Skip to content

Commit

Permalink
Merge pull request #125 from hkelley/dfsv2-namespacepathfix
Browse files Browse the repository at this point in the history 
Small fix to DFSv2 discovery method
  • Loading branch information
@l0ss
l0ss authored Jun 22, 2023
2 parents ac037a4 + aa4fb4c commit bcbe42d
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 17 deletions.
4 changes: 2 additions & 2 deletions SnaffCore/ActiveDirectory/AdData.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ public void SetDfsPaths()
{
// Construct the UNC path to this DFS share and add it to the list.
// We use this structure as a to-do list in the ShareFinder code, skipping DFS shares that have already been processed
string dfsShareNamespacePath = @"\\" + _targetDomain + @"\" + dfsShare.DFSNamespace;
string dfsShareNamespacePath = @"\\" + _targetDomain + @"\" + dfsShare.DFSFolderPath;
List<string> hostnames = new List<string>();

if (!_dfsNamespacePaths.Contains(dfsShareNamespacePath))
Expand All @@ -156,7 +156,7 @@ public void SetDfsPaths()
// Add these paths as keys in the dictionary
foreach (string h in hostnames)
{
realPath = String.Format(@"\\{0}\{1}", h, dfsShare.Name);
realPath = String.Format(@"\\{0}\{1}", h, dfsShare.RemoteShareName);

if (!_dfsSharesDict.ContainsKey(realPath))
{
Expand Down
29 changes: 14 additions & 15 deletions SnaffCore/ActiveDirectory/DfsFinder.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,9 @@ namespace SnaffCore.ActiveDirectory
{
public class DFSShare
{
public string Name { get; set; }
public string RemoteShareName { get; set; }
public string RemoteServerName { get; set; }
public string DFSNamespace { get; set; }
public string DFSFolderPath { get; set; }
}

class DfsFinder
Expand Down Expand Up @@ -61,9 +61,9 @@ private List<DFSShare> Get_DomainDFSShareV1(DirectorySearch directorySearch)

DFSShares.Add(new DFSShare
{
Name = resEnt.GetProperty("name"),
RemoteShareName = resEnt.GetProperty("name"),
RemoteServerName = name.Split(new char[] { '\\' })[2],
DFSNamespace = dfsnamespace
DFSFolderPath = dfsnamespace
});
}
}
Expand Down Expand Up @@ -115,7 +115,6 @@ private List<DFSShare> Get_DomainDFSShareV2(DirectorySearch _directorySearch)

var target_list = resEnt.GetPropertyAsBytes(@"msdfs-targetlistv2");
var xml = new XmlDocument();
//string thing = System.Text.Encoding.Unicode.GetString(target_list.Skip(2).Take(target_list.Length - 1 + 1 - 2).ToArray());
xml.LoadXml(System.Text.Encoding.Unicode.GetString(target_list.Skip(2).Take(target_list.Length - 1 + 1 - 2).ToArray()));

if (xml.FirstChild != null)
Expand All @@ -126,17 +125,17 @@ private List<DFSShare> Get_DomainDFSShareV2(DirectorySearch _directorySearch)
{
try
{
var Target = babbynode.InnerText;
if (Target.Contains(@"\"))
var target = babbynode.InnerText;
if (target.Contains(@"\"))
{
var DFSroot = Target.Split('\\')[3];
string ShareName = resEnt.GetProperty(@"msdfs-linkpathv2").Replace("/","\\");
var targetShareName = target.Split('\\')[3];
string dfsLeafName = resEnt.GetProperty(@"msdfs-linkpathv2").Replace("/","\\");

// FIX DFS V2 shares have the share name in the DFSroot, don't double-up
DFSShares.Add(new DFSShare {
Name = $@"{DFSroot}",
RemoteServerName = Target.Split('\\')[2],
DFSNamespace = dfsnamespace }
RemoteShareName = $@"{targetShareName}",
RemoteServerName = target.Split('\\')[2],
DFSFolderPath = $@"{dfsnamespace}{dfsLeafName}"
}
);
}
}
Expand Down Expand Up @@ -349,8 +348,8 @@ private static List<DFSShare> Parse_Pkt(byte[] Pkt)
var share = new DFSShare();

string[] target_parts = target.Split(new char[] { '\\' });
share.DFSNamespace = dfsns;
share.Name = target_parts[3];
share.DFSFolderPath = dfsns;
share.RemoteShareName = target_parts[3];
share.RemoteServerName = target_parts[2];

shares.Add(share);
Expand Down

0 comments on commit bcbe42d

Please sign in to comment.