// the host enumeration block we're using to enumerate all servers
private static IEnumerable <UserLocation> _Find_DomainUserLocation(string[] ComputerName, string[] TargetUsers, string CurrentUser, bool Stealth, bool CheckAccess, IntPtr TokenHandle)
{
var LogonToken = IntPtr.Zero;
if (TokenHandle != IntPtr.Zero)
{
// impersonate the the token produced by LogonUser()/Invoke-UserImpersonation
LogonToken = InvokeUserImpersonation.Invoke_UserImpersonation(new Args_Invoke_UserImpersonation
{
TokenHandle = TokenHandle,
Quiet = true
});
}
var UserLocations = new List <UserLocation>();
foreach (var TargetComputer in ComputerName)
{
var Up = TestConnection.Ping(TargetComputer, 1);
if (Up)
{
var Sessions = GetNetSession.Get_NetSession(new Args_Get_NetSession {
ComputerName = new[] { TargetComputer }
});
foreach (var Session in Sessions)
{
var UserName = Session.UserName;
var CName = Session.CName;
if (!CName.IsNullOrEmpty() && CName.StartsWith(@"\\"))
{
CName = CName.TrimStart('\\');
}
// make sure we have a result, and ignore computer$ sessions
if ((UserName != null) && (UserName.Trim() != "") && (!UserName.IsRegexMatch(CurrentUser)) && (!UserName.IsRegexMatch(@"\$$")))
{
if ((TargetUsers == null) || (TargetUsers.Contains(UserName)))
{
var UserLocation = new UserLocation
{
UserDomain = null,
UserName = UserName,
ComputerName = TargetComputer,
SessionFrom = CName
};
// try to resolve the DNS hostname of $Cname
try
{
var CNameDNSName = System.Net.Dns.GetHostEntry(CName).HostName;
UserLocation.SessionFromName = CNameDNSName;
}
catch
{
UserLocation.SessionFromName = null;
}
// see if we're checking to see if we have local admin access on this machine
if (CheckAccess)
{
var Admin = TestAdminAccess.Test_AdminAccess(new Args_Test_AdminAccess {
ComputerName = new[] { CName }
}).FirstOrDefault();
UserLocation.LocalAdmin = Admin != null ? Admin.IsAdmin : false;
}
else
{
UserLocation.LocalAdmin = false;
}
UserLocations.Add(UserLocation);
}
}
}
if (!Stealth)
{
// if we're not 'stealthy', enumerate loggedon users as well
var LoggedOn = GetNetLoggedon.Get_NetLoggedon(new Args_Get_NetLoggedon {
ComputerName = new[] { TargetComputer }
});
foreach (var User in LoggedOn)
{
var UserName = User.UserName;
var UserDomain = User.LogonDomain;
// make sure wet have a result
if ((UserName != null) && (UserName.Trim() != ""))
{
if ((TargetUsers == null) || (TargetUsers.Contains(UserName)) && (!UserName.IsRegexMatch(@"\$$")))
{
var IPAddress = ResolveIPAddress.Resolve_IPAddress(new Args_Resolve_IPAddress {
ComputerName = new[] { TargetComputer }
}).FirstOrDefault()?.IPAddress;
var UserLocation = new UserLocation
{
UserDomain = UserDomain,
UserName = UserName,
ComputerName = TargetComputer,
IPAddress = IPAddress,
SessionFrom = null,
SessionFromName = null
};
// see if we're checking to see if we have local admin access on this machine
if (CheckAccess)
{
var Admin = TestAdminAccess.Test_AdminAccess(new Args_Test_AdminAccess {
ComputerName = new[] { TargetComputer }
}).FirstOrDefault();
UserLocation.LocalAdmin = Admin.IsAdmin;
}
else
{
UserLocation.LocalAdmin = false;
}
UserLocations.Add(UserLocation);
}
}
}
}
}
}
if (TokenHandle != IntPtr.Zero)
{
InvokeRevertToSelf.Invoke_RevertToSelf(LogonToken);
}
return(UserLocations);
}
public static IEnumerable <ComputerIPAddress> Get_IPAddress(Args_Resolve_IPAddress args = null)
{
return(ResolveIPAddress.Resolve_IPAddress(args));
}
public static IEnumerable <ComputerSite> Get_NetComputerSiteName(Args_Get_NetComputerSiteName args = null)
{
if (args == null)
{
args = new Args_Get_NetComputerSiteName();
}
var LogonToken = IntPtr.Zero;
if (args.Credential != null)
{
LogonToken = InvokeUserImpersonation.Invoke_UserImpersonation(new Args_Invoke_UserImpersonation {
Credential = args.Credential
});
}
var ComputerSites = new List <ComputerSite>();
foreach (var item in args.ComputerName)
{
string IPAddress;
var Computer = item;
//if we get an IP address, try to resolve the IP to a hostname
if (Computer.IsRegexMatch(@"^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$"))
{
IPAddress = Computer;
Computer = System.Net.Dns.GetHostEntry(Computer).HostName;
}
else
{
IPAddress = ResolveIPAddress.Resolve_IPAddress(new Args_Resolve_IPAddress {
ComputerName = new[] { Computer }
}).First().IPAddress;
}
var PtrInfo = IntPtr.Zero;
var Result = NativeMethods.DsGetSiteName(Computer, out PtrInfo);
var ComputerSite = new ComputerSite
{
ComputerName = Computer,
IPAddress = IPAddress
};
if (Result == 0)
{
var Sitename = System.Runtime.InteropServices.Marshal.PtrToStringAuto(PtrInfo);
ComputerSite.SiteName = Sitename;
}
else
{
Logger.Write_Verbose($@"[Get-NetComputerSiteName] Error: {new System.ComponentModel.Win32Exception((int)Result).Message}");
ComputerSite.SiteName = @"";
}
// free up the result buffer
NativeMethods.NetApiBufferFree(PtrInfo);
ComputerSites.Add(ComputerSite);
}
if (LogonToken != IntPtr.Zero)
{
InvokeRevertToSelf.Invoke_RevertToSelf(LogonToken);
}
return(ComputerSites);
}
