Merge pull request #41 from BloodHoundAD/rpc_lib

Implement RPC library

SharpHoundCommon.sln

@@ -1,12 +1,14 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
-# 
+#
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SharpHoundCommonLib", "src\CommonLib\SharpHoundCommonLib.csproj", "{88EB8B09-EB8A-4E59-BBF7-CA5374DFA9EB}"
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "CommonLibTest", "test\unit\CommonLibTest.csproj", "{F1E060CB-58D0-42A7-9BBC-E08C6FD5DD43}"
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Docfx", "docfx\Docfx.csproj", "{BD8C7EB8-F357-4499-8C08-76B42F600076}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SharpHoundRPC", "src\SharpHoundRPC\SharpHoundRPC.csproj", "{4F06116D-88A7-4601-AB28-B48F2857D458}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -25,5 +27,9 @@ Global
 		{BD8C7EB8-F357-4499-8C08-76B42F600076}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{BD8C7EB8-F357-4499-8C08-76B42F600076}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{BD8C7EB8-F357-4499-8C08-76B42F600076}.Release|Any CPU.Build.0 = Release|Any CPU
+		{4F06116D-88A7-4601-AB28-B48F2857D458}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{4F06116D-88A7-4601-AB28-B48F2857D458}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{4F06116D-88A7-4601-AB28-B48F2857D458}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{4F06116D-88A7-4601-AB28-B48F2857D458}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 EndGlobal

src/CommonLib/Cache.cs

@@ -4,26 +4,38 @@
 
 namespace SharpHoundCommonLib
 {
+    [DataContract]
     public class Cache
     {
-        [DataMember] private ConcurrentDictionary<string, string[]> _globalCatalogCache;
+        //Leave these here until we switch back to Newtonsoft which doesn't suck
+        // [DataMember]private ConcurrentDictionary<string, string[]> _globalCatalogCache;
+        //
+        // [DataMember]private ConcurrentDictionary<string, Label> _idToTypeCache;
+        //
+        // [DataMember]private ConcurrentDictionary<string, string> _machineSidCache;
+        //
+        // [DataMember]private ConcurrentDictionary<string, string> _sidToDomainCache;
+        //
+        // [DataMember]private ConcurrentDictionary<string, string> _valueToIDCache;
 
-        [DataMember] private ConcurrentDictionary<string, Label> _idToTypeCache;
+        private Cache()
+        {
+            ValueToIdCache = new ConcurrentDictionary<string, string>();
+            IdToTypeCache = new ConcurrentDictionary<string, Label>();
+            GlobalCatalogCache = new ConcurrentDictionary<string, string[]>();
+            MachineSidCache = new ConcurrentDictionary<string, string>();
+            SIDToDomainCache = new ConcurrentDictionary<string, string>();
+        }
 
-        [DataMember] private ConcurrentDictionary<string, string> _machineSidCache;
+        [DataMember] public ConcurrentDictionary<string, string[]> GlobalCatalogCache { get; private set; }
 
-        [DataMember] private ConcurrentDictionary<string, string> _sidToDomainCache;
+        [DataMember] public ConcurrentDictionary<string, Label> IdToTypeCache { get; private set; }
 
-        [DataMember] private ConcurrentDictionary<string, string> _valueToIDCache;
+        [DataMember] public ConcurrentDictionary<string, string> MachineSidCache { get; private set; }
 
-        private Cache()
-        {
-            _valueToIDCache = new ConcurrentDictionary<string, string>();
-            _idToTypeCache = new ConcurrentDictionary<string, Label>();
-            _globalCatalogCache = new ConcurrentDictionary<string, string[]>();
-            _machineSidCache = new ConcurrentDictionary<string, string>();
-            _sidToDomainCache = new ConcurrentDictionary<string, string>();
-        }
+        [DataMember] public ConcurrentDictionary<string, string> SIDToDomainCache { get; private set; }
+
+        [DataMember] public ConcurrentDictionary<string, string> ValueToIdCache { get; private set; }
 
         [IgnoreDataMember] private static Cache CacheInstance { get; set; }
 
@@ -34,7 +46,7 @@ private Cache()
         /// <param name="value"></param>
         internal static void AddSidToDomain(string key, string value)
         {
-            CacheInstance?._sidToDomainCache.TryAdd(key, value);
+            CacheInstance?.SIDToDomainCache.TryAdd(key, value);
         }
 
         /// <summary>
@@ -45,7 +57,7 @@ internal static void AddSidToDomain(string key, string value)
         /// <returns></returns>
         internal static bool GetDomainSidMapping(string key, out string value)
         {
-            if (CacheInstance != null) return CacheInstance._machineSidCache.TryGetValue(key, out value);
+            if (CacheInstance != null) return CacheInstance.MachineSidCache.TryGetValue(key, out value);
             value = null;
             return false;
         }
@@ -57,61 +69,61 @@ internal static bool GetDomainSidMapping(string key, out string value)
         /// <param name="value"></param>
         internal static void AddMachineSid(string key, string value)
         {
-            CacheInstance?._machineSidCache.TryAdd(key, value);
+            CacheInstance?.MachineSidCache.TryAdd(key, value);
         }
 
         internal static bool GetMachineSid(string key, out string value)
         {
-            if (CacheInstance != null) return CacheInstance._machineSidCache.TryGetValue(key, out value);
+            if (CacheInstance != null) return CacheInstance.MachineSidCache.TryGetValue(key, out value);
             value = null;
             return false;
         }
 
         internal static void AddConvertedValue(string key, string value)
         {
-            CacheInstance?._valueToIDCache.TryAdd(key, value);
+            CacheInstance?.ValueToIdCache.TryAdd(key, value);
         }
 
         internal static void AddPrefixedValue(string key, string domain, string value)
         {
-            CacheInstance?._valueToIDCache.TryAdd(GetPrefixKey(key, domain), value);
+            CacheInstance?.ValueToIdCache.TryAdd(GetPrefixKey(key, domain), value);
         }
 
         internal static void AddType(string key, Label value)
         {
-            CacheInstance?._idToTypeCache.TryAdd(key, value);
+            CacheInstance?.IdToTypeCache.TryAdd(key, value);
         }
 
         internal static void AddGCCache(string key, string[] value)
         {
-            CacheInstance?._globalCatalogCache?.TryAdd(key, value);
+            CacheInstance?.GlobalCatalogCache?.TryAdd(key, value);
         }
 
         internal static bool GetGCCache(string key, out string[] value)
         {
-            if (CacheInstance != null) return CacheInstance._globalCatalogCache.TryGetValue(key, out value);
+            if (CacheInstance != null) return CacheInstance.GlobalCatalogCache.TryGetValue(key, out value);
             value = null;
             return false;
         }
 
         internal static bool GetConvertedValue(string key, out string value)
         {
-            if (CacheInstance != null) return CacheInstance._valueToIDCache.TryGetValue(key, out value);
+            if (CacheInstance != null) return CacheInstance.ValueToIdCache.TryGetValue(key, out value);
             value = null;
             return false;
         }
 
         internal static bool GetPrefixedValue(string key, string domain, out string value)
         {
             if (CacheInstance != null)
-                return CacheInstance._valueToIDCache.TryGetValue(GetPrefixKey(key, domain), out value);
+                return CacheInstance.ValueToIdCache.TryGetValue(GetPrefixKey(key, domain), out value);
             value = null;
             return false;
         }
 
         internal static bool GetIDType(string key, out Label value)
         {
-            if (CacheInstance != null) return CacheInstance._idToTypeCache.TryGetValue(key, out value);
+            if (CacheInstance != null) return CacheInstance.IdToTypeCache.TryGetValue(key, out value);
             value = Label.Base;
             return false;
         }
@@ -149,7 +161,7 @@ public string GetCacheStats()
             try
             {
                 return
-                    $"{_idToTypeCache.Count} ID to type mappings.\n {_valueToIDCache.Count} name to SID mappings.\n {_machineSidCache.Count} machine sid mappings.\n {_sidToDomainCache.Count} sid to domain mappings.\n {_globalCatalogCache.Count} global catalog mappings.";
+                    $"{IdToTypeCache.Count} ID to type mappings.\n {ValueToIdCache.Count} name to SID mappings.\n {MachineSidCache.Count} machine sid mappings.\n {SIDToDomainCache.Count} sid to domain mappings.\n {GlobalCatalogCache.Count} global catalog mappings.";
             }
             catch
             {
@@ -169,11 +181,11 @@ public static Cache GetCacheInstance()
         private static void CreateMissingDictionaries()
         {
             CacheInstance ??= new Cache();
-            CacheInstance._idToTypeCache ??= new ConcurrentDictionary<string, Label>();
-            CacheInstance._globalCatalogCache ??= new ConcurrentDictionary<string, string[]>();
-            CacheInstance._machineSidCache ??= new ConcurrentDictionary<string, string>();
-            CacheInstance._sidToDomainCache ??= new ConcurrentDictionary<string, string>();
-            CacheInstance._valueToIDCache ??= new ConcurrentDictionary<string, string>();
+            CacheInstance.IdToTypeCache ??= new ConcurrentDictionary<string, Label>();
+            CacheInstance.GlobalCatalogCache ??= new ConcurrentDictionary<string, string[]>();
+            CacheInstance.MachineSidCache ??= new ConcurrentDictionary<string, string>();
+            CacheInstance.SIDToDomainCache ??= new ConcurrentDictionary<string, string>();
+            CacheInstance.ValueToIdCache ??= new ConcurrentDictionary<string, string>();
         }
     }
 }

src/CommonLib/Enums/CollectionMethods.cs

@@ -21,10 +21,11 @@ public enum ResolvedCollectionMethod
         DCOM = 1 << 12,
         SPNTargets = 1 << 13,
         PSRemote = 1 << 14,
+        UserRights = 1 << 15,
         LocalGroups = DCOM | RDP | LocalAdmin | PSRemote,
-        ComputerOnly = LocalGroups | Session,
+        ComputerOnly = LocalGroups | Session | UserRights,
         DCOnly = ACL | Container | Group | ObjectProps | Trusts | GPOLocalGroup,
         Default = Group | Session | Trusts | ACL | ObjectProps | LocalGroups | SPNTargets | Container,
-        All = Default | LoggedOn | GPOLocalGroup
+        All = Default | LoggedOn | GPOLocalGroup | UserRights
     }
 }

src/CommonLib/Exceptions/SharpHoundCommonException.cs → src/CommonLib/Exceptions/LDAPQueryException.cs

@@ -4,8 +4,16 @@ namespace SharpHoundCommonLib.Exceptions
 {
     public class LDAPQueryException : Exception
     {
-        public LDAPQueryException() { }
-        public LDAPQueryException(string message) : base(message) { }
-        public LDAPQueryException(string message, Exception inner) : base(message, inner) { }
+        public LDAPQueryException()
+        {
+        }
+
+        public LDAPQueryException(string message) : base(message)
+        {
+        }
+
+        public LDAPQueryException(string message, Exception inner) : base(message, inner)
+        {
+        }
     }
-}
+}

src/CommonLib/LDAPProperties.cs

@@ -45,5 +45,6 @@ public class LDAPProperties
         public const string UnixUserPassword = "unixuserpassword";
         public const string UnicodePassword = "unicodepwd";
         public const string MsSFU30Password = "msSFU30Password";
+        public const string ScriptPath = "scriptpath";
     }
 }

src/CommonLib/LDAPQueries/CommonProperties.cs

@@ -11,7 +11,7 @@ public static class CommonProperties
 
         public static readonly string[] BaseQueryProps =
         {
-            "objectsid", "distiguishedname", "objectguid", "ms-mcs-admpwdexpirationtime", "isDeleted",
+            "objectsid", "distinguishedname", "objectguid", "ms-mcs-admpwdexpirationtime", "isDeleted",
             "useraccountcontrol"
         };