< Summary

Class:SharpHoundCommonLib.Processors.DomainTrustProcessor
Assembly:SharpHoundCommonLib
File(s):D:\a\SharpHoundCommon\SharpHoundCommon\src\CommonLib\Processors\DomainTrustProcessor.cs
Covered lines:47
Uncovered lines:11
Coverable lines:58
Total lines:106
Line coverage:81% (47 of 58)
Covered branches:19
Total branches:24
Branch coverage:79.1% (19 of 24)

Metrics

MethodBranch coverage Cyclomatic complexity NPath complexity Sequence coverage
.ctor(...)100%20100%
EnumerateDomainTrusts()78.57%14076.19%
TrustAttributesToType(...)75%8090.9%

File(s)

D:\a\SharpHoundCommon\SharpHoundCommon\src\CommonLib\Processors\DomainTrustProcessor.cs

#LineLine coverage
 1using System.Collections.Generic;
 2using System.DirectoryServices.Protocols;
 3using System.Security.Principal;
 4using Microsoft.Extensions.Logging;
 5using SharpHoundCommonLib.Enums;
 6using SharpHoundCommonLib.LDAPQueries;
 7using SharpHoundCommonLib.OutputTypes;
 8
 9namespace SharpHoundCommonLib.Processors
 10{
 11    public class DomainTrustProcessor
 12    {
 13        private readonly ILogger _log;
 14        private readonly ILDAPUtils _utils;
 15
 216        public DomainTrustProcessor(ILDAPUtils utils, ILogger log = null)
 217        {
 218            _utils = utils;
 219            _log = log ?? Logging.LogProvider.CreateLogger("DomainTrustProc");
 220        }
 21
 22        /// <summary>
 23        ///     Processes domain trusts for a domain object
 24        /// </summary>
 25        /// <param name="domain"></param>
 26        /// <returns></returns>
 27        public IEnumerable<DomainTrust> EnumerateDomainTrusts(string domain)
 228        {
 229            var query = CommonFilters.TrustedDomains;
 1630            foreach (var result in _utils.QueryLDAP(query, SearchScope.Subtree, CommonProperties.DomainTrustProps,
 231                         domain))
 532            {
 533                var trust = new DomainTrust();
 534                var targetSidBytes = result.GetByteProperty(LDAPProperties.SecurityIdentifier);
 535                if (targetSidBytes == null || targetSidBytes.Length == 0)
 436                {
 437                    _log.LogTrace("Trust sid is null or empty for target: {Domain}", domain);
 438                    continue;
 39                }
 40
 41                string sid;
 42                try
 143                {
 144                    sid = new SecurityIdentifier(targetSidBytes, 0).Value;
 145                }
 046                catch
 047                {
 048                    _log.LogTrace("Failed to convert bytes to SID for target: {Domain}", domain);
 049                    continue;
 50                }
 51
 152                trust.TargetDomainSid = sid;
 53
 154                if (int.TryParse(result.GetProperty(LDAPProperties.TrustDirection), out var td))
 155                {
 156                    trust.TrustDirection = (TrustDirection) td;
 157                }
 58                else
 059                {
 060                    _log.LogTrace("Failed to convert trustdirection for target: {Domain}", domain);
 061                    continue;
 62                }
 63
 64
 65                TrustAttributes attributes;
 66
 167                if (int.TryParse(result.GetProperty(LDAPProperties.TrustAttributes), out var ta))
 168                {
 169                    attributes = (TrustAttributes) ta;
 170                }
 71                else
 072                {
 073                    _log.LogTrace("Failed to convert trustattributes for target: {Domain}", domain);
 074                    continue;
 75                }
 76
 177                trust.IsTransitive = !attributes.HasFlag(TrustAttributes.NonTransitive);
 178                var name = result.GetProperty(LDAPProperties.CanonicalName)?.ToUpper();
 179                if (name != null)
 180                    trust.TargetDomainName = name;
 81
 182                trust.SidFilteringEnabled = attributes.HasFlag(TrustAttributes.FilterSids);
 183                trust.TrustType = TrustAttributesToType(attributes);
 84
 185                yield return trust;
 186            }
 287        }
 88
 89        public static TrustType TrustAttributesToType(TrustAttributes attributes)
 690        {
 91            TrustType trustType;
 92
 693            if (attributes.HasFlag(TrustAttributes.WithinForest))
 294                trustType = TrustType.ParentChild;
 495            else if (attributes.HasFlag(TrustAttributes.ForestTransitive))
 196                trustType = TrustType.Forest;
 397            else if (!attributes.HasFlag(TrustAttributes.WithinForest) &&
 398                     !attributes.HasFlag(TrustAttributes.ForestTransitive))
 399                trustType = TrustType.External;
 100            else
 0101                trustType = TrustType.Unknown;
 102
 6103            return trustType;
 6104        }
 105    }
 106}
Generated by: ReportGenerator 4.8.9.0
5/3/2024 - 1:48:11 PM
GitHub | www.palmmedia.de

Methods/Properties

.ctor(SharpHoundCommonLib.ILDAPUtils,Microsoft.Extensions.Logging.ILogger)
EnumerateDomainTrusts()
TrustAttributesToType(SharpHoundCommonLib.Enums.TrustAttributes)