fix: add antixss lib and escape cns for cert templates

SpecterOps · Nov 27, 2023 · 47f97f3 · 47f97f3
1 parent fc09732
commit 47f97f3
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/src/CommonLib/Processors/CertAbuseProcessor.cs b/src/CommonLib/Processors/CertAbuseProcessor.cs
@@ -10,6 +10,7 @@
 using SharpHoundCommonLib.OutputTypes;
 using SharpHoundRPC;
 using SharpHoundRPC.Wrappers;
+using Encoder = Microsoft.Security.Application.Encoder;
 
 namespace SharpHoundCommonLib.Processors
 {
@@ -174,7 +175,7 @@ public IEnumerable<TypedPrincipal> ProcessCertTemplates(string[] templates, stri
             var certTemplatesLocation = _utils.BuildLdapPath(DirectoryPaths.CertTemplateLocation, domainName);
             foreach (var templateCN in templates)
             {
-                var res = _utils.ResolveCertTemplateByProperty(templateCN, LDAPProperties.CanonicalName, certTemplatesLocation, domainName);
+                var res = _utils.ResolveCertTemplateByProperty(Encoder.LdapFilterEncode(templateCN), LDAPProperties.CanonicalName, certTemplatesLocation, domainName);
                 yield return res;
             }
         }
@@ -429,7 +430,7 @@ public EnrollmentAgentRestriction(QualifiedAce ace, string computerDomain, strin
                 var template = Encoding.Unicode.GetString(opaque, index, opaque.Length - index - 2).Replace("\u0000", string.Empty);
 
                 // Attempt to resolve the cert template by CN
-                Template = certAbuseProcessor._utils.ResolveCertTemplateByProperty(template, LDAPProperties.CanonicalName, certTemplatesLocation, computerDomain);
+                Template = certAbuseProcessor._utils.ResolveCertTemplateByProperty(Encoder.LdapFilterEncode(template), LDAPProperties.CanonicalName, certTemplatesLocation, computerDomain);
 
                 // Attempt to resolve the cert template by OID
                 if (Template == null)

diff --git a/src/CommonLib/SharpHoundCommonLib.csproj b/src/CommonLib/SharpHoundCommonLib.csproj
@@ -18,6 +18,7 @@
         <DebugType>full</DebugType>
     </PropertyGroup>
     <ItemGroup>
+        <PackageReference Include="AntiXSS" Version="4.3.0" />
         <PackageReference Include="Microsoft.Bcl.AsyncInterfaces" Version="5.0.0" />
         <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="5.0.0" />
     </ItemGroup>