SpecterOps · mykeelium · Jul 23, 2025 · Jun 16, 2025 · Jul 21, 2025 · Jul 23, 2025
diff --git a/src/Producers/BaseProducer.cs b/src/Producers/BaseProducer.cs
@@ -24,12 +24,14 @@ public abstract class BaseProducer
         protected readonly Channel<IDirectoryObject> Channel;
         protected readonly Channel<OutputBase> OutputChannel;
         protected readonly IContext Context;
+        protected readonly Channel<CSVComputerStatus> CompStatusChannel;
 
-        protected BaseProducer(IContext context, Channel<IDirectoryObject> channel, Channel<OutputBase> outputChannel)
+        protected BaseProducer(IContext context, Channel<IDirectoryObject> channel, Channel<OutputBase> outputChannel, Channel<CSVComputerStatus> compStatusChannel)
         {
             Context = context;
             Channel = channel;
             OutputChannel = outputChannel;
+            CompStatusChannel = compStatusChannel;
         }
 
         public abstract Task Produce();

diff --git a/src/Producers/ComputerFileProducer.cs b/src/Producers/ComputerFileProducer.cs
@@ -17,7 +17,10 @@ namespace Sharphound.Producers
     /// </summary>
     internal class ComputerFileProducer : BaseProducer
     {
-        public ComputerFileProducer(IContext context, Channel<IDirectoryObject> channel, Channel<OutputBase> outputChannel) : base(context, channel, outputChannel)
+        public ComputerFileProducer(IContext context, 
+            Channel<IDirectoryObject> channel, 
+            Channel<OutputBase> outputChannel,
+            Channel<CSVComputerStatus> compStatusChannel) : base(context, channel, outputChannel, compStatusChannel)
         {
         }
 
@@ -65,7 +68,14 @@ public override async Task Produce()
                     string sid;
                     if (!computer.StartsWith("S-1-5-21")) {
                         //The computer isn't a SID so try to convert it to one
-                        if (await Context.LDAPUtils.ResolveHostToSid(computer, domainName) is (true, var tempSid)) {
+                        if (await Context.LDAPUtils.ResolveHostToSid(computer, domainName) is (true, var tempSid))
+                        {
+                            await CompStatusChannel.Writer.WriteAsync(new CSVComputerStatus
+                            {
+                                Status = ComputerStatus.Success,
+                                ComputerName = computer,
+                                Task = "ComputerFileProducer - Produce"
+                            }, cancellationToken);
                             sid = tempSid;
                         } else {
                             Context.Logger.LogError("Failed to resolve host {Computer} to SID", computer);

diff --git a/src/Producers/LdapProducer.cs b/src/Producers/LdapProducer.cs
@@ -12,7 +12,10 @@ namespace Sharphound.Producers
 {
     public class LdapProducer : BaseProducer
     {
-        public LdapProducer(IContext context, Channel<IDirectoryObject> channel, Channel<OutputBase> outputChannel) : base(context, channel, outputChannel)
+        public LdapProducer(IContext context,
+            Channel<IDirectoryObject> channel,
+            Channel<OutputBase> outputChannel,
+            Channel<CSVComputerStatus> compStatusChannel) : base(context, channel, outputChannel, compStatusChannel)
         {
         }
 

diff --git a/src/Producers/StealthProducer.cs b/src/Producers/StealthProducer.cs
@@ -25,7 +25,10 @@ internal class StealthProducer : BaseProducer
         private readonly LdapFilter _query;
         private readonly LdapFilter _queryConfigNC;
 
-        public StealthProducer(IContext context, Channel<IDirectoryObject> channel, Channel<OutputBase> outputChannel) : base(context, channel, outputChannel)
+        public StealthProducer(IContext context,
+            Channel<IDirectoryObject> channel,
+            Channel<OutputBase> outputChannel,
+            Channel<CSVComputerStatus> compStatusChannel) : base(context, channel, outputChannel, compStatusChannel)
         {
             var ldapData = CreateDefaultNCData();
             _query = ldapData.Filter;
@@ -161,6 +164,12 @@ private async Task<Dictionary<string, IDirectoryObject>> FindPathTargetSids()
             foreach (var path in paths.Keys)
             {
                 if (await Context.LDAPUtils.ResolveHostToSid(path, Context.DomainName) is (true, var sid)) {
+                    await CompStatusChannel.Writer.WriteAsync(new CSVComputerStatus
+                    {
+                        Status = ComputerStatus.Success,
+                        ComputerName = path,
+                        Task = "StealthProducer - FindPathTargetSids"
+                    });
                     if (sid != null && sid.StartsWith("S-1-5")) {
                         var searchResult = await Context.LDAPUtils.Query(new LdapQueryParameters() {
                             LDAPFilter = CommonFilters.SpecificSID(sid),

diff --git a/src/Runtime/CollectionTask.cs b/src/Runtime/CollectionTask.cs
@@ -54,11 +54,11 @@ public CollectionTask(IContext context)
             _outputWriter = new OutputWriter(context, _outputChannel);
 
             if (context.Flags.Stealth)
-                _producer = new StealthProducer(context, _ldapChannel, _outputChannel);
+                _producer = new StealthProducer(context, _ldapChannel, _outputChannel, _compStatusChannel);
             else if (context.ComputerFile != null)
-                _producer = new ComputerFileProducer(context, _ldapChannel, _outputChannel);
+                _producer = new ComputerFileProducer(context, _ldapChannel, _outputChannel, _compStatusChannel);
             else
-                _producer = new LdapProducer(context, _ldapChannel, _outputChannel);
+                _producer = new LdapProducer(context, _ldapChannel, _outputChannel, _compStatusChannel);
         }
 
         internal async Task<string> StartCollection()

diff --git a/src/Runtime/ObjectProcessors.cs b/src/Runtime/ObjectProcessors.cs
@@ -88,7 +88,7 @@ internal async Task<OutputBase> ProcessObject(IDirectoryObject entry,
                 case Label.AIACA:
                     return await ProcessAIACA(entry, resolvedSearchResult);
                 case Label.EnterpriseCA:
-                    return await ProcessEnterpriseCA(entry, resolvedSearchResult);
+                    return await ProcessEnterpriseCA(entry, resolvedSearchResult, compStatusChannel);
                 case Label.NTAuthStore:
                     return await ProcessNTAuthStore(entry, resolvedSearchResult);
                 case Label.CertTemplate:
@@ -654,7 +654,8 @@ private async Task<AIACA> ProcessAIACA(IDirectoryObject entry, ResolvedSearchRes
         }
 
         private async Task<EnterpriseCA> ProcessEnterpriseCA(IDirectoryObject entry,
-            ResolvedSearchResult resolvedSearchResult) {
+            ResolvedSearchResult resolvedSearchResult,
+            Channel<CSVComputerStatus> compStatusChannel) {
             var ret = new EnterpriseCA {
                 ObjectIdentifier = resolvedSearchResult.ObjectId,
                 Properties = new Dictionary<string, object>(GetCommonProperties(entry, resolvedSearchResult))
@@ -697,6 +698,13 @@ private async Task<EnterpriseCA> ProcessEnterpriseCA(IDirectoryObject entry,
                     if (await _context.LDAPUtils.ResolveHostToSid(dnsHostName, resolvedSearchResult.DomainSid) is
                             (true, var sid) && sid.StartsWith("S-1-")) {
                         ret.HostingComputer = sid;
+                        await compStatusChannel.Writer.WriteAsync(new CSVComputerStatus
+                            {
+                                Status = ComputerStatus.Success,
+                                ComputerName = resolvedSearchResult.DisplayName,
+                                Task = nameof(ProcessEnterpriseCA)
+                            },
+                            _cancellationToken);
                     } else {
                         _log.LogWarning("CA {Name} host ({Dns}) could not be resolved to a SID.", caName, dnsHostName);
                     }
@@ -719,6 +727,13 @@ private async Task<EnterpriseCA> ProcessEnterpriseCA(IDirectoryObject entry,
                 if (caName != null && dnsHostName != null) {
                     if (await _context.LDAPUtils.ResolveHostToSid(dnsHostName, resolvedSearchResult.DomainSid) is
                             (true, var sid) && sid.StartsWith("S-1-")) {
+                        await compStatusChannel.Writer.WriteAsync(new CSVComputerStatus
+                        {
+                            Status = ComputerStatus.Success,
+                            ComputerName = resolvedSearchResult.DisplayName,
+                            Task = nameof(ProcessEnterpriseCA)
+                        },
+                        _cancellationToken);
                         ret.HostingComputer = sid;
                     } else {
                         _log.LogWarning("CA {Name} host ({Dns}) could not be resolved to a SID.", caName, dnsHostName);