Skip to content

Commit

Permalink
More Pwn -> Edge refactoring, added Machine object representing the d…
Browse files Browse the repository at this point in the history
…evice running an OS, node labels Anonymize -> Randomize, added label obfuscation Checksum, fixed broken AffectedByGPO analyzer (!!)
  • Loading branch information
lkarlslund committed Sep 9, 2022
1 parent 93d30e0 commit 52d4bb4
Show file tree
Hide file tree
Showing 14 changed files with 390 additions and 318 deletions.
42 changes: 31 additions & 11 deletions modules/analyze/html/graph.js
Original file line number Diff line number Diff line change
Expand Up @@ -360,21 +360,21 @@ cytostyle = [{
}
},
{
selector: 'node[type="Computer"]', // [? _workstation]
selector: 'node[type="Computer"]',
style: {
shape: "round-octagon",
"background-image": "icons/tv-fill.svg",
"background-color": "lightgreen"
}
},
// {
// selector: 'node[type="Computer"][?_server]',
// style: {
// shape: "hexagon",
// "background-image": "icons/server.svg",
// "background-color": "lightgreen"
// }
// },
{
selector: 'node[type="Machine"]',
style: {
shape: "round-octagon",
"background-image": "icons/tv-fill.svg",
"background-color": "red"
}
},
{
selector: "node[?_canexpand]",
style: {
Expand Down Expand Up @@ -588,20 +588,40 @@ function getGraphlayout(choice) {
return layout
}



function nodelabel(ele) {
switch ($("#graphlabels").val()) {
case "normal":
return ele.data("label");
case "off":
return "";
case "anonymize":
case "randomize":
return anonymizer.anonymize(ele.data("label"));
case "checksum":
return hashFnv32a(ele.data("label"), true, undefined);
}
return "error";
}

var anonymizer = new DataAnonymizer();

function hashFnv32a(str, asString, seed) {
/*jshint bitwise:false */
var i, l,
hval = (seed === undefined) ? 0x811c9dc5 : seed;

for (i = 0, l = str.length; i < l; i++) {
hval ^= str.charCodeAt(i);
hval += (hval << 1) + (hval << 4) + (hval << 7) + (hval << 8) + (hval << 24);
}
if (asString) {
// Convert to 8 digit hex string
return ("0000000" + (hval >>> 0).toString(16)).substr(-8);
}
return hval >>> 0;
}

function renderedge(ele) {
return rendernode(ele.source()) + rendermethods(ele) + rendernode(ele.target());
}
Expand Down Expand Up @@ -640,7 +660,7 @@ function renderdetails(data) {
result += "<tr><td>" + attr + "</td><td>"
attrvalues = data.attributes[attr]
for (var i in attrvalues) {
if ($("#graphlabels").val() == "anonymize") {
if ($("#graphlabels").val() == "randomize") {
result += anonymizer.anonymize(attrvalues[i]) + "</br>";
} else {
result += attrvalues[i] + "</br>";
Expand Down
3 changes: 2 additions & 1 deletion modules/analyze/html/index.html
Original file line number Diff line number Diff line change
Expand Up @@ -204,7 +204,8 @@
<select class="form-control" id="graphlabels" preference="graph.labels" defaultpref="normal">
<option value="normal">Normal</option>
<option value="off">Off</option>
<option value="anonymize">Anonymize</option>
<option value="randomize">Randomize</option>
<option value="checksum">Checksum</option>
</select>
</div>
</details>
Expand Down
2 changes: 0 additions & 2 deletions modules/analyze/webservicefuncs.go
Original file line number Diff line number Diff line change
Expand Up @@ -185,8 +185,6 @@ func analysisfuncs(ws *webservice) {
encoder := qjson.NewEncoder(w)
encoder.SetIndent("", " ")

// anonymize, _ := util.ParseBool(vars["anonymize"])

mode := vars["mode"]
if mode == "" {
mode = "normal"
Expand Down
6 changes: 3 additions & 3 deletions modules/engine/analyzeobjects.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import (
"github.com/lkarlslund/adalanche/modules/ui"
)

var PwnMemberOfGroup = NewEdge("MemberOfGroup") // FIXME, this should be generalized to expand-anyway-priority somehoe
var EdgeMemberOfGroup = NewEdge("MemberOfGroup") // FIXME, this should be generalized to expand-anyway-priority somehoe

var SortBy Attribute = NonExistingAttribute

Expand Down Expand Up @@ -221,7 +221,7 @@ func AnalyzeObjects(opts AnalyzeObjectsOptions) (pg Graph) {
var groupcount int
for _, detectedmethods := range newconnectionsmap {
// We assume the number of groups are limited and add them anyway
if detectedmethods.IsSet(PwnMemberOfGroup) {
if detectedmethods.IsSet(EdgeMemberOfGroup) {
groupcount++
}
}
Expand All @@ -230,7 +230,7 @@ func AnalyzeObjects(opts AnalyzeObjectsOptions) (pg Graph) {
// Add the groups, but not the rest
for pwnpair, detectedmethods := range newconnectionsmap {
// We assume the number of groups are limited and add them anyway
if detectedmethods.IsSet(PwnMemberOfGroup) {
if detectedmethods.IsSet(EdgeMemberOfGroup) {
connectionsmap[pwnpair] = detectedmethods
if _, found := implicatedobjectsmap[pwnpair.Target]; !found {
newimplicatedobjects[pwnpair.Target] = struct{}{} // Add this to work map as non-processed
Expand Down
2 changes: 1 addition & 1 deletion modules/engine/object.go
Original file line number Diff line number Diff line change
Expand Up @@ -1108,7 +1108,7 @@ func (o *Object) GUID() uuid.UUID {
}

// Register that this object can pwn another object using the given method
func (o *Object) Pwns(target *Object, method Edge) {
func (o *Object) EdgeTo(target *Object, method Edge) {
o.PwnsEx(target, method, false)
}

Expand Down
8 changes: 4 additions & 4 deletions modules/integrations/activedirectory/analyze/adloader.go
Original file line number Diff line number Diff line change
Expand Up @@ -92,10 +92,10 @@ func (ld *ADLoader) Init() error {
}
}

if category, found := item.object.Attributes["objectCategory"]; found && strings.HasPrefix(category[0], "CN=Foreign-Security-Principal") {
// We don't want to import this
// continue
}
// if category, found := item.object.Attributes["objectCategory"]; found && strings.HasPrefix(category[0], "CN=Foreign-Security-Principal") {
// We don't want to import this
// continue
// }

// Convert
o := item.object.ToObject(*limitattributes)
Expand Down
Loading

0 comments on commit 52d4bb4

Please sign in to comment.