Skip to content

Commit f6ec84a

Browse files
p0daliriusp0dalirius
committed
Migrated to TheManticoreProject, relase v1.3.1
1 parent e0e64c4 commit f6ec84a

File tree

4 files changed

+345
-1
lines changed

4 files changed

+345
-1
lines changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -79,7 +79,7 @@ Usage: DescribeNTSecurityDescriptor [--debug] [--domain <string>] [--username <s
7979
## Demonstration with a `--value-hex`
8080

8181
```bash
82-
./DescribeNTSecurityDescriptor --username "Administrator" --domain "LAB.local" --password "Admin123!" --dc-ip "10.0.0.201" --debug --value-hex "0100149ccc000000e800000014000000a000000004008c00030000000240140020000c00010100000000000100000000075a38002000000003000000be3b0ef3f09fd111b6030000f80367c1a57a96bfe60dd011a28500aa003049e2010100000000000100000000075a38002000000003000000bf3b0ef3f09fd111b6030000f80367c1a57a96bfe60dd011a28500aa003049e201010000000000010000000002002c000100000000002400ff010f0001050000000000051500000028bb82279261b9fe2474aa5d0002000001050000000000051500000028bb82279261b9fe2474aa5d0002000001050000000000051500000028bb82279261b9fe20"
82+
./DescribeNTSecurityDescriptor --username "Administrator" --domain "LAB.local" --password "Admin123!" --dc-ip "10.0.0.201" --debug --value-hex "0100149ccc000000e800000014000000a000000004008c00030000000240140020000c00010100000000000100000000075a38002000000003000000be3b0ef3f09fd111b6030000f80367c1a57a96bfe60dd011a28500aa003049e2010100000000000100000000075a38002000000003000000bf3b0ef3f09fd111b6030000f80367c1a57a96bfe60dd011a28500aa003049e201010000000000010000000002002c000100000000002400ff010f0001050000000000051500000028bb82279261b9fe2474aa5d0002000001050000000000051500000028bb82279261b9fe2474aa5d0002000001050000000000051500000028bb82279261b9fe2000000"
8383
```
8484

8585
![](./.github/example_value.png)

go.mod

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
module github.com/TheManticoreProject/DescribeNTSecurityDescriptor
2+
3+
go 1.24.0
4+
5+
require (
6+
github.com/TheManticoreProject/Manticore v1.0.1
7+
github.com/TheManticoreProject/goopts v1.2.1
8+
github.com/TheManticoreProject/winacl v1.2.11
9+
)
10+
11+
require (
12+
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
13+
github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa // indirect
14+
github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 // indirect
15+
github.com/go-ldap/ldap/v3 v3.4.11 // indirect
16+
github.com/google/uuid v1.6.0 // indirect
17+
github.com/hashicorp/go-uuid v1.0.3 // indirect
18+
github.com/jcmturner/aescts/v2 v2.0.0 // indirect
19+
github.com/jcmturner/dnsutils/v2 v2.0.0 // indirect
20+
github.com/jcmturner/gofork v1.7.6 // indirect
21+
github.com/jcmturner/goidentity/v6 v6.0.1 // indirect
22+
github.com/jcmturner/gokrb5/v8 v8.4.4 // indirect
23+
github.com/jcmturner/rpc/v2 v2.0.3 // indirect
24+
golang.org/x/crypto v0.38.0 // indirect
25+
golang.org/x/net v0.39.0 // indirect
26+
)

go.sum

Lines changed: 87 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,87 @@
1+
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8=
2+
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU=
3+
github.com/TheManticoreProject/Manticore v1.0.1 h1:b4MFQyiDrnADDFfu0bwAoVmgMEegd9nyMk6bCQUGaj0=
4+
github.com/TheManticoreProject/Manticore v1.0.1/go.mod h1:2YzwHihKSODuo1YP0UuHL/AgcwkQLtc5j/ihuvke4/k=
5+
github.com/TheManticoreProject/goopts v1.2.1 h1:/VhIRpQNEvbo01Yi6WHK6KG9SyNVi2yb6AIsOviqJ3Q=
6+
github.com/TheManticoreProject/goopts v1.2.1/go.mod h1:NaM3hXXCeN+x9ZSlkS6Bm8i8Lfqe28/rveBsfrMUrAo=
7+
github.com/TheManticoreProject/winacl v1.2.11 h1:0v1bHqzAYZ4H/mRuO7Agu2Rq+p9QXWs4SC8NI26NTwM=
8+
github.com/TheManticoreProject/winacl v1.2.11/go.mod h1:Xji/qLzY8AkdBNXRgOS7g+UBEuqMQBBZllr+rl7Hzko=
9+
github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa h1:LHTHcTQiSGT7VVbI0o4wBRNQIgn917usHWOd6VAffYI=
10+
github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4=
11+
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
12+
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
13+
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
14+
github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 h1:BP4M0CvQ4S3TGls2FvczZtj5Re/2ZzkV9VwqPHH/3Bo=
15+
github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0=
16+
github.com/go-ldap/ldap/v3 v3.4.11 h1:4k0Yxweg+a3OyBLjdYn5OKglv18JNvfDykSoI8bW0gU=
17+
github.com/go-ldap/ldap/v3 v3.4.11/go.mod h1:bY7t0FLK8OAVpp/vV6sSlpz3EQDGcQwc8pF0ujLgKvM=
18+
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
19+
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
20+
github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=
21+
github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
22+
github.com/gorilla/sessions v1.2.1 h1:DHd3rPN5lE3Ts3D8rKkQ8x/0kqfeNmBAaiSi+o7FsgI=
23+
github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
24+
github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
25+
github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8=
26+
github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
27+
github.com/jcmturner/aescts/v2 v2.0.0 h1:9YKLH6ey7H4eDBXW8khjYslgyqG2xZikXP0EQFKrle8=
28+
github.com/jcmturner/aescts/v2 v2.0.0/go.mod h1:AiaICIRyfYg35RUkr8yESTqvSy7csK90qZ5xfvvsoNs=
29+
github.com/jcmturner/dnsutils/v2 v2.0.0 h1:lltnkeZGL0wILNvrNiVCR6Ro5PGU/SeBvVO/8c/iPbo=
30+
github.com/jcmturner/dnsutils/v2 v2.0.0/go.mod h1:b0TnjGOvI/n42bZa+hmXL+kFJZsFT7G4t3HTlQ184QM=
31+
github.com/jcmturner/gofork v1.7.6 h1:QH0l3hzAU1tfT3rZCnW5zXl+orbkNMMRGJfdJjHVETg=
32+
github.com/jcmturner/gofork v1.7.6/go.mod h1:1622LH6i/EZqLloHfE7IeZ0uEJwMSUyQ/nDd82IeqRo=
33+
github.com/jcmturner/goidentity/v6 v6.0.1 h1:VKnZd2oEIMorCTsFBnJWbExfNN7yZr3EhJAxwOkZg6o=
34+
github.com/jcmturner/goidentity/v6 v6.0.1/go.mod h1:X1YW3bgtvwAXju7V3LCIMpY0Gbxyjn/mY9zx4tFonSg=
35+
github.com/jcmturner/gokrb5/v8 v8.4.4 h1:x1Sv4HaTpepFkXbt2IkL29DXRf8sOfZXo8eRKh687T8=
36+
github.com/jcmturner/gokrb5/v8 v8.4.4/go.mod h1:1btQEpgT6k+unzCwX1KdWMEwPPkkgBtP+F6aCACiMrs=
37+
github.com/jcmturner/rpc/v2 v2.0.3 h1:7FXXj8Ti1IaVFpSAziCZWNzbNuZmnvw/i6CqLNdWfZY=
38+
github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc=
39+
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
40+
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
41+
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
42+
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
43+
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
44+
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
45+
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
46+
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
47+
github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
48+
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
49+
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
50+
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
51+
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
52+
golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
53+
golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8=
54+
golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw=
55+
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
56+
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
57+
golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
58+
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
59+
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
60+
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
61+
golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
62+
golang.org/x/net v0.39.0 h1:ZCu7HMWDxpXpaiKdhzIfaltL9Lp31x/3fCP11bc6/fY=
63+
golang.org/x/net v0.39.0/go.mod h1:X7NRbYVEA+ewNkCNyJ513WmMdQ3BineSwVtN2zD/d+E=
64+
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
65+
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
66+
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
67+
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
68+
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
69+
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
70+
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
71+
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
72+
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
73+
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
74+
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
75+
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
76+
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
77+
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
78+
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
79+
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
80+
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
81+
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
82+
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
83+
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
84+
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
85+
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
86+
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
87+
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

main.go

Lines changed: 231 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,231 @@
1+
package main
2+
3+
import (
4+
"encoding/base64"
5+
"encoding/hex"
6+
"fmt"
7+
"os"
8+
9+
"github.com/TheManticoreProject/Manticore/logger"
10+
"github.com/TheManticoreProject/Manticore/network/ldap"
11+
"github.com/TheManticoreProject/Manticore/windows/credentials"
12+
"github.com/TheManticoreProject/goopts/parser"
13+
"github.com/TheManticoreProject/winacl/securitydescriptor"
14+
)
15+
16+
var (
17+
// Configuration
18+
useLdaps bool
19+
debug bool
20+
21+
// Network settings
22+
domainController string
23+
ldapPort int
24+
25+
// Authentication details
26+
authDomain string
27+
authUsername string
28+
authPassword string
29+
authHashes string
30+
useKerberos bool
31+
32+
// Source values
33+
distinguishedName string
34+
35+
sourceFileHex string
36+
sourceFileBase64 string
37+
sourceFileRaw string
38+
valueHex string
39+
valueBase64 string
40+
)
41+
42+
func parseArgs() {
43+
ap := parser.ArgumentsParser{Banner: "DescribeNTSecurityDescriptor - by Remi GASCOU (Podalirius) @ TheManticoreProject - v1.3.0"}
44+
45+
// Configuration flags
46+
ap.NewBoolArgument(&debug, "-d", "--debug", false, "Debug mode.")
47+
48+
// Source value
49+
group_sourceValues, err := ap.NewRequiredMutuallyExclusiveArgumentGroup("Source Values")
50+
if err != nil {
51+
fmt.Printf("[error] Error creating ArgumentGroup: %s\n", err)
52+
} else {
53+
group_sourceValues.NewStringArgument(&distinguishedName, "-D", "--distinguished-name", "", false, "Distinguished Name.")
54+
// File sources
55+
group_sourceValues.NewStringArgument(&sourceFileHex, "-fh", "--file-hex", "", false, "Path to file containing the hexadecimal string value of NTSecurityDescriptor.")
56+
group_sourceValues.NewStringArgument(&sourceFileBase64, "-fb", "--file-base64", "", false, "Path to file containing the base64 encoded value of NTSecurityDescriptor.")
57+
group_sourceValues.NewStringArgument(&sourceFileRaw, "-fr", "--file-raw", "", false, "Path to file containing the raw binary value of NTSecurityDescriptor.")
58+
// Value sources
59+
group_sourceValues.NewStringArgument(&valueHex, "-vh", "--value-hex", "", false, "Raw hexadecimal string value of NTSecurityDescriptor.")
60+
group_sourceValues.NewStringArgument(&valueBase64, "-vb", "--value-base64", "", false, "Raw base64 encoded value of NTSecurityDescriptor.")
61+
}
62+
63+
group_ldapSettings, err := ap.NewArgumentGroup("LDAP Connection Settings")
64+
if err != nil {
65+
fmt.Printf("[error] Error creating ArgumentGroup: %s\n", err)
66+
} else {
67+
group_ldapSettings.NewStringArgument(&domainController, "-dc", "--dc-ip", "", false, "IP Address of the domain controller or KDC (Key Distribution Center) for Kerberos. If omitted, it will use the domain part (FQDN) specified in the identity parameter.")
68+
group_ldapSettings.NewTcpPortArgument(&ldapPort, "-P", "--port", 389, false, "Port number to connect to LDAP server.")
69+
group_ldapSettings.NewBoolArgument(&useLdaps, "-l", "--use-ldaps", false, "Use LDAPS instead of LDAP.")
70+
group_ldapSettings.NewBoolArgument(&useKerberos, "-k", "--use-kerberos", false, "Use Kerberos instead of NTLM.")
71+
}
72+
73+
group_auth, err := ap.NewArgumentGroup("Authentication")
74+
if err != nil {
75+
fmt.Printf("[error] Error creating ArgumentGroup: %s\n", err)
76+
} else {
77+
group_auth.NewStringArgument(&authDomain, "-d", "--domain", "", false, "Active Directory domain to authenticate to.")
78+
group_auth.NewStringArgument(&authUsername, "-u", "--username", "", false, "User to authenticate as.")
79+
group_auth.NewStringArgument(&authPassword, "-p", "--password", "", false, "Password to authenticate with.")
80+
group_auth.NewStringArgument(&authHashes, "-H", "--hashes", "", false, "NT/LM hashes, format is LMhash:NThash.")
81+
}
82+
83+
ap.Parse()
84+
85+
if useLdaps && !group_ldapSettings.LongNameToArgument["--port"].IsPresent() {
86+
ldapPort = 636
87+
}
88+
89+
if len(distinguishedName) != 0 && (len(domainController) == 0 || len(authUsername) == 0 || len(authPassword) == 0) {
90+
logger.Warn("Error: Options --dc-ip, --username, --password are required when using --distinguished-name.")
91+
os.Exit(1)
92+
}
93+
}
94+
95+
func main() {
96+
parseArgs()
97+
98+
creds, err := credentials.NewCredentials(authDomain, authUsername, authPassword, authHashes)
99+
if err != nil {
100+
logger.Warn(fmt.Sprintf("Error creating credentials: %s", err))
101+
return
102+
}
103+
104+
rawNtsdValue := []byte{}
105+
106+
// Parsing input values for hex format
107+
if len(rawNtsdValue) == 0 && (len(sourceFileHex) != 0 || len(valueHex) != 0) {
108+
value_hex_string := ""
109+
if len(valueHex) != 0 {
110+
value_hex_string = valueHex
111+
}
112+
if len(sourceFileHex) != 0 {
113+
data, err := os.ReadFile(sourceFileHex)
114+
if err != nil {
115+
logger.Warn(fmt.Sprintf("Error reading file: %s", err))
116+
return
117+
}
118+
value_hex_string = string(data)
119+
}
120+
// Decoding the hex string
121+
if len(value_hex_string) != 0 {
122+
if len(value_hex_string)%2 == 1 {
123+
// encoding/hex: odd length hex string
124+
value_hex_string = value_hex_string + "0"
125+
}
126+
value, err := hex.DecodeString(value_hex_string)
127+
if err != nil {
128+
logger.Warn(fmt.Sprintf("Error decoding Hex value: %s", err))
129+
return
130+
} else {
131+
rawNtsdValue = value
132+
}
133+
}
134+
}
135+
136+
// Parsing input values for base64 format
137+
if len(rawNtsdValue) == 0 && (len(sourceFileBase64) != 0 || len(valueBase64) != 0) {
138+
value_base64_string := ""
139+
if len(valueBase64) != 0 {
140+
value_base64_string = valueBase64
141+
}
142+
if len(sourceFileBase64) != 0 {
143+
data, err := os.ReadFile(sourceFileBase64)
144+
if err != nil {
145+
logger.Warn(fmt.Sprintf("Error reading file: %s", err))
146+
return
147+
}
148+
value_base64_string = string(data)
149+
}
150+
151+
// Decoding the base64 string
152+
if len(value_base64_string) != 0 {
153+
value, err := base64.StdEncoding.DecodeString(value_base64_string)
154+
if err != nil {
155+
logger.Warn(fmt.Sprintf("Error decoding Base64 value: %s", err))
156+
return
157+
} else {
158+
rawNtsdValue = value
159+
}
160+
}
161+
}
162+
163+
// Parsing input values for raw format
164+
if len(rawNtsdValue) == 0 && len(sourceFileRaw) != 0 {
165+
data, err := os.ReadFile(sourceFileRaw)
166+
if err != nil {
167+
logger.Warn(fmt.Sprintf("Error reading file: %s", err))
168+
return
169+
}
170+
rawNtsdValue = data
171+
}
172+
173+
if len(rawNtsdValue) == 0 && len(distinguishedName) != 0 {
174+
// Parsing input values for Distinguished Name
175+
if debug {
176+
if !useLdaps {
177+
logger.Debug(fmt.Sprintf("Connecting to remote ldap://%s:%d ...", domainController, ldapPort))
178+
} else {
179+
logger.Debug(fmt.Sprintf("Connecting to remote ldaps://%s:%d ...", domainController, ldapPort))
180+
}
181+
}
182+
ldapSession := ldap.Session{}
183+
ldapSession.InitSession(domainController, ldapPort, creds, useLdaps, useKerberos)
184+
connected, err := ldapSession.Connect()
185+
if err != nil {
186+
logger.Warn(fmt.Sprintf("Error connecting to LDAP: %s", err))
187+
return
188+
}
189+
190+
if connected {
191+
logger.Info(fmt.Sprintf("Connected as '%s\\%s'", authDomain, authUsername))
192+
193+
query := fmt.Sprintf("(distinguishedName=%s)", distinguishedName)
194+
195+
if debug {
196+
logger.Debug(fmt.Sprintf("LDAP query used: %s", query))
197+
}
198+
199+
attributes := []string{"distinguishedName", "ntSecurityDescriptor"}
200+
ldapResults, err := ldapSession.QueryWholeSubtree("", query, attributes)
201+
if err != nil {
202+
logger.Warn(fmt.Sprintf("Error querying LDAP: %s", err))
203+
return
204+
}
205+
206+
for _, entry := range ldapResults {
207+
if debug {
208+
logger.Debug(fmt.Sprintf("| distinguishedName: %s", entry.GetAttributeValue("distinguishedName")))
209+
}
210+
rawNtsdValue = entry.GetEqualFoldRawAttributeValue("ntSecurityDescriptor")
211+
}
212+
} else {
213+
if debug {
214+
logger.Warn("Error: Could not create ldapSession.")
215+
}
216+
}
217+
}
218+
219+
if len(rawNtsdValue) != 0 {
220+
ntsd := securitydescriptor.NtSecurityDescriptor{}
221+
logger.Debug(fmt.Sprintf("| ntSecurityDescriptor: %s", hex.EncodeToString(rawNtsdValue)))
222+
_, err := ntsd.Unmarshal(rawNtsdValue)
223+
if err != nil {
224+
logger.Warn(fmt.Sprintf("Error unmarshalling NTSecurityDescriptor: %s", err))
225+
return
226+
}
227+
ntsd.Describe(0)
228+
} else {
229+
logger.Warn("No NTSecurityDescriptor found in source values.")
230+
}
231+
}

0 commit comments

Comments
 (0)