PingCastle 2.10.0.0

netwrix · Aug 6, 2021 · 8bf9e98 · 8bf9e98
1 parent c99d964
commit 8bf9e98
Show file tree

Hide file tree

Showing 199 changed files with 3,980 additions and 729 deletions.
diff --git a/ADWS/ADConnection.cs b/ADWS/ADConnection.cs
@@ -53,6 +53,7 @@ public static string EncodeSidToString(string sid)
         {
             try
             {
+                Trace.WriteLine("Encoding sid: " + sid);
                 var realsid = new System.Security.Principal.SecurityIdentifier(sid);
                 var bytesid = new byte[realsid.BinaryLength];
                 realsid.GetBinaryForm(bytesid, 0);
@@ -71,5 +72,8 @@ public static string EncodeSidToString(string sid)
 
         public abstract IFileConnection FileConnection {get;}
 
+
+
+        public abstract void ThreadInitialization();
     }
 }
diff --git a/ADWS/ADItem.cs b/ADWS/ADItem.cs
@@ -131,6 +131,8 @@ static ADItem()
         public string AttributeID { get; set; }
         [ADAttributeAttribute("cACertificate", ADAttributeValueKind.CertificateStore)]
         public X509Certificate2Collection CACertificate { get; set; }
+        [ADAttributeAttribute("certificateTemplates", ADAttributeValueKind.StringArrayValue)]
+        public string[] CertificateTemplates { get; set; }
         [ADAttributeAttribute("description", ADAttributeValueKind.StringValue)]
         public string Description { get; set; }
         [ADAttributeAttribute("displayName", ADAttributeValueKind.StringValue)]
@@ -171,8 +173,12 @@ static ADItem()
         public ActiveDirectorySecurity msDSAllowedToActOnBehalfOfOtherIdentity { get; set; }
         [ADAttributeAttribute("msDS-AllowedToDelegateTo", ADAttributeValueKind.StringArrayValue)]
         public string[] msDSAllowedToDelegateTo { get; set; }
+        [ADAttributeAttribute("mS-DS-CreatorSID", ADAttributeValueKind.SIDValue)]
+        public SecurityIdentifier msDSCreatorSID { get; set; }
         [ADAttributeAttribute("msDS-EnabledFeature", ADAttributeValueKind.StringArrayValue)]
         public string[] msDSEnabledFeature { get; set; }
+        [ADAttributeAttribute("msDS-IntId", ADAttributeValueKind.IntValue)]
+        public int msDSIntId { get; set; }
         [ADAttributeAttribute("msDS-SupportedEncryptionTypes", ADAttributeValueKind.IntValue)]
         public int msDSSupportedEncryptionTypes { get; set; }
         [ADAttributeAttribute("msDS-MinimumPasswordAge", ADAttributeValueKind.LongValue)]
@@ -203,6 +209,18 @@ static ADItem()
         public string[] msDSNeverRevealGroup { get; set; }
         [ADAttributeAttribute("msDS-TrustForestTrustInfo", ADAttributeValueKind.ForestInfoValue)]
         public List<HealthCheckTrustDomainInfoData> msDSTrustForestTrustInfo { get; set; }
+        [ADAttributeAttribute("msPKI-Certificate-Name-Flag", ADAttributeValueKind.IntValue)]
+        public int msPKICertificateNameFlag { get; set; }
+        [ADAttributeAttribute("msPKI-Cert-Template-OID", ADAttributeValueKind.StringValue)]
+        public string msPKICertTemplateOID { get; set; }
+        [ADAttributeAttribute("msPKI-Enrollment-Flag", ADAttributeValueKind.IntValue)]
+        public int msPKIEnrollmentFlag { get; set; }
+        [ADAttributeAttribute("msPKI-Private-Key-Flag", ADAttributeValueKind.IntValue)]
+        public int msPKIPrivateKeyFlag { get; set; }
+        [ADAttributeAttribute("msPKI-RA-Application-Policies", ADAttributeValueKind.StringValue)]
+        public string msPKIRAApplicationPolicies { get; set; }
+        [ADAttributeAttribute("msPKI-Template-Schema-Version", ADAttributeValueKind.IntValue)]
+        public int msPKITemplateSchemaVersion { get; set; }
         [ADAttributeAttribute("msiFileList", ADAttributeValueKind.StringArrayValue)]
         public string[] msiFileList { get; set; }
         [ADAttributeAttribute("name", ADAttributeValueKind.StringValue)]
@@ -217,6 +235,12 @@ static ADItem()
         public int ObjectVersion { get; set; }
         [ADAttributeAttribute("operatingSystem", ADAttributeValueKind.StringValue)]
         public string OperatingSystem { get; set; }
+        [ADAttributeAttribute("operatingSystemVersion", ADAttributeValueKind.StringValue)]
+        public string OperatingSystemVersion { get; set; }
+        [ADAttributeAttribute("pKIExtendedKeyUsage", ADAttributeValueKind.StringArrayValue)]
+        public string[] pKIExtendedKeyUsage { get; set; }
+        [ADAttributeAttribute("possSuperiors", ADAttributeValueKind.StringArrayValue)]
+        public string[] possSuperiors { get; set; }
         [ADAttributeAttribute("primaryGroupID", ADAttributeValueKind.IntValue)]
         public int PrimaryGroupID { get; set; }
         [ADAttributeAttribute("pwdLastSet", ADAttributeValueKind.DateValue)]
@@ -239,6 +263,8 @@ static ADItem()
         public string SiteObject { get; set; }
         [ADAttributeAttribute("siteObjectBL", ADAttributeValueKind.StringArrayValue)]
         public string[] SiteObjectBL { get; set; }
+        [ADAttributeAttribute("subClassOf", ADAttributeValueKind.StringValue)]
+        public string subClassOf { get; set; }
         [ADAttributeAttribute("trustAttributes", ADAttributeValueKind.IntValue)]
         public int TrustAttributes { get; set; }
         [ADAttributeAttribute("trustDirection", ADAttributeValueKind.IntValue)]

diff --git a/ADWS/ADWSConnection.cs b/ADWS/ADWSConnection.cs
@@ -351,7 +351,7 @@ private void EnumerateInternalWithADWS(string distinguishedName, string filter,
 				Trace.WriteLine("[" + DateTime.Now.ToLongTimeString() + "]Getting Enumerate page " + pagenum);
 				Pull pull = new Pull();
 				pull.EnumerationContext = enumerateResponse.EnumerationContext;
-				pull.MaxElements = "500";
+                pull.MaxElements = LDAPConnection.PageSize.ToString();
 				if (nTSecurityDescriptor || DomainScope)
 				{
 
@@ -451,11 +451,16 @@ public override IFileConnection FileConnection
             get
             {
                 if (fileConnection == null)
-                    fileConnection = new WindowsFileConnection(this.Credential);
+                    fileConnection = new WindowsFileConnection(this.Credential, Server);
                 return fileConnection;
             }
         }
 
+        public override void ThreadInitialization()
+        {
+            FileConnection.ThreadInitialization();
+        }
+
         void CleanConnection<TChannel>(ClientBase<TChannel> c) where TChannel : class
         {
             if (c != null)

diff --git a/ADWS/ADWebService.cs b/ADWS/ADWebService.cs
@@ -330,6 +330,11 @@ public IFileConnection FileConnection
             }
         }
 
+        public void ThreadInitialization()
+        {
+            connection.ThreadInitialization();
+        }
+
         #region IDispose
         public void Dispose()
         {
@@ -370,6 +375,5 @@ protected virtual void Dispose(bool disposing)
             Dispose(false);
         }
         #endregion IDispose
-
     }
 }
diff --git a/ADWS/IADConnection.cs b/ADWS/IADConnection.cs
@@ -14,5 +14,7 @@ public interface IADConnection
 
         IFileConnection FileConnection { get; }
 
+        void ThreadInitialization();
+
     }
 }
diff --git a/ADWS/LDAPConnection.cs b/ADWS/LDAPConnection.cs
@@ -21,6 +21,7 @@ public LDAPConnection(string server, int port, NetworkCredential credential)
             Port = port;
             Credential = credential;
         }
+        public static int PageSize = 500;
 
         public override void Enumerate(string distinguishedName, string filter, string[] properties, WorkOnReturnedObjectByADWS callback, string scope)
         {
@@ -49,7 +50,7 @@ private void EnumerateInternalWithLDAP(string distinguishedName, string filter,
                 DirectorySearcher clsDS = new DirectorySearcher(entry);
                 clsDS.SearchRoot = entry;
                 clsDS.Filter = filter;
-                clsDS.PageSize = 500;
+                clsDS.PageSize = PageSize;
                 switch (scope)
                 {
                     case "OneLevel":
@@ -77,8 +78,37 @@ private void EnumerateInternalWithLDAP(string distinguishedName, string filter,
                     }
                 }
                 Trace.WriteLine("[" + DateTime.Now.ToLongTimeString() + "]Calling FindAll");
-                foreach (SearchResult sr in clsDS.FindAll())
+                var iterator = clsDS.FindAll().GetEnumerator();
+                while(true)
                 {
+                    try
+                    {
+                        if (!iterator.MoveNext())
+                            break;
+                    }
+                    catch (DirectoryServicesCOMException ex)
+                    {
+                        if (ex.ErrorCode == -2147024662 && ex.ExtendedError == 234)
+                        {
+                            Console.ForegroundColor = ConsoleColor.Yellow;
+                            Console.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] Warning: received \"Calling GetNextRow can potentially return more results\"");
+                            Trace.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] Warning: received \"Calling GetNextRow can potentially return more results\"");
+                            Console.ResetColor();
+                            if (!iterator.MoveNext())
+                            {
+                                Console.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] No more results");
+                                Trace.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] No more results");
+                                break;
+                            }
+                            Console.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] More results found");
+                            Trace.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] More results found");
+                        }
+                        else
+                        {
+                            throw;
+                        }
+                    }
+                    var sr = (SearchResult) iterator.Current;
                     ADItem aditem = null;
                     try
                     {
@@ -229,9 +259,14 @@ public override IFileConnection FileConnection
             get
             {
                 if (fileConnection == null)
-                    fileConnection = new WindowsFileConnection(this.Credential);
+                    fileConnection = new WindowsFileConnection(this.Credential, Server);
                 return fileConnection;
             }
         }
+
+        public override void ThreadInitialization()
+        {
+            FileConnection.ThreadInitialization();
+        }
     }
 }
diff --git a/ADWS/LinuxConnection.cs b/ADWS/LinuxConnection.cs
@@ -181,10 +181,11 @@ protected override ADDomainInfo GetDomainInfoInternal()
                         Trace.WriteLine(control);
                     }
                 }
-                Trace.WriteLine("supportedLDAPVersion: ");
+                Trace.WriteLine("namingContexts: ");
                 info.NamingContexts = new List<string>();
                 foreach (var nc in GetValues(result, "namingContexts"))
                 {
+                    Trace.WriteLine(nc);
                     info.NamingContexts.Add(nc);
                 }
                 return info;
@@ -412,6 +413,11 @@ public LDAPException(int code)
             }
         }
 
+
+        public override void ThreadInitialization()
+        {
+
+        }
     }
 
 

diff --git a/ADWS/LinuxFileConnection.cs b/ADWS/LinuxFileConnection.cs
@@ -338,6 +338,10 @@ static private void SetString(IntPtr dest, string str, int maxLen)
             Marshal.Copy(buffer, 0, dest, buffer.Length);
         }
 
+        public void ThreadInitialization()
+        {
+        }
+
         #region pinvoke
         internal const string SmbLibrary = "libPingCastlesmb";
 
@@ -463,6 +467,8 @@ protected virtual void Dispose(bool disposing)
             Dispose(false);
         }
         #endregion IDispose
+
+
     }
 
     internal class LinuxFileStream : Stream
@@ -478,6 +484,7 @@ public override int Read(byte[] buffer, int offset, int count)
             IntPtr mem = Marshal.AllocHGlobal(count);
             var result = smbc_read(descriptor, mem, count);
             Marshal.Copy(mem, buffer, offset, count);
+            Marshal.FreeHGlobal(mem);
             return result;
         }
 

diff --git a/ADWS/WindowsFileConnection.cs b/ADWS/WindowsFileConnection.cs
@@ -26,6 +26,8 @@ public interface IFileConnection : IDisposable
         string PathCombine(string path1, string path2);
         List<string> GetAllSubDirectories(string path);
         List<string> GetAllSubFiles(string path);
+
+        void ThreadInitialization();
     }
 
     internal class WindowsFileConnection : IFileConnection
@@ -78,11 +80,11 @@ public bool DirectoryExists(string path)
         WindowsIdentity identity;
         WindowsImpersonationContext context;
 
-        public WindowsFileConnection(NetworkCredential credential)
+        public WindowsFileConnection(NetworkCredential credential, string server)
         {
             if (credential != null)
             {
-                identity = GetWindowsIdentityForUser(credential);
+                identity = GetWindowsIdentityForUser(credential, server);
                 context = identity.Impersonate();
             }
         }
@@ -101,25 +103,36 @@ private void Unmount()
         [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
         private static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
 
+        [DllImport("kernel32.dll", SetLastError = true)]
+        private static extern bool CloseHandle(IntPtr hObject);
+
         // logon types
         const int LOGON32_LOGON_NEW_CREDENTIALS = 9;
 
         // logon providers
         const int LOGON32_PROVIDER_DEFAULT = 0;
 
-        public static WindowsIdentity GetWindowsIdentityForUser(NetworkCredential credential, string optionalRemoteserver = null)
+        public static WindowsIdentity GetWindowsIdentityForUser(NetworkCredential credential, string remoteserver)
         {
             IntPtr token = IntPtr.Zero;
-            string domain = credential.Domain;
-            if (String.IsNullOrEmpty(domain))
-                domain = optionalRemoteserver;
-            Trace.WriteLine("Preparing to login with login = " + credential.UserName + " domain = " + domain);
-            bool isSuccess = LogonUser(credential.UserName, (credential.UserName.Contains("@") ? null : domain), credential.Password, LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_DEFAULT, ref token);
+            Trace.WriteLine("Preparing to login with login = " + credential.UserName + " remoteserver = " + remoteserver);
+            var szDomain = credential.Domain;
+            if (string.IsNullOrEmpty(szDomain))
+            {
+                if (!credential.UserName.Contains("@"))
+                {
+                    szDomain = remoteserver;
+                }
+            }
+
+            bool isSuccess = LogonUser(credential.UserName, szDomain, credential.Password, LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_DEFAULT, ref token);
             if (!isSuccess)
             {
                 throw new Win32Exception();
             }
-            return new WindowsIdentity(token);
+            var output = new WindowsIdentity(token);
+            CloseHandle(token);
+            return output;
         }
 
         #region IDispose
@@ -201,5 +214,12 @@ public List<string> GetAllSubFiles(string path)
         {
             return new List<string>(Directory.GetFiles(path, "*.*", SearchOption.AllDirectories));
         }
+
+
+        public void ThreadInitialization()
+        {
+            if (identity != null)
+                identity.Impersonate();
+        }
     }
 }