Exemplo n.º 1
0
 public void CheckLocalNesting(LocalSam samInfo)
 {
     foreach (GroupInfo ginfo in samInfo.Groups)
     {
         foreach (string sid in ginfo.SidList)
         {
             CheckAddGroup((SidInfo)ginfo);
         }
     }
 }
Exemplo n.º 2
0
        public void Load(string targetDC)
        {
            if (!Loaded)
            {
                Info.Clear();

                Info.AddFormatted("WhoAmI: {0}\r\n", GlobalUserStore.Name);

                List <SidInfo> tokengoups = GetTokenGroups(targetDC, GlobalUserStore.SDDLSid);

                SamInfo = new LocalSam();

                if (!SamInfo.IsDC && !SamInfo.Success)
                {
                    Info.Add("Failed to read local SAM -> eval will not be complete!");

                    GlobalEventHandler.RaiseDebugInfoOccured("Failed to read local SAM -> eval will not be complete!");
                }

                string uname = (GlobalUserStore.UPN != null) ? GlobalUserStore.UPN : GlobalUserStore.Name;

                TokenInfo = new TokenInformation(uname);

                if (!TokenInfo.Success)
                {
                    GlobalEventHandler.RaiseDebugInfoOccured("Failed to inspect token -> exiting WhoAmI!");

                    return;
                }

                if (SamInfo.IsDC || (!TokenInfo.Sid.StartsWith(SamInfo.MachineSid)))
                {
                    if (tokengoups.Count > 0)
                    {
                        TokenInfo.AddLdapGroups(tokengoups, SamInfo.IsDC);
                    }

                    else
                    {
                        Info.Add("Failed to read token from AD -> eval will not be complete!");

                        GlobalEventHandler.RaiseDebugInfoOccured("Failed to read token from AD -> eval will not be complete!");
                    }
                }

                if (!SamInfo.IsDC)
                {
                    TokenInfo.CheckLocalNesting(SamInfo);
                }

                TokenInformation temptoken = null;

                if (TokenInfo.IsElevated)
                {
                    URAInfoLocal = new UserRights();

                    temptoken = TokenInfo;

                    if (URAInfoLocal.Success)
                    {
                        foreach (PrivilegeAndPrincipals privinfo in URAInfoLocal.Privileges)
                        {
                            privinfo.CheckApplicability(ref temptoken);
                        }
                    }

                    string dcnb = (targetDC.Contains(".")) ? targetDC.Split('.')[0] : targetDC;

                    if (dcnb.ToLowerInvariant() != SamInfo.MachineName.ToLowerInvariant())
                    {
                        URAInfoRemote = new UserRights(targetDC);

                        if (URAInfoRemote.Success)
                        {
                            foreach (PrivilegeAndPrincipals privinfo in URAInfoRemote.Privileges)
                            {
                                privinfo.CheckApplicability(ref temptoken);
                            }
                        }
                    }

                    TokenInfo = temptoken;
                }


                if (GlobalUserStore.ShowGroups)
                {
                    Info.Add("\r\ngroups info:\r\n");

                    foreach (SidInfo group in TokenInfo.Groups)
                    {
                        Info.Add(group.ToString());
                    }
                }


                if (GlobalUserStore.ShowPrivs)
                {
                    Info.Add("\r\nprivileges info:\r\n");

                    foreach (PrivilegeInfo priv in TokenInfo.Privileges)
                    {
                        Info.Add(priv.ToString());
                    }
                }

                if (GlobalUserStore.ShowURA)
                {
                    Info.AddFormatted("\r\nuser rights assignments on {0}:\r\n", SamInfo.MachineName);

                    if (TokenInfo.IsElevated)
                    {
                        if (URAInfoLocal.Success)
                        {
                            foreach (PrivilegeAndPrincipals privinfo in URAInfoLocal.Privileges)
                            {
                                Info.Add(privinfo.ToString());
                            }
                        }

                        else
                        {
                            Info.AddRange(URAInfoLocal.Messages);
                        }

                        Info.AddFormatted("\r\nuser rights assignments on {0}:\r\n", targetDC);

                        if (URAInfoRemote != null)
                        {
                            if (URAInfoRemote.Success)
                            {
                                foreach (PrivilegeAndPrincipals privinfo in URAInfoRemote.Privileges)
                                {
                                    Info.Add(privinfo.ToString());
                                }
                            }

                            else
                            {
                                Info.AddRange(URAInfoRemote.Messages);
                            }
                        }

                        else
                        {
                            Info.Add("\tDid not evaluate - local and remote machine are the same");
                        }
                    }

                    else
                    {
                        Info.Add("\tThread is not elevated - cannot evaluate");
                    }
                }

                Loaded = true;
            }
        }