Пример #1
0
        public void GetACL(string targetDn = null)
        {
            IDisplay   displayer = new DisplayDACL();
            DACLResult result    = new DACLResult();

            if (targetDn == null)
            {
                displayer.DisplayTitle("Interesting ACL on the Domain Object");
                var domainAcl = DACL.GetInterestingACLOnObject(Searcher.LdapInfo.RootDN);
                result.Result = new List <DACL> {
                    domainAcl
                };
                displayer.DisplayResult(result);

                displayer.DisplayTitle("Interesting ACL on Group Policy Objects");
                var gposDN = GPO.GetAllGPODNList();
                result.Result = AsyncCollection.GetInterestingACLAsync(gposDN).Result;
                displayer.DisplayResult(result);

                displayer.DisplayTitle("LAPS Password View Access");
                result.Result = DACL.GetLAPSACL();
                displayer.DisplayResult(result);
            }
            else
            {
                displayer.DisplayTitle($"DACL on {targetDn.ToUpper()}");
                result.Result = new List <DACL> {
                    DACL.GetACLOnObject(targetDn)
                };
                displayer.DisplayResult(result);
            }
        }
Пример #2
0
        public static void Collect(string title, List <DACL> dacl)
        {
            IDisplay displayer = new DisplayDACL();

            displayer.DisplayTitle(title);
            IResult result = new DACLResult {
                Result = dacl
            };

            displayer.DisplayResult(result);
        }
Пример #3
0
        public override void DisplayResult(IResult collectResult)
        {
            if (collectResult == null)
            {
                return;
            }
            DACLResult collectResults = (DACLResult)collectResult;

            if (collectResults.Result == null)
            {
                return;
            }

            foreach (var dacl in collectResults.Result)
            {
                if (dacl == null)
                {
                    continue;
                }
                Console.WriteLine("      - {0}", dacl.ObjectName);

                foreach (var ace in dacl.ACEs)
                {
                    int c = 0;
                    foreach (var attr in ace.Value)
                    {
                        if (c == 0)
                        {
                            Console.WriteLine("        {0, -36}      {1}", ace.Key, attr);
                        }
                        else
                        {
                            Console.WriteLine("        {0, -36}      {1}", string.Empty, attr);
                        }
                        c = 1;
                    }
                }
                Console.WriteLine();
            }
        }
Пример #4
0
        public void InvokeACLScan(string user)
        {
            if (user == null)
            {
                return;
            }
            var displayer = new DisplayDACL();

            displayer.DisplayTitle($"Interesting ACL for {user.ToUpper()}");
            DACLResult result = new DACLResult();

            var groups = new CollectNestedGroupMembership();

            groups.Collect(new NestedGMSearchString {
                SAMAccountName = user
            });
            var groupSIDs = CollectNestedGroupMembership.UserSIDNameDictionary[user.ToUpper()].Keys.ToList();

            result.Result = DACL.ACLScan(user, groupSIDs);

            displayer.DisplayResult(result);
        }