mirror of
https://github.com/rapid7/metasploit-payloads
synced 2025-03-24 18:16:24 +01:00
Final tweaks to adsi
This commit is contained in:
OJ
Brent Cook
parent
76a492ab56
commit
061439edb2
@ -202,7 +202,7 @@ DWORD domain_query(LPCWSTR lpwDomain, LPWSTR lpwFilter, LPWSTR* lpwQueryCols,
|
|||||||
case ADSTYPE_LARGE_INTEGER:
|
case ADSTYPE_LARGE_INTEGER:
|
||||||
{
|
{
|
||||||
packet_add_tlv_qword(pGroup, TLV_TYPE_EXT_ADSI_BIGNUMBER, col.pADsValues->LargeInteger.QuadPart);
|
packet_add_tlv_qword(pGroup, TLV_TYPE_EXT_ADSI_BIGNUMBER, col.pADsValues->LargeInteger.QuadPart);
|
||||||
dprintf("[ADSI] Adding large int value %ull", (UINT)col.pADsValues->LargeInteger.QuadPart);
|
dprintf("[ADSI] Adding large int value %lld", (UINT)col.pADsValues->LargeInteger.QuadPart);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case ADSTYPE_INTEGER:
|
case ADSTYPE_INTEGER:
|
||||||
@ -213,46 +213,49 @@ DWORD domain_query(LPCWSTR lpwDomain, LPWSTR lpwFilter, LPWSTR* lpwQueryCols,
|
|||||||
}
|
}
|
||||||
case ADSTYPE_DN_STRING:
|
case ADSTYPE_DN_STRING:
|
||||||
{
|
{
|
||||||
|
dprintf("[EXTAPI ADSI] DN String: %S", col.pADsValues->DNString);
|
||||||
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, col.pADsValues->DNString);
|
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, col.pADsValues->DNString);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case ADSTYPE_PRINTABLE_STRING:
|
case ADSTYPE_PRINTABLE_STRING:
|
||||||
{
|
{
|
||||||
|
dprintf("[EXTAPI ADSI] Printable String: %S", col.pADsValues->PrintableString);
|
||||||
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, col.pADsValues->PrintableString);
|
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, col.pADsValues->PrintableString);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case ADSTYPE_NUMERIC_STRING:
|
case ADSTYPE_NUMERIC_STRING:
|
||||||
{
|
{
|
||||||
|
dprintf("[EXTAPI ADSI] Numeric String: %S", col.pADsValues->NumericString);
|
||||||
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, col.pADsValues->NumericString);
|
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, col.pADsValues->NumericString);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case ADSTYPE_CASE_EXACT_STRING:
|
case ADSTYPE_CASE_EXACT_STRING:
|
||||||
{
|
{
|
||||||
|
dprintf("[EXTAPI ADSI] Case Extact String: %S", col.pADsValues->CaseExactString);
|
||||||
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, col.pADsValues->CaseExactString);
|
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, col.pADsValues->CaseExactString);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case ADSTYPE_CASE_IGNORE_STRING:
|
case ADSTYPE_CASE_IGNORE_STRING:
|
||||||
{
|
{
|
||||||
|
dprintf("[EXTAPI ADSI] Case Ignore String: %S", col.pADsValues->CaseIgnoreString);
|
||||||
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, col.pADsValues->CaseIgnoreString);
|
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, col.pADsValues->CaseIgnoreString);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case ADSTYPE_BOOLEAN:
|
case ADSTYPE_BOOLEAN:
|
||||||
{
|
{
|
||||||
|
dprintf("[EXTAPI ADSI] Boolean");
|
||||||
packet_add_tlv_bool(pGroup, TLV_TYPE_EXT_ADSI_BOOL, col.pADsValues->Boolean == 0 ? FALSE : TRUE);
|
packet_add_tlv_bool(pGroup, TLV_TYPE_EXT_ADSI_BOOL, col.pADsValues->Boolean == 0 ? FALSE : TRUE);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case ADSTYPE_OCTET_STRING:
|
case ADSTYPE_OCTET_STRING:
|
||||||
{
|
{
|
||||||
char* s = bytes_to_string(col.pADsValues->OctetString.lpValue, col.pADsValues->OctetString.dwLength);
|
dprintf("[EXTAPI ADSI] Octet string");
|
||||||
if (s)
|
packet_add_tlv_raw(pGroup, TLV_TYPE_EXT_ADSI_RAW, col.pADsValues->OctetString.lpValue, col.pADsValues->OctetString.dwLength);
|
||||||
{
|
|
||||||
packet_add_tlv_string(pGroup, TLV_TYPE_EXT_ADSI_STRING, s);
|
|
||||||
free(s);
|
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case ADSTYPE_UTC_TIME:
|
case ADSTYPE_UTC_TIME:
|
||||||
{
|
{
|
||||||
|
dprintf("[EXTAPI ADSI] UTC time");
|
||||||
SYSTEMTIME* pt = &col.pADsValues->UTCTime;
|
SYSTEMTIME* pt = &col.pADsValues->UTCTime;
|
||||||
sprintf_s(value, VALUE_SIZE, "%4u-%02u-%02u %02u:%02u:%02u.%03u",
|
sprintf_s(value, VALUE_SIZE, "%4u-%02u-%02u %02u:%02u:%02u.%03u",
|
||||||
pt->wYear, pt->wMonth, pt->wDay, pt->wHour, pt->wMinute, pt->wSecond, pt->wMilliseconds);
|
pt->wYear, pt->wMonth, pt->wDay, pt->wHour, pt->wMinute, pt->wSecond, pt->wMilliseconds);
|
||||||
@ -261,12 +264,8 @@ DWORD domain_query(LPCWSTR lpwDomain, LPWSTR lpwFilter, LPWSTR* lpwQueryCols,
|
|||||||
}
|
}
|
||||||
case ADSTYPE_PROV_SPECIFIC:
|
case ADSTYPE_PROV_SPECIFIC:
|
||||||
{
|
{
|
||||||
char* s = bytes_to_string(col.pADsValues->ProviderSpecific.lpValue, col.pADsValues->ProviderSpecific.dwLength);
|
dprintf("[EXTAPI ADSI] Provider specific");
|
||||||
if (s)
|
packet_add_tlv_raw(pGroup, TLV_TYPE_EXT_ADSI_RAW, col.pADsValues->ProviderSpecific.lpValue, col.pADsValues->ProviderSpecific.dwLength);
|
||||||
{
|
|
||||||
packet_add_tlv_string(pGroup, TLV_TYPE_EXT_ADSI_STRING, s);
|
|
||||||
free(s);
|
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case ADSTYPE_OBJECT_CLASS:
|
case ADSTYPE_OBJECT_CLASS:
|
||||||
@ -280,6 +279,8 @@ DWORD domain_query(LPCWSTR lpwDomain, LPWSTR lpwFilter, LPWSTR* lpwQueryCols,
|
|||||||
Packet* pStrings = packet_create_group();
|
Packet* pStrings = packet_create_group();
|
||||||
PADS_CASEIGNORE_LIST list = col.pADsValues->pCaseIgnoreList;
|
PADS_CASEIGNORE_LIST list = col.pADsValues->pCaseIgnoreList;
|
||||||
|
|
||||||
|
dprintf("[EXTAPI ADSI] Case Ignore List");
|
||||||
|
|
||||||
while (list != NULL)
|
while (list != NULL)
|
||||||
{
|
{
|
||||||
packet_add_tlv_wstring(pStrings, TLV_TYPE_EXT_ADSI_STRING, list->String);
|
packet_add_tlv_wstring(pStrings, TLV_TYPE_EXT_ADSI_STRING, list->String);
|
||||||
@ -294,7 +295,7 @@ DWORD domain_query(LPCWSTR lpwDomain, LPWSTR lpwFilter, LPWSTR* lpwQueryCols,
|
|||||||
PADS_PATH path = col.pADsValues->pPath;
|
PADS_PATH path = col.pADsValues->pPath;
|
||||||
Packet* pPathGroup = packet_create_group();
|
Packet* pPathGroup = packet_create_group();
|
||||||
|
|
||||||
sprintf_s(value, VALUE_SIZE, "Vol: %S, Path: %S, Type: %u", path->VolumeName, path->Path, path->Type);
|
dprintf("[EXTAPI ADSI] PATH");
|
||||||
|
|
||||||
packet_add_tlv_wstring(pPathGroup, TLV_TYPE_EXT_ADSI_PATH_VOL, path->VolumeName);
|
packet_add_tlv_wstring(pPathGroup, TLV_TYPE_EXT_ADSI_PATH_VOL, path->VolumeName);
|
||||||
packet_add_tlv_wstring(pPathGroup, TLV_TYPE_EXT_ADSI_PATH_PATH, path->Path);
|
packet_add_tlv_wstring(pPathGroup, TLV_TYPE_EXT_ADSI_PATH_PATH, path->Path);
|
||||||
@ -318,24 +319,29 @@ DWORD domain_query(LPCWSTR lpwDomain, LPWSTR lpwFilter, LPWSTR* lpwQueryCols,
|
|||||||
packet_add_tlv_wstring(pAddressGroup, TLV_TYPE_EXT_ADSI_STRING, addr->PostalAddress[i]);
|
packet_add_tlv_wstring(pAddressGroup, TLV_TYPE_EXT_ADSI_STRING, addr->PostalAddress[i]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
dprintf("[EXTAPI ADSI] postal address list");
|
||||||
|
|
||||||
packet_add_group(pGroup, TLV_TYPE_EXT_ADSI_ARRAY, pAddressGroup);
|
packet_add_group(pGroup, TLV_TYPE_EXT_ADSI_ARRAY, pAddressGroup);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case ADSTYPE_TIMESTAMP:
|
case ADSTYPE_TIMESTAMP:
|
||||||
{
|
{
|
||||||
ADS_TIMESTAMP* pts = &col.pADsValues->Timestamp;
|
ADS_TIMESTAMP* pts = &col.pADsValues->Timestamp;
|
||||||
|
dprintf("[EXTAPI ADSI] timestamp");
|
||||||
packet_add_tlv_uint(pGroup, TLV_TYPE_EXT_ADSI_NUMBER, pts->WholeSeconds);
|
packet_add_tlv_uint(pGroup, TLV_TYPE_EXT_ADSI_NUMBER, pts->WholeSeconds);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case ADSTYPE_BACKLINK:
|
case ADSTYPE_BACKLINK:
|
||||||
{
|
{
|
||||||
ADS_BACKLINK* pbl = &col.pADsValues->BackLink;
|
ADS_BACKLINK* pbl = &col.pADsValues->BackLink;
|
||||||
|
dprintf("[EXTAPI ADSI] backlink");
|
||||||
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, pbl->ObjectName);
|
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, pbl->ObjectName);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case ADSTYPE_TYPEDNAME:
|
case ADSTYPE_TYPEDNAME:
|
||||||
{
|
{
|
||||||
PADS_TYPEDNAME ptn = col.pADsValues->pTypedName;
|
PADS_TYPEDNAME ptn = col.pADsValues->pTypedName;
|
||||||
|
dprintf("[EXTAPI ADSI] typed name");
|
||||||
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, ptn->ObjectName);
|
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, ptn->ObjectName);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -343,17 +349,23 @@ DWORD domain_query(LPCWSTR lpwDomain, LPWSTR lpwFilter, LPWSTR* lpwQueryCols,
|
|||||||
{
|
{
|
||||||
PADS_NETADDRESS pna = col.pADsValues->pNetAddress;
|
PADS_NETADDRESS pna = col.pADsValues->pNetAddress;
|
||||||
// IP address octects won't be bigger than 3 chars (given that we can only have 255 as a max value
|
// IP address octects won't be bigger than 3 chars (given that we can only have 255 as a max value
|
||||||
|
// TODO: handle IPv6?
|
||||||
char* s = bytes_to_string(pna->Address, pna->AddressLength, "%u", 3, ".");
|
char* s = bytes_to_string(pna->Address, pna->AddressLength, "%u", 3, ".");
|
||||||
if (s)
|
if (s)
|
||||||
{
|
{
|
||||||
packet_add_tlv_string(pGroup, TLV_TYPE_EXT_ADSI_STRING, s);
|
packet_add_tlv_string(pGroup, TLV_TYPE_EXT_ADSI_STRING, s);
|
||||||
free(s);
|
free(s);
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
packet_add_tlv_raw(pGroup, TLV_TYPE_EXT_ADSI_RAW, pna->Address, pna->AddressLength);
|
||||||
|
}
|
||||||
dprintf("[ADSI] %u network address of %u bytes added", pna->AddressType, pna->AddressLength);
|
dprintf("[ADSI] %u network address of %u bytes added", pna->AddressType, pna->AddressLength);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case ADSTYPE_EMAIL:
|
case ADSTYPE_EMAIL:
|
||||||
{
|
{
|
||||||
|
dprintf("[EXTAPI ADSI] email");
|
||||||
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, col.pADsValues->Email.Address);
|
packet_add_tlv_wstring(pGroup, TLV_TYPE_EXT_ADSI_STRING, col.pADsValues->Email.Address);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -369,12 +381,8 @@ DWORD domain_query(LPCWSTR lpwDomain, LPWSTR lpwFilter, LPWSTR* lpwQueryCols,
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
s = bytes_to_string(psd->lpValue, psd->dwLength);
|
dprintf("[EXTAPI ADSI] byte SID");
|
||||||
if (s)
|
packet_add_tlv_raw(pGroup, TLV_TYPE_EXT_ADSI_RAW, psd->lpValue, psd->dwLength);
|
||||||
{
|
|
||||||
packet_add_tlv_string(pGroup, TLV_TYPE_EXT_ADSI_STRING, s);
|
|
||||||
free(s);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -383,6 +391,8 @@ DWORD domain_query(LPCWSTR lpwDomain, LPWSTR lpwFilter, LPWSTR* lpwQueryCols,
|
|||||||
Packet* pDnGroup = packet_create_group();
|
Packet* pDnGroup = packet_create_group();
|
||||||
PADS_DN_WITH_BINARY pdb = col.pADsValues->pDNWithBinary;
|
PADS_DN_WITH_BINARY pdb = col.pADsValues->pDNWithBinary;
|
||||||
|
|
||||||
|
dprintf("[ADSI] DN with string");
|
||||||
|
|
||||||
packet_add_tlv_wstring(pDnGroup, TLV_TYPE_EXT_ADSI_STRING, pdb->pszDNString);
|
packet_add_tlv_wstring(pDnGroup, TLV_TYPE_EXT_ADSI_STRING, pdb->pszDNString);
|
||||||
packet_add_tlv_raw(pDnGroup, TLV_TYPE_EXT_ADSI_RAW, pdb->lpBinaryValue, pdb->dwLength);
|
packet_add_tlv_raw(pDnGroup, TLV_TYPE_EXT_ADSI_RAW, pdb->lpBinaryValue, pdb->dwLength);
|
||||||
packet_add_group(pGroup, TLV_TYPE_EXT_ADSI_DN, pDnGroup);
|
packet_add_group(pGroup, TLV_TYPE_EXT_ADSI_DN, pDnGroup);
|
||||||
@ -394,6 +404,8 @@ DWORD domain_query(LPCWSTR lpwDomain, LPWSTR lpwFilter, LPWSTR* lpwQueryCols,
|
|||||||
Packet* pDnGroup = packet_create_group();
|
Packet* pDnGroup = packet_create_group();
|
||||||
PADS_DN_WITH_STRING pds = col.pADsValues->pDNWithString;
|
PADS_DN_WITH_STRING pds = col.pADsValues->pDNWithString;
|
||||||
|
|
||||||
|
dprintf("[ADSI] DN with string");
|
||||||
|
|
||||||
packet_add_tlv_wstring(pDnGroup, TLV_TYPE_EXT_ADSI_STRING, pds->pszDNString);
|
packet_add_tlv_wstring(pDnGroup, TLV_TYPE_EXT_ADSI_STRING, pds->pszDNString);
|
||||||
packet_add_tlv_wstring(pDnGroup, TLV_TYPE_EXT_ADSI_STRING, pds->pszStringValue);
|
packet_add_tlv_wstring(pDnGroup, TLV_TYPE_EXT_ADSI_STRING, pds->pszStringValue);
|
||||||
packet_add_group(pGroup, TLV_TYPE_EXT_ADSI_DN, pDnGroup);
|
packet_add_group(pGroup, TLV_TYPE_EXT_ADSI_DN, pDnGroup);
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user