Skip to content

Commit

Permalink
Merge pull request #6 from ustayready/ldap-nozzle-exception-handling
Browse files Browse the repository at this point in the history 
Updated LDAPNozzle with exception details
  • Loading branch information
@ustayready
ustayready authored Aug 26, 2020
2 parents 06ea13e + 62b9bbf commit f6f5b8a
Showing 1 changed file with 37 additions and 18 deletions.
55 changes: 37 additions & 18 deletions SharpHose/Nozzles/LDAP/LDAPNozzle.cs
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
using SharpHose.Common.Enums;
using SharpHose.Common.Enums;
using SharpHose.Common.Helpers;
using SharpHose.Common.Objects;
using System;
Expand Down Expand Up @@ -35,7 +35,7 @@ public LDAPNozzle(LDAPConfig config)
{
Users = new List<UserInfo>();
Config = config;

_logger = Config.Logger;

PrepareNozzle();
Expand All @@ -45,7 +45,6 @@ public override void Start()
{
CurrentState = SprayState.START;


var excluded = new List<string>();
if (Config.ExcludeUsers)
excluded = File.ReadAllLines(Config.ExcludeFilePath).ToList();
Expand Down Expand Up @@ -110,7 +109,7 @@ public override void Start()
}
}

if(Config.SaveOutput)
if (Config.SaveOutput)
{
File.WriteAllText(filePath, contents);
}
Expand Down Expand Up @@ -170,7 +169,7 @@ public int DisplayPolicyUsers(string policyName, bool onlyCount = false)
{
_logger.Log($"User: {user}");

if(Config.SaveOutput)
if (Config.SaveOutput)
contents += $"{user}\n";
}

Expand All @@ -179,7 +178,8 @@ public int DisplayPolicyUsers(string policyName, bool onlyCount = false)

_logger.Log($"-----------------------------------");
}
} else
}
else
{
_logger.Log($"Policy not found: {policyName}");
}
Expand Down Expand Up @@ -248,14 +248,14 @@ private void DisplayPolicyDetails(LDAPPasswordPolicy policy)
_logger.Log($"Password History Length: {policy.PasswordHistoryLength}");
_logger.Log($"Applies to: {count} users");

if(Config.SaveOutput)
if (Config.SaveOutput)
{
var cleanPolicyName = Regex.Replace(policy.Name, "[^a-zA-Z0-9_.]+", "", RegexOptions.Compiled);
var now = DateTime.Now;
var fileNameNow = now.ToString("yyyyMddHHmm");
var fileName = $"policy_{cleanPolicyName}_{fileNameNow}.txt";
var filePath = Path.Combine(Config.OutputPath, fileName);

var contents = string.Empty;
var fileNow = now.ToString("MM/dd/yyyy h:mm tt");

Expand All @@ -276,7 +276,7 @@ private void DisplayPolicyDetails(LDAPPasswordPolicy policy)
File.WriteAllText(filePath, contents);
}
}


private async Task<bool> TryCredentialsAsync(string username, string password)
{
Expand Down Expand Up @@ -309,10 +309,13 @@ private string FindDomainController()
try
{
return Dns.GetHostEntry(reply.Address.ToString()).HostName;
} catch {
}
catch
{
return reply.Address.ToString();
}
} else
}
else
{
return string.Empty;
}
Expand Down Expand Up @@ -341,7 +344,8 @@ private void LoadDomainContext()
AuthPrincipalContext = true;

DirectoryEntry = new DirectoryEntry($"LDAP://{Config.DomainName}");
} else
}
else
{
_logger.Log("[-] Cannot find domain controller from domain name.");
Environment.Exit(0);
Expand All @@ -354,6 +358,8 @@ private void LoadDomainContext()
Config.DomainName = IPGlobalProperties.GetIPGlobalProperties().DomainName;
Config.DomainController = ActiveDirectorySite.GetComputerSite().InterSiteTopologyGenerator.Name;

_logger.Log($"[-] Retrieved domain and controller: {Config.DomainName} / {Config.DomainController}");

DirectoryContext = new DirectoryContext(
DirectoryContextType.DirectoryServer,
Config.DomainController
Expand All @@ -372,7 +378,7 @@ private void LoadDomainContext()

private PrincipalContext GetPrincipalContext()
{
if(AuthPrincipalContext)
if (AuthPrincipalContext)
{
return new PrincipalContext(
ContextType.Domain,
Expand All @@ -392,6 +398,8 @@ private PrincipalContext GetPrincipalContext()

private List<string> GetPasswordPolicyUsers(LDAPPasswordPolicy policy)
{
_logger.Log($"[-] Retrieving users for policy: {policy.Name}");

var users = new List<string>();
policy.AppliesToDN.ForEach(a =>
{
Expand Down Expand Up @@ -434,8 +442,9 @@ private void GetPasswordPolicies()
Policies.Add(GetDomainPolicy());

var fineGrainedPolicies = GetFineGrainedPolicies();

fineGrainedPolicies.ForEach(x => x.AppliesToUsers = GetPasswordPolicyUsers(x));

Policies.AddRange(fineGrainedPolicies);
}

Expand Down Expand Up @@ -493,9 +502,9 @@ private List<LDAPPasswordPolicy> GetFineGrainedPolicies()
return policies;
}

public void LockoutAccount(string username, int count=10)
public void LockoutAccount(string username, int count = 10)
{
for(var i = 0; i<count; i++)
for (var i = 0; i < count; i++)
{
using (var context = GetPrincipalContext())
{
Expand All @@ -510,6 +519,8 @@ public void LockoutAccount(string username, int count=10)

private void GetUsers()
{
_logger.Log("[-] Querying for users...");

try
{
var userSearch = new DirectorySearcher(DirectoryEntry);
Expand All @@ -524,18 +535,24 @@ private void GetUsers()
userSearch.SearchScope = SearchScope.Subtree;

var results = userSearch.FindAll();

if (results != null)
{
for (var i = 0; i < results.Count; i++)
{
LDAPPasswordPolicy policy;
var user = new LDAPUserInfo(results[i]);
currentuser = i;

policy = user.GetUserPolicy(Policies);
user = user.ClassifyUser(policy);

lastuser = i;

Users.Add(user);
}

_logger.Log($"[-] Total Users: {Users.Count}");
}
else
{
Expand All @@ -545,9 +562,11 @@ private void GetUsers()

_logger.Log($"Queried {results.Count} users w/ {Policies.Count} password policies identified...");
}
catch
catch (Exception ex)
{
_logger.Log("[-] Failed to find or connect to Active Directory.");
_logger.Log("[-] Failed to find or connect to Active Directory, or another issue occurred.");
_logger.Log($"[-] Exception: {ex}");

Environment.Exit(0);
}
}
Expand Down

0 comments on commit f6f5b8a

Please sign in to comment.