Skip to content

Commit

Permalink
chore: use static initializer
Browse files Browse the repository at this point in the history
  • Loading branch information
rvazarkar committed Jul 26, 2024
1 parent ee6299a commit b659572
Showing 1 changed file with 37 additions and 17 deletions.
54 changes: 37 additions & 17 deletions src/CommonLib/Processors/LdapPropertyProcessor.cs
Original file line number Diff line number Diff line change
Expand Up @@ -11,17 +11,27 @@
using SharpHoundCommonLib.Enums;
using SharpHoundCommonLib.LDAPQueries;
using SharpHoundCommonLib.OutputTypes;

// ReSharper disable StringLiteralTypo

namespace SharpHoundCommonLib.Processors {
public class LdapPropertyProcessor {
private static readonly HashSet<string> ReservedAttributes = new HashSet<string>(CommonProperties.TypeResolutionProps
.Concat(CommonProperties.BaseQueryProps).Concat(CommonProperties.GroupResolutionProps)
.Concat(CommonProperties.ComputerMethodProps).Concat(CommonProperties.ACLProps)
.Concat(CommonProperties.ObjectPropsProps).Concat(CommonProperties.ContainerProps)
.Concat(CommonProperties.SPNTargetProps).Concat(CommonProperties.DomainTrustProps)
.Concat(CommonProperties.GPOLocalGroupProps).Concat(CommonProperties.CertAbuseProps)
.Concat(new string[] { LDAPProperties.DSASignature }));
private static readonly HashSet<string> ReservedAttributes = new();

static LdapPropertyProcessor() {
ReservedAttributes.IntersectWith(CommonProperties.TypeResolutionProps);
ReservedAttributes.IntersectWith(CommonProperties.BaseQueryProps);
ReservedAttributes.IntersectWith(CommonProperties.GroupResolutionProps);
ReservedAttributes.IntersectWith(CommonProperties.ComputerMethodProps);
ReservedAttributes.IntersectWith(CommonProperties.ACLProps);
ReservedAttributes.IntersectWith(CommonProperties.ObjectPropsProps);
ReservedAttributes.IntersectWith(CommonProperties.ContainerProps);
ReservedAttributes.IntersectWith(CommonProperties.SPNTargetProps);
ReservedAttributes.IntersectWith(CommonProperties.DomainTrustProps);
ReservedAttributes.IntersectWith(CommonProperties.GPOLocalGroupProps);
ReservedAttributes.IntersectWith(CommonProperties.CertAbuseProps);
ReservedAttributes.Add(LDAPProperties.DSASignature);
}

private readonly ILdapUtils _utils;

Expand Down Expand Up @@ -177,7 +187,7 @@ public async Task<UserProperties> ReadUserProperties(IDirectoryObject entry, str
}

props.Add("lastlogon", Helpers.ConvertFileTimeToUnixEpoch(lastLogon));

if (!entry.TryGetProperty(LDAPProperties.LastLogonTimestamp, out var lastLogonTimeStamp)) {
lastLogonTimeStamp = null;
}
Expand All @@ -187,6 +197,7 @@ public async Task<UserProperties> ReadUserProperties(IDirectoryObject entry, str
if (!entry.TryGetProperty(LDAPProperties.PasswordLastSet, out var passwordLastSet)) {
passwordLastSet = null;
}

props.Add("pwdlastset",
Helpers.ConvertFileTimeToUnixEpoch(passwordLastSet));
entry.TryGetArrayProperty(LDAPProperties.ServicePrincipalNames, out var spn);
Expand Down Expand Up @@ -255,7 +266,7 @@ public async Task<ComputerProperties> ReadComputerProperties(IDirectoryObject en
props.Add("unconstraineddelegation", flags.HasFlag(UacFlags.TrustedForDelegation));
props.Add("trustedtoauth", flags.HasFlag(UacFlags.TrustedToAuthForDelegation));
props.Add("isdc", flags.HasFlag(UacFlags.ServerTrustAccount));

var comps = new List<TypedPrincipal>();
if (flags.HasFlag(UacFlags.TrustedToAuthForDelegation) &&
entry.TryGetArrayProperty(LDAPProperties.AllowedToDelegateTo, out var delegates)) {
Expand Down Expand Up @@ -356,7 +367,7 @@ public static Dictionary<string, object> ReadRootCAProperties(IDirectoryObject e
props.Add("hasbasicconstraints", cert.HasBasicConstraints);
props.Add("basicconstraintpathlength", cert.BasicConstraintPathLength);
}

return props;
}

Expand All @@ -367,7 +378,7 @@ public static Dictionary<string, object> ReadRootCAProperties(IDirectoryObject e
/// <returns>Returns a dictionary with the common properties and the crosscertificatepair property of the AICA</returns>
public static Dictionary<string, object> ReadAIACAProperties(IDirectoryObject entry) {
var props = GetCommonProps(entry);
entry.TryGetByteArrayProperty(LDAPProperties.CrossCertificatePair, out var crossCertificatePair);
entry.TryGetByteArrayProperty(LDAPProperties.CrossCertificatePair, out var crossCertificatePair);
var hasCrossCertificatePair = crossCertificatePair.Length > 0;

props.Add("crosscertificatepair", crossCertificatePair);
Expand All @@ -388,7 +399,8 @@ public static Dictionary<string, object> ReadAIACAProperties(IDirectoryObject en

public static Dictionary<string, object> ReadEnterpriseCAProperties(IDirectoryObject entry) {
var props = GetCommonProps(entry);
if (entry.TryGetIntProperty("flags", out var flags)) props.Add("flags", (PKICertificateAuthorityFlags)flags);
if (entry.TryGetIntProperty("flags", out var flags))
props.Add("flags", (PKICertificateAuthorityFlags)flags);
props.Add("caname", entry.GetProperty(LDAPProperties.Name));
props.Add("dnshostname", entry.GetProperty(LDAPProperties.DNSHostName));

Expand Down Expand Up @@ -462,7 +474,8 @@ public static Dictionary<string, object> ReadCertTemplateProperties(IDirectoryOb

entry.TryGetArrayProperty(LDAPProperties.ExtendedKeyUsage, out var ekus);
props.Add("ekus", ekus);
entry.TryGetArrayProperty(LDAPProperties.CertificateApplicationPolicy, out var certificateApplicationPolicy);
entry.TryGetArrayProperty(LDAPProperties.CertificateApplicationPolicy,
out var certificateApplicationPolicy);
props.Add("certificateapplicationpolicy", certificateApplicationPolicy);

entry.TryGetArrayProperty(LDAPProperties.CertificatePolicy, out var certificatePolicy);
Expand All @@ -478,7 +491,7 @@ public static Dictionary<string, object> ReadCertTemplateProperties(IDirectoryOb
}

entry.TryGetArrayProperty(LDAPProperties.ApplicationPolicies, out var appPolicies);

props.Add("applicationpolicies",
ParseCertTemplateApplicationPolicies(appPolicies,
schemaVersion, hasUseLegacyProvider));
Expand Down Expand Up @@ -542,21 +555,28 @@ public Dictionary<string, object> ParseAllProperties(IDirectoryObject entry) {
if (entry.TryGetByteProperty(property, out var testBytes)) {
if (testBytes == null || testBytes.Length == 0) {
continue;
};
}

;
// SIDs
try {
var sid = new SecurityIdentifier(testBytes, 0);
props.Add(property, sid.Value);
continue;
} catch { /* Ignore */ }
} catch {
/* Ignore */
}

// GUIDs
try {
var guid = new Guid(testBytes);
props.Add(property, guid.ToString());
continue;
} catch { /* Ignore */ }
} catch {
/* Ignore */
}
}

if (entry.TryGetArrayProperty(property, out var arr) && arr.Length > 0) {
props.Add(property, arr.Select(BestGuessConvert).ToArray());
}
Expand Down

0 comments on commit b659572

Please sign in to comment.