}
outQueue.add(null);
write.Join();
}
