async def get_all_machines(self):
try:
async for machine_data, err in self.ldap.get_all_machines():
if err is not None:
raise err
machine = Machine.from_adcomp(machine_data)
delegations = []
allowedtoact = []
if machine_data.allowedtoactonbehalfofotheridentity is not None:
try:
sd = SECURITY_DESCRIPTOR.from_bytes(machine_data.allowedtoactonbehalfofotheridentity)
if sd.Dacl is not None:
for ace in sd.Dacl.aces:
aa = MachineAllowedToAct()
aa.machine_sid = machine.objectSid
aa.target_sid = str(ace.Sid)
allowedtoact.append(aa)
except Exception as e:
logger.debug('Error parsing allowedtoact SD! %s Reason: %s' % (machine.sAMAccountName, e))
if machine_data.allowedtodelegateto is not None:
for delegate_data in machine_data.allowedtodelegateto:
delegations.append(MachineConstrainedDelegation.from_spn_str(delegate_data))
await self.agent_out_q.put((LDAPAgentCommand.MACHINE, {'machine' : machine, 'delegations' : delegations, 'allowedtoact' : allowedtoact}))
except:
await self.agent_out_q.put((LDAPAgentCommand.EXCEPTION, str(traceback.format_exc())))
finally:
await self.agent_out_q.put((LDAPAgentCommand.MACHINES_FINISHED, None))
def enum_machine(self, machine_data):
#print('Got machine object!')
machine = Machine.from_adcomp(machine_data)
machine.ad_id = self.ad_id
self.session.add(machine)
self.session.commit()
self.session.refresh(machine)
for spn in getattr(machine, 'allowedtodelegateto', []):
con = MachineConstrainedDelegation()
con.spn = spn
con.targetaccount = LDAPEnumeratorManager.spn_to_account(spn)
machine.allowedtodelegateto.append(con)
self.session.commit()
membership_attr = {
'dn': str(machine.dn),
'cn': str(machine.cn),
'guid': str(machine.objectGUID),
'sid': str(machine.objectSid),
'type': 'machine'
}
self.member_ctr += 1
job = LDAPAgentJob(LDAPAgentCommand.MEMBERSHIPS, membership_attr)
self.agent_in_q.put(job)
self.sd_ctr += 1
job = LDAPAgentJob(LDAPAgentCommand.SDS, {
'dn': machine.dn,
'obj_type': 'machine'
})
self.agent_in_q.put(job)
del machine
async def get_all_machines(self):
try:
async for machine_data in self.ldap.get_all_machine_objects():
machine = Machine.from_adcomp(machine_data)
await self.agent_out_q.coro_put(
(LDAPAgentCommand.MACHINE, machine))
except:
await self.agent_out_q.coro_put(
(LDAPAgentCommand.EXCEPTION, str(traceback.format_exc())))
finally:
await self.agent_out_q.coro_put(
(LDAPAgentCommand.MACHINES_FINISHED, None))
async def get_all_machines(self):
try:
async for machine_data, err in self.ldap.get_all_machines():
if err is not None:
raise err
machine = Machine.from_adcomp(machine_data)
delegations = []
if machine_data.allowedtodelegateto is not None:
for delegate_data in machine_data.allowedtodelegateto:
delegations.append(MachineConstrainedDelegation.from_spn_str(delegate_data))
await self.agent_out_q.put((LDAPAgentCommand.MACHINE, {'machine' : machine, 'delegations' : delegations}))
except:
await self.agent_out_q.put((LDAPAgentCommand.EXCEPTION, str(traceback.format_exc())))
finally:
await self.agent_out_q.put((LDAPAgentCommand.MACHINES_FINISHED, None))
def import_machines(self):
print('Importing machines!')
for machine in self.get_file('computers')['computers']:
#pprint.pprint(machine)
#input()
m = Machine()
m.ad_id = self.ads[machine['Properties']['objectsid'].rsplit(
'-', 1)[0]]
m.sAMAccountName = machine['Name'].split('.', 1)[0] + '$'
m.objectSid = machine['Properties']['objectsid']
m.description = machine['Properties']['description']
m.operatingSystemVersion = machine['Properties']['operatingsystem']
self.db_session.add(m)
self.db_session.commit()
def import_machines(self):
logger.debug('[BHIMPORT] Importing machines')
meta = self.get_file('computers')['meta']
total = meta['count']
for machine in tqdm(self.get_file('computers')['computers'],
desc='Machines',
total=total,
disable=self.disable_print_progress):
if self.debug is True:
pretty(machine)
input()
try:
if self.bloodhound_version == '2':
m = Machine()
m.ad_id = self.adn[machine['Properties']['domain']]
#m.dn = machine['Properties']['distinguishedname']
m.canLogon = machine['Properties'].get('enabled')
m.lastLogonTimestamp = convert_to_dt(
machine['Properties'].get('lastlogontimestamp'))
m.pwdLastSet = convert_to_dt(
machine['Properties'].get('pwdlastset'))
m.operatingSystem = machine['Properties'].get(
'operatingsystem')
m.dNSHostName = machine['Name']
m.cn = machine['Name'].split('.', 1)[0]
m.name = m.cn
m.sAMAccountName = machine['Name'].split('.', 1)[0] + '$'
m.objectSid = machine['Properties']['objectsid']
m.canLogon = machine['Properties'].get('enabled')
m.UAC_TRUSTED_FOR_DELEGATION = machine['Properties'].get(
'unconstraineddelegation')
m.description = machine['Properties'].get('description')
if machine['Properties'].get('highvalue') is True:
hvt = ADObjProps(self.graphid, m.objectSid, 'HVT')
self.db_session.add(hvt)
#m.operatingSystemVersion = machine['Properties']['operatingsystem']
#not importing [Properties][haslaps] [Properties][serviceprincipalnames]
# [AllowedToDelegate] [AllowedToAct]
else:
m = Machine()
m.ad_id = self.adn[machine['Properties']['domain']]
m.dn = machine['Properties']['distinguishedname']
m.canLogon = machine['Properties']['enabled']
m.lastLogonTimestamp = convert_to_dt(
machine['Properties']['lastlogontimestamp'])
m.pwdLastSet = convert_to_dt(
machine['Properties']['pwdlastset'])
m.operatingSystem = machine['Properties'][
'operatingsystem']
m.dNSHostName = machine['Properties']['name']
m.cn = machine['Properties']['name'].split('.', 1)[0]
m.sAMAccountName = machine['Properties']['name'].split(
'.', 1)[0] + '$'
m.objectSid = machine['Properties']['objectid']
m.description = machine['Properties']['description']
m.UAC_TRUSTED_FOR_DELEGATION = machine['Properties'].get(
'unconstraineddelegation')
#m.operatingSystemVersion = machine['Properties']['operatingsystem']
if machine['Properties'].get('highvalue') is True:
hvt = ADObjProps(self.graphid, m.objectSid, 'HVT')
self.db_session.add(hvt)
if 'serviceprincipalnames' in machine['Properties']:
if len(machine['Properties']
['serviceprincipalnames']) > 0:
m.servicePrincipalName = '|'.join(
machine['Properties']['serviceprincipalnames'])
for spn in machine['Properties'][
'serviceprincipalnames']:
s = BHImport.process_spn(spn, m.objectSid)
self.db_session.add(s)
if 'Sessions' in machine:
for session in machine['Sessions']:
self.add_edge(session['UserId'], 'user',
session['ComputerId'], 'machine',
'hasSession', m.ad_id)
self.add_edge(session['ComputerId'], 'machine',
session['UserId'], 'user',
'hasSession', m.ad_id)
self.db_session.add(s)
#not importing [Properties][haslaps] [AllowedToDelegate] [AllowedToAct]
if 'LocalAdmins' in machine and machine[
'LocalAdmins'] is not None:
for localadmin in machine['LocalAdmins']:
if self.bloodhound_version == '2':
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = self.sid_name_lookup_v2(
localadmin['Name'], localadmin['Type'],
m.ad_id)
s.groupname = 'Administrators'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(localadmin['Type']),
s.machine_sid, 'machine', 'adminTo', m.ad_id)
else:
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = localadmin['MemberId']
s.groupname = 'Administrators'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(
localadmin['MemberType']), s.machine_sid,
'machine', 'adminTo', m.ad_id)
if 'DcomUsers' in machine and machine['DcomUsers'] is not None:
for localadmin in machine['DcomUsers']:
if self.bloodhound_version == '2':
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = self.sid_name_lookup_v2(
localadmin['Name'], localadmin['Type'],
m.ad_id)
s.groupname = 'Distributed COM Users'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(localadmin['Type']),
s.machine_sid, 'machine', 'executeDCOM',
m.ad_id)
else:
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = localadmin['MemberId']
s.groupname = 'Distributed COM Users'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(
localadmin['MemberType']), s.machine_sid,
'machine', 'executeDCOM', m.ad_id)
if 'RemoteDesktopUsers' in machine and machine[
'RemoteDesktopUsers'] is not None:
for localadmin in machine['RemoteDesktopUsers']:
if self.bloodhound_version == '2':
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = self.sid_name_lookup_v2(
localadmin['Name'], localadmin['Type'],
m.ad_id)
s.groupname = 'Remote Desktop Users'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(localadmin['Type']),
s.machine_sid, 'machine', 'canRDP', m.ad_id)
else:
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = localadmin['MemberId']
s.groupname = 'Remote Desktop Users'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(
localadmin['MemberType']), s.machine_sid,
'machine', 'canRDP', m.ad_id)
if 'PSRemoteUsers' in machine:
for localadmin in machine['PSRemoteUsers']:
if self.bloodhound_version == '2':
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = self.sid_name_lookup_v2(
localadmin['Name'], localadmin['Type'],
m.ad_id)
s.groupname = 'Remote Management Users'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(localadmin['Type']),
s.machine_sid, 'machine', 'psremote', m.ad_id)
else:
s = LocalGroup()
s.ad_id = m.ad_id
s.machine_sid = m.objectSid
s.sid = localadmin['MemberId']
s.groupname = 'Remote Management Users'
self.db_session.add(s)
self.add_edge(
s.sid,
BHImport.convert_otype(
localadmin['MemberType']), s.machine_sid,
'machine', 'psremote', m.ad_id)
self.db_session.add(m)
edgeinfo = EdgeLookup(m.ad_id, m.objectSid, 'machine')
self.db_session.add(edgeinfo)
#self.db_session.commit()
if machine['Aces'] is not None:
self.insert_acl(m.objectSid, 'machine', machine['Aces'],
m.ad_id)
except Exception as e:
logger.debug(
'[BHIMPORT] Failed importing machine %s Reason: %s' %
(machine, e))
continue
self.db_session.commit()
def get_all_machines(self): for machine in self.ldap.get_all_machine_objects(): yield (machine, Machine.from_adcomp(machine))