2.0.100

M41doror · Apr 25, 2019 · 1934133 · 1934133
1 parent 809491c
commit 1934133
Show file tree

Hide file tree

Showing 31 changed files with 10,448 additions and 103 deletions.
diff --git a/Buffer.cpp b/Buffer.cpp
diff --git a/Constants.h b/Constants.h
@@ -45,20 +45,20 @@ CONST_TXT cUserAccountControl[] =
 #define FLAG_DISALLOW_MOVE_ON_DELETE                  0x02000000
 CONST_TXT cSystemFlags [] =
 {
-   { ADS_SYSTEMFLAG_ATTR_NOT_REPLICATED,                       L"NOT_REPLICATED/NC" },
+   { (DWORD)ADS_SYSTEMFLAG_ATTR_NOT_REPLICATED,                L"NOT_REPLICATED/NC" },
    { FLAG_ATTR_REQ_PARTIAL_SET_MEMBER,                         L"PARTIAL_SET_MEMBER/DOMAIN" },
-   { ADS_SYSTEMFLAG_ATTR_IS_CONSTRUCTED,                       L"CONSTRUCTED/NOT_GC_REPLICATED" },
+   { (DWORD)ADS_SYSTEMFLAG_ATTR_IS_CONSTRUCTED,                L"CONSTRUCTED/NOT_GC_REPLICATED" },
    { FLAG_ATTR_IS_OPERATIONAL,                                 L"OPERATIONAL" },
    { FLAG_SCHEMA_BASE_OBJECT,                                  L"BASE_OBJECT" },
    { FLAG_ATTR_IS_RDN,                                         L"RDN" },
 
    { FLAG_DISALLOW_MOVE_ON_DELETE,                             L"DISALLOW_MOVE_ON_DELETE" },
-   { ADS_SYSTEMFLAG_DOMAIN_DISALLOW_MOVE,                      L"DISALLOW_MOVE" },
-   { ADS_SYSTEMFLAG_DOMAIN_DISALLOW_RENAME,                    L"DISALLOW_RENAME" },
-   { ADS_SYSTEMFLAG_CONFIG_ALLOW_LIMITED_MOVE,                 L"ALLOW_LIMITED_MOVE" },
-   { ADS_SYSTEMFLAG_CONFIG_ALLOW_MOVE,                         L"ALLOW_MOVE" },
-   { ADS_SYSTEMFLAG_CONFIG_ALLOW_RENAME,                       L"ALLOW_RENAME" },
-   { ADS_SYSTEMFLAG_DISALLOW_DELETE,                           L"DISALLOW_DELETE" },
+   { (DWORD)ADS_SYSTEMFLAG_DOMAIN_DISALLOW_MOVE,               L"DISALLOW_MOVE" },
+   { (DWORD)ADS_SYSTEMFLAG_DOMAIN_DISALLOW_RENAME,             L"DISALLOW_RENAME" },
+   { (DWORD)ADS_SYSTEMFLAG_CONFIG_ALLOW_LIMITED_MOVE,          L"ALLOW_LIMITED_MOVE" },
+   { (DWORD)ADS_SYSTEMFLAG_CONFIG_ALLOW_MOVE,                  L"ALLOW_MOVE" },
+   { (DWORD)ADS_SYSTEMFLAG_CONFIG_ALLOW_RENAME,                L"ALLOW_RENAME" },
+   { (DWORD)ADS_SYSTEMFLAG_DISALLOW_DELETE,                    L"DISALLOW_DELETE" },
 
    { FILTER_FLAG, NULL }
 };
@@ -143,7 +143,16 @@ CONST_TXT cSupportedEncryptionTypes[] =
    { FILTER_FLAG, NULL }
 };
 
-#define TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION                 0x00000080
+#define TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION           0x00000080
+#ifndef TRUST_ATTRIBUTE_TREE_PARENT
+#define TRUST_ATTRIBUTE_TREE_PARENT    0x00400000     // Denotes that we are setting the trust
+                                                      // to our parent in the org tree
+#endif // !TRUST_ATTRIBUTE_TREE_PARENT
+#ifndef TRUST_ATTRIBUTE_TREE_ROOT
+#define TRUST_ATTRIBUTE_TREE_ROOT      0x00800000     // Denotes that we are setting the trust
+                                                      // to another tree root in a forest
+#endif // !TRUST_ATTRIBUTE_TREE_ROOT
+
 CONST_TXT cTrustAttributes[] =
 {
    { TRUST_ATTRIBUTE_NON_TRANSITIVE,                        L"NON_TRANSITIVE" },
@@ -156,6 +165,8 @@ CONST_TXT cTrustAttributes[] =
    { TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION,                   L"USES_RC4_ENCRYPTION" },
    { TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION,  L"CROSS_ORGANIZATION_NO_TGT_DELEGATION" },
    { TRUST_ATTRIBUTE_PIM_TRUST,                             L"PIM_TRUST" },
+   { TRUST_ATTRIBUTE_TREE_PARENT,                           L"O_TREE_PARENT" },
+   { TRUST_ATTRIBUTE_TREE_ROOT,                             L"O_TREE_ROOT" },
    { FILTER_FLAG, NULL }
 };
 

diff --git a/Engine.cpp b/Engine.cpp
@@ -2,7 +2,9 @@
 #include <stdio.h>
 #include <DsGetDC.h>
 #include <Lm.h>
+#include <Shlwapi.h>
 #include "ORADAD.h"
+#include "tar/tar.h"
 
 extern HANDLE g_hHeap;
 extern BOOL g_bSupportsAnsi;
@@ -24,6 +26,20 @@ pProcessDomain(
    _In_ BOOL bWriteTableInfo
 );
 
+BOOL
+pTarFile(
+   _In_ PGLOBAL_CONFIG pGlobalConfig,
+   _In_z_ LPWSTR szFileName,
+   _In_ HANDLE hTarFile
+);
+
+VOID
+pTarFilesRecursively(
+   _In_ PGLOBAL_CONFIG pGlobalConfig,
+   _In_z_ LPWSTR szFolder,
+   _In_ HANDLE hTarFile
+);
+
 BOOL
 Process (
    _In_ PGLOBAL_CONFIG pGlobalConfig
@@ -310,6 +326,39 @@ Process (
    if (pGlobalConfig->hTableFile != NULL)
       CloseHandle(pGlobalConfig->hTableFile);
 
+   if (pGlobalConfig->bTarballEnabled)
+   {
+      // Create TAR
+      HANDLE hTarFile;
+      WCHAR szTarFile[MAX_PATH];
+
+      swprintf(
+         szTarFile, MAX_PATH,
+         L"%s\\%s_%s.tar",
+         pGlobalConfig->szOutDirectory,
+         szRootDns,
+         pGlobalConfig->szSystemTime
+      );
+
+      bResult = TarInitialize(&hTarFile, szTarFile);
+      if (bResult == FALSE)
+      {
+         Log(
+            __FILE__, __FUNCTION__, __LINE__, LOG_LEVEL_ERROR,
+            "[!] %sCannot create tar file%S%s (error %u).", COLOR_RED, szTarFile, COLOR_RESET, GetLastError()
+         );
+         bReturn = FALSE;
+      }
+
+      Log(
+         __FILE__, __FUNCTION__, __LINE__, LOG_LEVEL_INFORMATION,
+         "[.] Create output file: %S",
+         szTarFile
+      );
+
+      pTarFilesRecursively(pGlobalConfig, pGlobalConfig->szFullOutDirectory, hTarFile);
+   }
+
    _SafeHeapRelease(szRootDns);
    return bReturn;
 }
@@ -455,4 +504,92 @@ pProcessDomain (
    _SafeHeapRelease(szDomainDns);
 
    return TRUE;
+}
+
+VOID
+pTarFilesRecursively (
+   _In_ PGLOBAL_CONFIG pGlobalConfig,
+   _In_z_ LPWSTR szFolder,
+   _In_ HANDLE hTarFile
+)
+{
+   TCHAR szFullPattern[MAX_PATH];
+   WIN32_FIND_DATA FindFileData;
+   HANDLE hFindFile;
+
+   // first we are going to process any subdirectories 
+   PathCombine(szFullPattern, szFolder, L"*");
+   hFindFile = FindFirstFile(szFullPattern, &FindFileData);
+   if (hFindFile != INVALID_HANDLE_VALUE)
+   {
+      do
+      {
+         if (FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
+         {
+            // found a subdirectory; recurse into it
+            if (FindFileData.cFileName[0] == '.')
+               continue;
+            PathCombine(szFullPattern, szFolder, FindFileData.cFileName);
+            pTarFilesRecursively(pGlobalConfig, szFullPattern, hTarFile);
+         }
+      } while (FindNextFile(hFindFile, &FindFileData));
+      FindClose(hFindFile);
+   }
+   // now we are going to look for the matching files 
+   PathCombine(szFullPattern, szFolder, L"*");
+   hFindFile = FindFirstFile(szFullPattern, &FindFileData);
+   if (hFindFile != INVALID_HANDLE_VALUE)
+   {
+      do
+      {
+         if (!(FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY))
+         {
+            // found a file; do something with it 
+            PathCombine(szFullPattern, szFolder, FindFileData.cFileName);
+            pTarFile(pGlobalConfig, szFullPattern, hTarFile);
+         }
+      } while (FindNextFile(hFindFile, &FindFileData));
+      FindClose(hFindFile);
+   }
+}
+
+BOOL
+pTarFile (
+   _In_ PGLOBAL_CONFIG pGlobalConfig,
+   _In_z_ LPWSTR szFileName,
+   _In_ HANDLE hTarFile
+)
+{
+   BOOL bResult = FALSE;
+   WCHAR szRelativePath[MAX_PATH] = { 0 };
+   size_t stOutDirectoryLength;
+   size_t stPathLen;
+
+   Log(
+      __FILE__, __FUNCTION__, __LINE__, LOG_LEVEL_VERBOSE,
+      "[.] Processing file '%S'.", szFileName
+   );
+
+   // SKIP prefix
+   stOutDirectoryLength = wcslen(pGlobalConfig->szOutDirectory) + 1;
+   memcpy_s(szRelativePath, MAX_PATH, szFileName + stOutDirectoryLength, MAX_PATH - stOutDirectoryLength);
+
+   stPathLen = wcslen(szRelativePath);
+   // Replace '\' by '/' for tar name
+   for (size_t i = 0; i < stPathLen; ++i)
+   {
+      if (szRelativePath[i] == L'\\')
+         szRelativePath[i] = L'/';
+   }
+   bResult = TarWriteFile(hTarFile, szFileName, szRelativePath);
+   if (bResult == FALSE)
+   {
+      Log(
+         __FILE__, __FUNCTION__, __LINE__, LOG_LEVEL_ERROR,
+         "[!] %sCannot write to tar%s (error %u).", COLOR_RED, COLOR_RESET, GetLastError()
+      );
+      return FALSE;
+   }
+
+   return bResult;
 }