async def get_all_machines(self): try: async for machine_data, err in self.ldap.get_all_machines(): if err is not None: raise err machine = Machine.from_adcomp(machine_data) delegations = [] allowedtoact = [] if machine_data.allowedtoactonbehalfofotheridentity is not None: try: sd = SECURITY_DESCRIPTOR.from_bytes(machine_data.allowedtoactonbehalfofotheridentity) if sd.Dacl is not None: for ace in sd.Dacl.aces: aa = MachineAllowedToAct() aa.machine_sid = machine.objectSid aa.target_sid = str(ace.Sid) allowedtoact.append(aa) except Exception as e: logger.debug('Error parsing allowedtoact SD! %s Reason: %s' % (machine.sAMAccountName, e)) if machine_data.allowedtodelegateto is not None: for delegate_data in machine_data.allowedtodelegateto: delegations.append(MachineConstrainedDelegation.from_spn_str(delegate_data)) await self.agent_out_q.put((LDAPAgentCommand.MACHINE, {'machine' : machine, 'delegations' : delegations, 'allowedtoact' : allowedtoact})) except: await self.agent_out_q.put((LDAPAgentCommand.EXCEPTION, str(traceback.format_exc()))) finally: await self.agent_out_q.put((LDAPAgentCommand.MACHINES_FINISHED, None))
def enum_machine(self, machine_data): #print('Got machine object!') machine = Machine.from_adcomp(machine_data) machine.ad_id = self.ad_id self.session.add(machine) self.session.commit() self.session.refresh(machine) for spn in getattr(machine, 'allowedtodelegateto', []): con = MachineConstrainedDelegation() con.spn = spn con.targetaccount = LDAPEnumeratorManager.spn_to_account(spn) machine.allowedtodelegateto.append(con) self.session.commit() membership_attr = { 'dn': str(machine.dn), 'cn': str(machine.cn), 'guid': str(machine.objectGUID), 'sid': str(machine.objectSid), 'type': 'machine' } self.member_ctr += 1 job = LDAPAgentJob(LDAPAgentCommand.MEMBERSHIPS, membership_attr) self.agent_in_q.put(job) self.sd_ctr += 1 job = LDAPAgentJob(LDAPAgentCommand.SDS, { 'dn': machine.dn, 'obj_type': 'machine' }) self.agent_in_q.put(job) del machine
async def get_all_machines(self): try: async for machine_data in self.ldap.get_all_machine_objects(): machine = Machine.from_adcomp(machine_data) await self.agent_out_q.coro_put( (LDAPAgentCommand.MACHINE, machine)) except: await self.agent_out_q.coro_put( (LDAPAgentCommand.EXCEPTION, str(traceback.format_exc()))) finally: await self.agent_out_q.coro_put( (LDAPAgentCommand.MACHINES_FINISHED, None))
async def get_all_machines(self): try: async for machine_data, err in self.ldap.get_all_machines(): if err is not None: raise err machine = Machine.from_adcomp(machine_data) delegations = [] if machine_data.allowedtodelegateto is not None: for delegate_data in machine_data.allowedtodelegateto: delegations.append(MachineConstrainedDelegation.from_spn_str(delegate_data)) await self.agent_out_q.put((LDAPAgentCommand.MACHINE, {'machine' : machine, 'delegations' : delegations})) except: await self.agent_out_q.put((LDAPAgentCommand.EXCEPTION, str(traceback.format_exc()))) finally: await self.agent_out_q.put((LDAPAgentCommand.MACHINES_FINISHED, None))
def import_machines(self): print('Importing machines!') for machine in self.get_file('computers')['computers']: #pprint.pprint(machine) #input() m = Machine() m.ad_id = self.ads[machine['Properties']['objectsid'].rsplit( '-', 1)[0]] m.sAMAccountName = machine['Name'].split('.', 1)[0] + '$' m.objectSid = machine['Properties']['objectsid'] m.description = machine['Properties']['description'] m.operatingSystemVersion = machine['Properties']['operatingsystem'] self.db_session.add(m) self.db_session.commit()
def import_machines(self): logger.debug('[BHIMPORT] Importing machines') meta = self.get_file('computers')['meta'] total = meta['count'] for machine in tqdm(self.get_file('computers')['computers'], desc='Machines', total=total, disable=self.disable_print_progress): if self.debug is True: pretty(machine) input() try: if self.bloodhound_version == '2': m = Machine() m.ad_id = self.adn[machine['Properties']['domain']] #m.dn = machine['Properties']['distinguishedname'] m.canLogon = machine['Properties'].get('enabled') m.lastLogonTimestamp = convert_to_dt( machine['Properties'].get('lastlogontimestamp')) m.pwdLastSet = convert_to_dt( machine['Properties'].get('pwdlastset')) m.operatingSystem = machine['Properties'].get( 'operatingsystem') m.dNSHostName = machine['Name'] m.cn = machine['Name'].split('.', 1)[0] m.name = m.cn m.sAMAccountName = machine['Name'].split('.', 1)[0] + '$' m.objectSid = machine['Properties']['objectsid'] m.canLogon = machine['Properties'].get('enabled') m.UAC_TRUSTED_FOR_DELEGATION = machine['Properties'].get( 'unconstraineddelegation') m.description = machine['Properties'].get('description') if machine['Properties'].get('highvalue') is True: hvt = ADObjProps(self.graphid, m.objectSid, 'HVT') self.db_session.add(hvt) #m.operatingSystemVersion = machine['Properties']['operatingsystem'] #not importing [Properties][haslaps] [Properties][serviceprincipalnames] # [AllowedToDelegate] [AllowedToAct] else: m = Machine() m.ad_id = self.adn[machine['Properties']['domain']] m.dn = machine['Properties']['distinguishedname'] m.canLogon = machine['Properties']['enabled'] m.lastLogonTimestamp = convert_to_dt( machine['Properties']['lastlogontimestamp']) m.pwdLastSet = convert_to_dt( machine['Properties']['pwdlastset']) m.operatingSystem = machine['Properties'][ 'operatingsystem'] m.dNSHostName = machine['Properties']['name'] m.cn = machine['Properties']['name'].split('.', 1)[0] m.sAMAccountName = machine['Properties']['name'].split( '.', 1)[0] + '$' m.objectSid = machine['Properties']['objectid'] m.description = machine['Properties']['description'] m.UAC_TRUSTED_FOR_DELEGATION = machine['Properties'].get( 'unconstraineddelegation') #m.operatingSystemVersion = machine['Properties']['operatingsystem'] if machine['Properties'].get('highvalue') is True: hvt = ADObjProps(self.graphid, m.objectSid, 'HVT') self.db_session.add(hvt) if 'serviceprincipalnames' in machine['Properties']: if len(machine['Properties'] ['serviceprincipalnames']) > 0: m.servicePrincipalName = '|'.join( machine['Properties']['serviceprincipalnames']) for spn in machine['Properties'][ 'serviceprincipalnames']: s = BHImport.process_spn(spn, m.objectSid) self.db_session.add(s) if 'Sessions' in machine: for session in machine['Sessions']: self.add_edge(session['UserId'], 'user', session['ComputerId'], 'machine', 'hasSession', m.ad_id) self.add_edge(session['ComputerId'], 'machine', session['UserId'], 'user', 'hasSession', m.ad_id) self.db_session.add(s) #not importing [Properties][haslaps] [AllowedToDelegate] [AllowedToAct] if 'LocalAdmins' in machine and machine[ 'LocalAdmins'] is not None: for localadmin in machine['LocalAdmins']: if self.bloodhound_version == '2': s = LocalGroup() s.ad_id = m.ad_id s.machine_sid = m.objectSid s.sid = self.sid_name_lookup_v2( localadmin['Name'], localadmin['Type'], m.ad_id) s.groupname = 'Administrators' self.db_session.add(s) self.add_edge( s.sid, BHImport.convert_otype(localadmin['Type']), s.machine_sid, 'machine', 'adminTo', m.ad_id) else: s = LocalGroup() s.ad_id = m.ad_id s.machine_sid = m.objectSid s.sid = localadmin['MemberId'] s.groupname = 'Administrators' self.db_session.add(s) self.add_edge( s.sid, BHImport.convert_otype( localadmin['MemberType']), s.machine_sid, 'machine', 'adminTo', m.ad_id) if 'DcomUsers' in machine and machine['DcomUsers'] is not None: for localadmin in machine['DcomUsers']: if self.bloodhound_version == '2': s = LocalGroup() s.ad_id = m.ad_id s.machine_sid = m.objectSid s.sid = self.sid_name_lookup_v2( localadmin['Name'], localadmin['Type'], m.ad_id) s.groupname = 'Distributed COM Users' self.db_session.add(s) self.add_edge( s.sid, BHImport.convert_otype(localadmin['Type']), s.machine_sid, 'machine', 'executeDCOM', m.ad_id) else: s = LocalGroup() s.ad_id = m.ad_id s.machine_sid = m.objectSid s.sid = localadmin['MemberId'] s.groupname = 'Distributed COM Users' self.db_session.add(s) self.add_edge( s.sid, BHImport.convert_otype( localadmin['MemberType']), s.machine_sid, 'machine', 'executeDCOM', m.ad_id) if 'RemoteDesktopUsers' in machine and machine[ 'RemoteDesktopUsers'] is not None: for localadmin in machine['RemoteDesktopUsers']: if self.bloodhound_version == '2': s = LocalGroup() s.ad_id = m.ad_id s.machine_sid = m.objectSid s.sid = self.sid_name_lookup_v2( localadmin['Name'], localadmin['Type'], m.ad_id) s.groupname = 'Remote Desktop Users' self.db_session.add(s) self.add_edge( s.sid, BHImport.convert_otype(localadmin['Type']), s.machine_sid, 'machine', 'canRDP', m.ad_id) else: s = LocalGroup() s.ad_id = m.ad_id s.machine_sid = m.objectSid s.sid = localadmin['MemberId'] s.groupname = 'Remote Desktop Users' self.db_session.add(s) self.add_edge( s.sid, BHImport.convert_otype( localadmin['MemberType']), s.machine_sid, 'machine', 'canRDP', m.ad_id) if 'PSRemoteUsers' in machine: for localadmin in machine['PSRemoteUsers']: if self.bloodhound_version == '2': s = LocalGroup() s.ad_id = m.ad_id s.machine_sid = m.objectSid s.sid = self.sid_name_lookup_v2( localadmin['Name'], localadmin['Type'], m.ad_id) s.groupname = 'Remote Management Users' self.db_session.add(s) self.add_edge( s.sid, BHImport.convert_otype(localadmin['Type']), s.machine_sid, 'machine', 'psremote', m.ad_id) else: s = LocalGroup() s.ad_id = m.ad_id s.machine_sid = m.objectSid s.sid = localadmin['MemberId'] s.groupname = 'Remote Management Users' self.db_session.add(s) self.add_edge( s.sid, BHImport.convert_otype( localadmin['MemberType']), s.machine_sid, 'machine', 'psremote', m.ad_id) self.db_session.add(m) edgeinfo = EdgeLookup(m.ad_id, m.objectSid, 'machine') self.db_session.add(edgeinfo) #self.db_session.commit() if machine['Aces'] is not None: self.insert_acl(m.objectSid, 'machine', machine['Aces'], m.ad_id) except Exception as e: logger.debug( '[BHIMPORT] Failed importing machine %s Reason: %s' % (machine, e)) continue self.db_session.commit()
def get_all_machines(self): for machine in self.ldap.get_all_machine_objects(): yield (machine, Machine.from_adcomp(machine))