def _get_members(_groupname=str(), _sid=str()): try: if _groupname: groups = self.get_netgroup(queried_groupname=_groupname, queried_domain=queried_domain, full_data=True) else: if _sid: queried_sid = _sid else: with pywerview.functions.misc.Misc( self._domain_controller, self._domain, self._user, self._password, self._lmhash, self._nthash) as misc_requester: queried_sid = misc_requester.get_domainsid( queried_domain) + '-512' groups = self.get_netgroup(queried_sid=queried_sid, queried_domain=queried_domain, full_data=True) except IndexError: raise ValueError( 'The group {} was not found'.format(_groupname)) final_members = list() for group in groups: members = list() if recurse and use_matching_rule: group_memberof_filter = '(&(samAccountType=805306368)(memberof:1.2.840.113556.1.4.1941:={}){})'.format( group.distinguishedname, custom_filter) members = self.get_netuser( custom_filter=group_memberof_filter, queried_domain=queried_domain) else: # TODO: range cycling try: for member in group.member: dn_filter = '(distinguishedname={}){}'.format( member, custom_filter) members += self.get_netuser( custom_filter=dn_filter, queried_domain=queried_domain) members += self.get_netgroup( custom_filter=dn_filter, queried_domain=queried_domain, full_data=True) # The group doesn't have any members except AttributeError: continue for member in members: if full_data: final_member = member else: final_member = adobj.ADObject(list()) member_dn = member.distinguishedname try: member_domain = member_dn[member_dn. index('DC='):].replace( 'DC=', '').replace(',', '.') except IndexError: member_domain = str() is_group = (member.samaccounttype != '805306368') attributes = list() if queried_domain: attributes.append({ 'type': 'groupdomain', 'vals': [queried_domain] }) else: attributes.append({ 'type': 'groupdomain', 'vals': [self._domain] }) attributes.append({ 'type': 'groupname', 'vals': [group.name] }) attributes.append({ 'type': 'membername', 'vals': [member.samaccountname] }) attributes.append({ 'type': 'memberdomain', 'vals': [member_domain] }) attributes.append({'type': 'isgroup', 'vals': [is_group]}) attributes.append({ 'type': 'memberdn', 'vals': [member_dn] }) attributes.append({ 'type': 'membersid', 'vals': [member.objectsid] }) final_member.add_attributes(attributes) final_members.append(final_member) return final_members
def _get_members(_groupname=str(), _sid=str()): try: # `--groupname` option is supplied if _groupname: groups = self.get_netgroup(queried_groupname=_groupname, queried_domain=queried_domain, full_data=True) # `--groupname` option is missing, falling back to the "Domain Admins" else: if _sid: queried_sid = _sid else: with pywerview.functions.misc.Misc(self._domain_controller, self._domain, self._user, self._password, self._lmhash, self._nthash) as misc_requester: queried_sid = misc_requester.get_domainsid(queried_domain) + '-512' groups = self.get_netgroup(queried_sid=queried_sid, queried_domain=queried_domain, full_data=True) except IndexError: raise ValueError('The group {} was not found'.format(_groupname)) final_members = list() for group in groups: members = list() if recurse and use_matching_rule: group_memberof_filter = '(&(samAccountType=805306368)(memberof:1.2.840.113556.1.4.1941:={}){})'.format(group.distinguishedname, custom_filter) members = self.get_netuser(custom_filter=group_memberof_filter, queried_domain=queried_domain) else: # TODO: range cycling try: for member in group.member: # RFC 4515, section 3 member = escape_filter_chars(member, encoding='utf-8') dn_filter = '(distinguishedname={}){}'.format(member, custom_filter) members += self.get_netuser(custom_filter=dn_filter, queried_domain=queried_domain) members += self.get_netgroup(custom_filter=dn_filter, queried_domain=queried_domain, full_data=True) # The group doesn't have any members except AttributeError: continue for member in members: if full_data: final_member = member else: final_member = adobj.ADObject(list()) member_dn = member.distinguishedname try: member_domain = member_dn[member_dn.index('DC='):].replace('DC=', '').replace(',', '.') except IndexError: member_domain = str() is_group = (member.samaccounttype != '805306368') attributes = dict() if queried_domain: attributes['groupdomain'] = queried_domain else: attributes['groupdomain'] = self._domain attributes['groupname'] = group.name attributes['membername'] = member.samaccountname attributes['memberdomain'] = member_domain attributes['isgroup'] = is_group attributes['memberdn'] = member_dn attributes['membersid'] = member.objectsid final_member.add_attributes(attributes) final_members.append(final_member) return final_members