def import_machines(self):
print('Importing machines!')
for machine in self.get_file('computers')['computers']:
#pprint.pprint(machine)
#input()
m = Machine()
m.ad_id = self.ads[machine['Properties']['objectsid'].rsplit(
'-', 1)[0]]
m.sAMAccountName = machine['Name'].split('.', 1)[0] + '$'
m.objectSid = machine['Properties']['objectsid']
m.description = machine['Properties']['description']
m.operatingSystemVersion = machine['Properties']['operatingsystem']
self.db_session.add(m)
self.db_session.commit()
def import_machines(self):
logger.debug('[BHIMPORT] Importing machines')
meta = self.get_file('computers')['meta']
total = meta['count']
for machine in tqdm(self.get_file('computers')['computers'],
desc='Machines',
total=total,
disable=self.disable_print_progress):
if self.debug is True:
pretty(machine)
input()
try:
if self.bloodhound_version == '2':
m = Machine()
m.ad_id = self.adn[machine['Properties']['domain']]
#m.dn = machine['Properties']['distinguishedname']
m.canLogon = machine['Properties'].get('enabled')
m.lastLogonTimestamp = convert_to_dt(
machine['Properties'].get('lastlogontimestamp'))
m.pwdLastSet = convert_to_dt(
machine['Properties'].get('pwdlastset'))
m.operatingSystem = machine['Properties'].get(
'operatingsystem')
m.dNSHostName = machine['Name']
m.cn = machine['Name'].split('.', 1)[0]
m.name = m.cn
m.sAMAccountName = machine['Name'].split('.', 1)[0] + '$'
m.objectSid = machine['Properties']['objectsid']
m.canLogon = machine['Properties'].get('enabled')
m.UAC_TRUSTED_FOR_DELEGATION = machine['Properties'].get(
'unconstraineddelegation')
m.description = machine['Properties'].get('description')
if machine['Properties'].get('highvalue') is True:
hvt = ADObjProps(self.graphid, m.objectSid, 'HVT')
self.db_session.add(hvt)
#m.operatingSystemVersion = machine['Properties']['operatingsystem']
#not importing [Properties][haslaps] [Properties][serviceprincipalnames]
# [AllowedToDelegate] [AllowedToAct]
else:
m = Machine()
m.ad_id = self.adn[machine['Properties']['domain']]
m.dn = machine['Properties']['distinguishedname']
m.canLogon = machine['Properties']['enabled']
m.lastLogonTimestamp = convert_to_dt(
machine['Properties']['lastlogontimestamp'])
m.pwdLastSet = convert_to_dt(
machine['Properties']['pwdlastset'])
m.operatingSystem = machine['Properties'][
'operatingsystem']
m.dNSHostName = machine['Properties']['name']
m.cn = machine['Properties']['name'].split('.', 1)[0]
m.sAMAccountName = machine['Properties']['name'].split(
'.', 1)[0] + '$'
m.objectSid = machine['Properties']['objectid']
m.description = machine['Properties']['description']
m.UAC_TRUSTED_FOR_DELEGATION = machine['Properties'].get(
'unconstraineddelegation')
#m.operatingSystemVersion = machine['Properties']['operatingsystem']
if machine['Properties'].get('highvalue') is True:
hvt = ADObjProps(self.graphid, m.objectSid, 'HVT')
self.db_session.add(hvt)
if 'serviceprincipalnames' in machine['Properties']:
if len(machine['Properties']
['serviceprincipalnames']) > 0:
m.servicePrincipalName = '|'.join(
machine['Properties']['serviceprincipalnames'])
for spn in machine['Properties'][
'serviceprincipalnames']:
s = BHImport.process_spn(spn, m.objectSid)
self.db_session.add(s)
if 'Sessions' in machine:
for session in machine['Sessions']:
self.add_edge(session['UserId'], 'user',
session['ComputerId'], 'machine',
'hasSession', m.ad_id)
self.add_edge(session['ComputerId'], 'machine',
session['UserId'], 'user',
'hasSession', m.ad_id)
self.db_session.add(s)
#not importing [Properties][haslaps] [AllowedToDelegate] [AllowedToAct]
if 'LocalAdmins' in machine and machine[
'LocalAdmins'] is not None:
for localadmin in machine['LocalAdmins']:
if self.bloodhound_version == '2':
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = self.sid_name_lookup_v2(
localadmin['Name'], localadmin['Type'],
m.ad_id)
s.groupname = 'Administrators'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(localadmin['Type']),
s.machine_sid, 'machine', 'adminTo', m.ad_id)
else:
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = localadmin['MemberId']
s.groupname = 'Administrators'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(
localadmin['MemberType']), s.machine_sid,
'machine', 'adminTo', m.ad_id)
if 'DcomUsers' in machine and machine['DcomUsers'] is not None:
for localadmin in machine['DcomUsers']:
if self.bloodhound_version == '2':
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = self.sid_name_lookup_v2(
localadmin['Name'], localadmin['Type'],
m.ad_id)
s.groupname = 'Distributed COM Users'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(localadmin['Type']),
s.machine_sid, 'machine', 'executeDCOM',
m.ad_id)
else:
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = localadmin['MemberId']
s.groupname = 'Distributed COM Users'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(
localadmin['MemberType']), s.machine_sid,
'machine', 'executeDCOM', m.ad_id)
if 'RemoteDesktopUsers' in machine and machine[
'RemoteDesktopUsers'] is not None:
for localadmin in machine['RemoteDesktopUsers']:
if self.bloodhound_version == '2':
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = self.sid_name_lookup_v2(
localadmin['Name'], localadmin['Type'],
m.ad_id)
s.groupname = 'Remote Desktop Users'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(localadmin['Type']),
s.machine_sid, 'machine', 'canRDP', m.ad_id)
else:
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = localadmin['MemberId']
s.groupname = 'Remote Desktop Users'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(
localadmin['MemberType']), s.machine_sid,
'machine', 'canRDP', m.ad_id)
if 'PSRemoteUsers' in machine:
for localadmin in machine['PSRemoteUsers']:
if self.bloodhound_version == '2':
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = self.sid_name_lookup_v2(
localadmin['Name'], localadmin['Type'],
m.ad_id)
s.groupname = 'Remote Management Users'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(localadmin['Type']),
s.machine_sid, 'machine', 'psremote', m.ad_id)
else:
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = localadmin['MemberId']
s.groupname = 'Remote Management Users'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(
localadmin['MemberType']), s.machine_sid,
'machine', 'psremote', m.ad_id)
self.db_session.add(m)
edgeinfo = EdgeLookup(m.ad_id, m.objectSid, 'machine')
self.db_session.add(edgeinfo)
#self.db_session.commit()
if machine['Aces'] is not None:
self.insert_acl(m.objectSid, 'machine', machine['Aces'],
m.ad_id)
except Exception as e:
logger.debug(
'[BHIMPORT] Failed importing machine %s Reason: %s' %
(machine, e))
continue
self.db_session.commit()