HealthCheckTrustData GetReverseTrust(HealthCheckTrustData trust)
{
HealthCheckTrustData output = new HealthCheckTrustData();
output.CreationDate = trust.CreationDate;
output.IsActive = trust.IsActive;
switch (trust.TrustDirection)
{
case 1:
output.TrustDirection = 2;
break;
case 2:
output.TrustDirection = 1;
break;
default:
output.TrustDirection = trust.TrustDirection;
break;
}
output.TrustPartner = Domain.DomainName;
output.SID = (!String.IsNullOrEmpty(Domain.DomainSID) ? Domain.DomainSID : null);
output.TrustAttributes = trust.TrustAttributes;
return(output);
}
public void SetTrustData(HealthCheckTrustData trust, bool isAuthoritative)
{
IsActive = trust.IsActive;
CreationDate = trust.CreationDate;
this.IsAuthoritative = isAuthoritative;
TrustDirection = trust.TrustDirection;
TrustAttributes = trust.TrustAttributes;
}
public GraphEdge(GraphNode source, GraphNode destination, HealthCheckTrustData trust, bool isAuthoritative)
{
if (trust != null)
{
SetTrustData(trust, isAuthoritative);
}
Source = source;
Destination = destination;
}
public void LinkTwoForests(GraphNode destination)
{
HealthCheckTrustData externalTrust = new HealthCheckTrustData();
externalTrust.TrustDirection = 3;
externalTrust.TrustAttributes = 8;
externalTrust.TrustPartner = destination.Domain.DomainName;
if (destination.Domain.DomainSID != null)
{
externalTrust.SID = destination.Domain.DomainSID;
}
externalTrust.CreationDate = DateTime.MinValue;
externalTrust.IsActive = true;
Link(destination, externalTrust, false);
}
// authoritative data is considered as coming from the AD directly
// non authoritative is deducted data
private void Link(GraphNode destination, HealthCheckTrustData trust, bool isAuthoritative)
{
//Trace.WriteLine("Linking " + Domain + " to " + destination.Domain);
if (!Trusts.ContainsKey(destination.Domain))
{
GraphEdge edge = new GraphEdge(this, destination, trust, isAuthoritative);
Trusts[destination.Domain] = edge;
edge = new GraphEdge(destination, this, GetReverseTrust(trust), false);
destination.Trusts[this.Domain] = edge;
}
else if (isAuthoritative)
{
Trusts[destination.Domain].SetAuthorativeTrustData(trust);
}
else
{
//Trace.WriteLine("non authoritative data & trust already exists");
}
}
public GraphNode Locate(HealthCheckTrustData trust)
{
return(Locate(trust.Domain));
}
public void SetAuthorativeTrustData(HealthCheckTrustData trust)
{
SetTrustData(trust, true);
}
// data from direct trust
public void Link(GraphNode destination, HealthCheckTrustData trust)
{
Link(destination, trust, true);
}
public PingCastleReportCollection <HealthcheckData> GenerateForest(int maxDomain = 15)
{
int numberDomains = rnd.Next(5, maxDomain > 15 ? 15 : maxDomain);
var children = new PingCastleReportCollection <HealthcheckData>();
// head of forest
var root = GenerateSingleReport(new FakeHealthCheckDataGeneratorDomainModel()
{
Size = DomainSizeModel.VerySmall
});
for (int i = 0; i < numberDomains; i++)
{
var child = GenerateSingleReport(new FakeHealthCheckDataGeneratorDomainModel()
{
Size = DomainSizeModel.Medium, Forest = root
});
children.Add(child);
}
foreach (var child in children)
{
// root trust
var trust = new HealthCheckTrustData();
trust.CreationDate = child.DomainCreation;
trust.IsActive = true;
trust.NetBiosName = child.NetBIOSName;
trust.SID = child.DomainSid;
trust.TrustDirection = 3;
trust.TrustAttributes = 32;
trust.TrustType = 2;
trust.TrustPartner = child.DomainFQDN;
trust.SID = child.DomainSid;
trust.KnownDomains = new List <HealthCheckTrustDomainInfoData>();
root.Trusts.Add(trust);
// child trust
trust = new HealthCheckTrustData();
trust.CreationDate = child.DomainCreation;
trust.IsActive = true;
trust.NetBiosName = root.NetBIOSName;
trust.SID = child.DomainSid;
trust.TrustDirection = 3;
trust.TrustAttributes = 32;
trust.TrustType = 2;
trust.TrustPartner = root.DomainFQDN;
trust.SID = root.DomainSid;
trust.KnownDomains = new List <HealthCheckTrustDomainInfoData>();
child.Trusts.Add(trust);
foreach (var child2 in children)
{
if (child2.DomainSid == child.DomainSid)
{
continue;
}
var kdomain = new HealthCheckTrustDomainInfoData();
kdomain.CreationDate = child2.DomainCreation;
kdomain.DnsName = child2.DomainFQDN;
kdomain.ForestName = child2.ForestFQDN;
kdomain.ForestNetbios = root.NetBIOSName;
kdomain.ForestSid = root.DomainSid;
kdomain.NetbiosName = child2.NetBIOSName;
kdomain.Sid = child2.DomainSid;
trust.KnownDomains.Add(kdomain);
}
}
// output all domains
children.Add(root);
return(children);
}
public PingCastleReportCollection <HealthcheckData> GenerateData(FakeHealthCheckDataGeneratorModel model)
{
var output = new PingCastleReportCollection <HealthcheckData>();
var num = 0;
while (num < model.NumberOfDomains - 1)
{
int value = rnd.Next(100);
if (value < 20 && model.NumberOfDomains - num > 6)
{
foreach (var d in GenerateForest(model.NumberOfDomains - num))
{
output.Add(d);
num++;
}
}
if (value < 60)
{
output.Add(GenerateSingleReport(new FakeHealthCheckDataGeneratorDomainModel()
{
Size = DomainSizeModel.Small
}));
num++;
}
else if (value < 80)
{
output.Add(GenerateSingleReport(new FakeHealthCheckDataGeneratorDomainModel()
{
Size = DomainSizeModel.Medium
}));
num++;
}
else
{
output.Add(GenerateSingleReport(new FakeHealthCheckDataGeneratorDomainModel()
{
Size = DomainSizeModel.Large
}));
num++;
}
}
int numberOfTrust = model.NumberOfDomains * model.TrustRatioInPercent / 100;
for (int i = 0; i < numberOfTrust; i++)
{
//take 2 random domains
int a = rnd.Next(output.Count);
int b = rnd.Next(output.Count);
while (a == b)
{
b = rnd.Next(output.Count);
}
var source = GetItem(output, a);
var destination = GetItem(output, b);
//bool forestTrust = false;
bool uniDirectional = false;
bool sidfiltering = false;
DateTime trustCreation = DateBetween2Dates(new DateTime(Math.Max(source.DomainCreation.Ticks, destination.DomainCreation.Ticks)), DateTime.Now);
var trust = new HealthCheckTrustData();
trust.CreationDate = trustCreation;
trust.IsActive = true;
trust.NetBiosName = destination.NetBIOSName;
trust.SID = destination.DomainSid;
trust.TrustDirection = (uniDirectional ? 1 : 3);
trust.TrustAttributes = (sidfiltering ? 4 : 0);
trust.TrustType = 2;
trust.TrustPartner = destination.DomainFQDN;
trust.SID = destination.DomainSid;
trust.KnownDomains = new List <HealthCheckTrustDomainInfoData>();
source.Trusts.Add(trust);
trust = new HealthCheckTrustData();
trust.CreationDate = trustCreation;
trust.IsActive = true;
trust.NetBiosName = source.NetBIOSName;
trust.SID = source.DomainSid;
trust.TrustDirection = (uniDirectional ? 2 : 3);
trust.TrustAttributes = (sidfiltering ? 4 : 0);
trust.TrustType = 2;
trust.TrustPartner = source.DomainFQDN;
trust.SID = source.DomainSid;
trust.KnownDomains = new List <HealthCheckTrustDomainInfoData>();
destination.Trusts.Add(trust);
}
return(output);
}
static public string GetTGTDelegation(HealthCheckTrustData trust)
{
return(GetTGTDelegation(trust.TrustDirection, trust.TrustAttributes));
}
static public string GetSIDFiltering(HealthCheckTrustData trust)
{
return(GetSIDFiltering(trust.TrustDirection, trust.TrustAttributes));
}
