コード例 #1
0
    def enum_machine(self, machine_data):
        #print('Got machine object!')
        machine = Machine.from_adcomp(machine_data)
        machine.ad_id = self.ad_id
        self.session.add(machine)
        self.session.commit()
        self.session.refresh(machine)

        for spn in getattr(machine, 'allowedtodelegateto', []):
            con = MachineConstrainedDelegation()
            con.spn = spn
            con.targetaccount = LDAPEnumeratorManager.spn_to_account(spn)
            machine.allowedtodelegateto.append(con)

        self.session.commit()

        membership_attr = {
            'dn': str(machine.dn),
            'cn': str(machine.cn),
            'guid': str(machine.objectGUID),
            'sid': str(machine.objectSid),
            'type': 'machine'
        }

        self.member_ctr += 1
        job = LDAPAgentJob(LDAPAgentCommand.MEMBERSHIPS, membership_attr)
        self.agent_in_q.put(job)

        self.sd_ctr += 1
        job = LDAPAgentJob(LDAPAgentCommand.SDS, {
            'dn': machine.dn,
            'obj_type': 'machine'
        })
        self.agent_in_q.put(job)
        del machine
コード例 #2
0
ファイル: agent.py プロジェクト: sasqwatch/jackdaw 
	async def get_all_machines(self):
		try:
			async for machine_data, err in self.ldap.get_all_machines():
				if err is not None:
					raise err
				machine = Machine.from_adcomp(machine_data)
				
				delegations = []
				allowedtoact = []
				if machine_data.allowedtoactonbehalfofotheridentity is not None:
					try:
						sd = SECURITY_DESCRIPTOR.from_bytes(machine_data.allowedtoactonbehalfofotheridentity)
						if sd.Dacl is not None:
							for ace in sd.Dacl.aces:
								aa = MachineAllowedToAct()
								aa.machine_sid = machine.objectSid
								aa.target_sid = str(ace.Sid)
								allowedtoact.append(aa)
					except Exception as e:
						logger.debug('Error parsing allowedtoact SD! %s Reason: %s' % (machine.sAMAccountName, e))
				if machine_data.allowedtodelegateto is not None:
					for delegate_data in machine_data.allowedtodelegateto:
						delegations.append(MachineConstrainedDelegation.from_spn_str(delegate_data))
				await self.agent_out_q.put((LDAPAgentCommand.MACHINE, {'machine' : machine, 'delegations' : delegations, 'allowedtoact' : allowedtoact}))
		except:
			await self.agent_out_q.put((LDAPAgentCommand.EXCEPTION, str(traceback.format_exc())))
		finally:
			await self.agent_out_q.put((LDAPAgentCommand.MACHINES_FINISHED, None))
コード例 #3
0
 async def get_all_machines(self):
     try:
         async for machine_data in self.ldap.get_all_machine_objects():
             machine = Machine.from_adcomp(machine_data)
             await self.agent_out_q.coro_put(
                 (LDAPAgentCommand.MACHINE, machine))
     except:
         await self.agent_out_q.coro_put(
             (LDAPAgentCommand.EXCEPTION, str(traceback.format_exc())))
     finally:
         await self.agent_out_q.coro_put(
             (LDAPAgentCommand.MACHINES_FINISHED, None))
コード例 #4
0
ファイル: agent.py プロジェクト: zimshk/jackdaw 
	async def get_all_machines(self):
		try:
			async for machine_data, err in self.ldap.get_all_machines():
				if err is not None:
					raise err
				machine = Machine.from_adcomp(machine_data)
				
				delegations = []
				if machine_data.allowedtodelegateto is not None:
					for delegate_data in machine_data.allowedtodelegateto:
						delegations.append(MachineConstrainedDelegation.from_spn_str(delegate_data))
				await self.agent_out_q.put((LDAPAgentCommand.MACHINE, {'machine' : machine, 'delegations' : delegations}))
		except:
			await self.agent_out_q.put((LDAPAgentCommand.EXCEPTION, str(traceback.format_exc())))
		finally:
			await self.agent_out_q.put((LDAPAgentCommand.MACHINES_FINISHED, None))
コード例 #5
0
ファイル: ldap.py プロジェクト: zimshk/jackdaw 
	def get_all_machines(self):
		for machine in self.ldap.get_all_machine_objects():
			yield (machine, Machine.from_adcomp(machine))