diff --git a/src/Producers/BaseProducer.cs b/src/Producers/BaseProducer.cs index 8456cbd..dd1c1ad 100644 --- a/src/Producers/BaseProducer.cs +++ b/src/Producers/BaseProducer.cs @@ -24,12 +24,14 @@ public abstract class BaseProducer protected readonly Channel Channel; protected readonly Channel OutputChannel; protected readonly IContext Context; + protected readonly Channel CompStatusChannel; - protected BaseProducer(IContext context, Channel channel, Channel outputChannel) + protected BaseProducer(IContext context, Channel channel, Channel outputChannel, Channel compStatusChannel) { Context = context; Channel = channel; OutputChannel = outputChannel; + CompStatusChannel = compStatusChannel; } public abstract Task Produce(); diff --git a/src/Producers/ComputerFileProducer.cs b/src/Producers/ComputerFileProducer.cs index b6233df..50a62f6 100644 --- a/src/Producers/ComputerFileProducer.cs +++ b/src/Producers/ComputerFileProducer.cs @@ -17,7 +17,10 @@ namespace Sharphound.Producers /// internal class ComputerFileProducer : BaseProducer { - public ComputerFileProducer(IContext context, Channel channel, Channel outputChannel) : base(context, channel, outputChannel) + public ComputerFileProducer(IContext context, + Channel channel, + Channel outputChannel, + Channel compStatusChannel) : base(context, channel, outputChannel, compStatusChannel) { } @@ -65,7 +68,14 @@ public override async Task Produce() string sid; if (!computer.StartsWith("S-1-5-21")) { //The computer isn't a SID so try to convert it to one - if (await Context.LDAPUtils.ResolveHostToSid(computer, domainName) is (true, var tempSid)) { + if (await Context.LDAPUtils.ResolveHostToSid(computer, domainName) is (true, var tempSid)) + { + await CompStatusChannel.Writer.WriteAsync(new CSVComputerStatus + { + Status = ComputerStatus.Success, + ComputerName = computer, + Task = "ComputerFileProducer - Produce" + }, cancellationToken); sid = tempSid; } else { Context.Logger.LogError("Failed to resolve host {Computer} to SID", computer); diff --git a/src/Producers/LdapProducer.cs b/src/Producers/LdapProducer.cs index 99aea43..d7c37ca 100644 --- a/src/Producers/LdapProducer.cs +++ b/src/Producers/LdapProducer.cs @@ -12,7 +12,10 @@ namespace Sharphound.Producers { public class LdapProducer : BaseProducer { - public LdapProducer(IContext context, Channel channel, Channel outputChannel) : base(context, channel, outputChannel) + public LdapProducer(IContext context, + Channel channel, + Channel outputChannel, + Channel compStatusChannel) : base(context, channel, outputChannel, compStatusChannel) { } diff --git a/src/Producers/StealthProducer.cs b/src/Producers/StealthProducer.cs index dafeece..6774567 100644 --- a/src/Producers/StealthProducer.cs +++ b/src/Producers/StealthProducer.cs @@ -25,7 +25,10 @@ internal class StealthProducer : BaseProducer private readonly LdapFilter _query; private readonly LdapFilter _queryConfigNC; - public StealthProducer(IContext context, Channel channel, Channel outputChannel) : base(context, channel, outputChannel) + public StealthProducer(IContext context, + Channel channel, + Channel outputChannel, + Channel compStatusChannel) : base(context, channel, outputChannel, compStatusChannel) { var ldapData = CreateDefaultNCData(); _query = ldapData.Filter; @@ -161,6 +164,12 @@ private async Task> FindPathTargetSids() foreach (var path in paths.Keys) { if (await Context.LDAPUtils.ResolveHostToSid(path, Context.DomainName) is (true, var sid)) { + await CompStatusChannel.Writer.WriteAsync(new CSVComputerStatus + { + Status = ComputerStatus.Success, + ComputerName = path, + Task = "StealthProducer - FindPathTargetSids" + }); if (sid != null && sid.StartsWith("S-1-5")) { var searchResult = await Context.LDAPUtils.Query(new LdapQueryParameters() { LDAPFilter = CommonFilters.SpecificSID(sid), diff --git a/src/Runtime/CollectionTask.cs b/src/Runtime/CollectionTask.cs index 058f5c6..c0ada8f 100644 --- a/src/Runtime/CollectionTask.cs +++ b/src/Runtime/CollectionTask.cs @@ -54,11 +54,11 @@ public CollectionTask(IContext context) _outputWriter = new OutputWriter(context, _outputChannel); if (context.Flags.Stealth) - _producer = new StealthProducer(context, _ldapChannel, _outputChannel); + _producer = new StealthProducer(context, _ldapChannel, _outputChannel, _compStatusChannel); else if (context.ComputerFile != null) - _producer = new ComputerFileProducer(context, _ldapChannel, _outputChannel); + _producer = new ComputerFileProducer(context, _ldapChannel, _outputChannel, _compStatusChannel); else - _producer = new LdapProducer(context, _ldapChannel, _outputChannel); + _producer = new LdapProducer(context, _ldapChannel, _outputChannel, _compStatusChannel); } internal async Task StartCollection() diff --git a/src/Runtime/ObjectProcessors.cs b/src/Runtime/ObjectProcessors.cs index 0767e1f..4089fc8 100644 --- a/src/Runtime/ObjectProcessors.cs +++ b/src/Runtime/ObjectProcessors.cs @@ -88,7 +88,7 @@ internal async Task ProcessObject(IDirectoryObject entry, case Label.AIACA: return await ProcessAIACA(entry, resolvedSearchResult); case Label.EnterpriseCA: - return await ProcessEnterpriseCA(entry, resolvedSearchResult); + return await ProcessEnterpriseCA(entry, resolvedSearchResult, compStatusChannel); case Label.NTAuthStore: return await ProcessNTAuthStore(entry, resolvedSearchResult); case Label.CertTemplate: @@ -654,7 +654,8 @@ private async Task ProcessAIACA(IDirectoryObject entry, ResolvedSearchRes } private async Task ProcessEnterpriseCA(IDirectoryObject entry, - ResolvedSearchResult resolvedSearchResult) { + ResolvedSearchResult resolvedSearchResult, + Channel compStatusChannel) { var ret = new EnterpriseCA { ObjectIdentifier = resolvedSearchResult.ObjectId, Properties = new Dictionary(GetCommonProperties(entry, resolvedSearchResult)) @@ -697,6 +698,13 @@ private async Task ProcessEnterpriseCA(IDirectoryObject entry, if (await _context.LDAPUtils.ResolveHostToSid(dnsHostName, resolvedSearchResult.DomainSid) is (true, var sid) && sid.StartsWith("S-1-")) { ret.HostingComputer = sid; + await compStatusChannel.Writer.WriteAsync(new CSVComputerStatus + { + Status = ComputerStatus.Success, + ComputerName = resolvedSearchResult.DisplayName, + Task = nameof(ProcessEnterpriseCA) + }, + _cancellationToken); } else { _log.LogWarning("CA {Name} host ({Dns}) could not be resolved to a SID.", caName, dnsHostName); } @@ -719,6 +727,13 @@ private async Task ProcessEnterpriseCA(IDirectoryObject entry, if (caName != null && dnsHostName != null) { if (await _context.LDAPUtils.ResolveHostToSid(dnsHostName, resolvedSearchResult.DomainSid) is (true, var sid) && sid.StartsWith("S-1-")) { + await compStatusChannel.Writer.WriteAsync(new CSVComputerStatus + { + Status = ComputerStatus.Success, + ComputerName = resolvedSearchResult.DisplayName, + Task = nameof(ProcessEnterpriseCA) + }, + _cancellationToken); ret.HostingComputer = sid; } else { _log.LogWarning("CA {Name} host ({Dns}) could not be resolved to a SID.", caName, dnsHostName);