added checks for WriteDacl and WriteProp permissions

FatRodzianko · web-flow · commit ce1de890a4ab · 2020-11-06T14:29:36.000-06:00
diff --git a/Get-RBCD-Threaded/Program.cs b/Get-RBCD-Threaded/Program.cs
@@ -514,6 +514,26 @@ public static void Get_RBCD_ACLs(List<SearchResult> resultList, List<rbcd> rbcdL
                             rbcdList.Add(new rbcd(objectSid.SamAccountName, objectSid.DomainName, hostname, "WriteOwner"));
                         }
                     }
+                    else if (adRule.ActiveDirectoryRights.ToString().Contains("WriteDacl"))
+                    {
+                        if (allSids.Contains(sid) && sid != computerSid)
+                        {
+                            var objectSid = sidMapList.FirstOrDefault(o => o.ObjectSID == sid);
+                            rbcdList.Add(new rbcd(objectSid.SamAccountName, objectSid.DomainName, hostname, "WriteDacl"));
+                        }
+                    }
+                    else if (adRule.ActiveDirectoryRights.ToString().Contains("WriteProp"))
+                    {
+                        if (adRule.ObjectType.ToString().Contains("3f78c3e5-f79a-46bd-a0b8-9d18116ddc79"))
+                        {
+                            if (allSids.Contains(sid) && sid != computerSid)
+                            {
+                                var objectSid = sidMapList.FirstOrDefault(o => o.ObjectSID == sid);
+                                rbcdList.Add(new rbcd(objectSid.SamAccountName, objectSid.DomainName, hostname, "WriteProp"));
+                            }
+                        }
+                        
+                    }
 
                 }
 
