Skip to content

Commit

Permalink
Merge pull request #176 from TrimarcJake/add-ps7-support-to-esc8-dete…
Browse files Browse the repository at this point in the history 
…ctions

Added logic to prevent custom C# type from being added twice
  • Loading branch information
@TrimarcJake
TrimarcJake authored Oct 26, 2024
2 parents 8b83054 + 1e69799 commit c56a7c5
Show file tree
Hide file tree
Showing 2 changed files with 86 additions and 45 deletions.
87 changes: 63 additions & 24 deletions Invoke-Locksmith.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1037,7 +1037,7 @@ function Format-Result {
ESC1 = 'ESC1 - Vulnerable Certificate Template - Authentication'
ESC2 = 'ESC2 - Vulnerable Certificate Template - Subordinate CA'
ESC3 = 'ESC3 - Vulnerable Certificate Template - Enrollment Agent'
ESC4 = 'ESC4 - Vulnerable Access Control - Certifcate Template'
ESC4 = 'ESC4 - Vulnerable Access Control - Certificate Template'
ESC5 = 'ESC5 - Vulnerable Access Control - PKI Object'
ESC6 = 'ESC6 - EDITF_ATTRIBUTESUBJECTALTNAME2 Flag Enabled'
ESC8 = 'ESC8 - HTTP/S Enrollment Enabled'
Expand Down Expand Up @@ -1975,32 +1975,34 @@ function Set-AdditionalCAProperty {

begin {
$CAEnrollmentEndpoint = @()
if ($PSVersionTable.PSEdition -eq 'Desktop') {
$code = @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) {
return true;
if (-not ([System.Management.Automation.PSTypeName]'TrustAllCertsPolicy') ) {
if ($PSVersionTable.PSEdition -eq 'Desktop') {
$code = @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) {
return true;
}
}
}
"@
Add-Type -TypeDefinition $code -Language CSharp
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
}
else {
Add-Type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
using System.Net.Security;
public class TrustAllCertsPolicy {
public static bool TrustAllCerts(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) {
return true;
Add-Type -TypeDefinition $code -Language CSharp
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
}
else {
Add-Type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
using System.Net.Security;
public class TrustAllCertsPolicy {
public static bool TrustAllCerts(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) {
return true;
}
}
}
"@
# Set the ServerCertificateValidationCallback
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = [TrustAllCertsPolicy]::TrustAllCerts
# Set the ServerCertificateValidationCallback
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = [TrustAllCertsPolicy]::TrustAllCerts
}
}
}

Expand Down Expand Up @@ -2163,6 +2165,44 @@ function Set-Severity {
}
}

function Show-LocksmithLogo {
Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%'
Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%'
Write-Host '%%%%%%%%%%%%%%%%%#+==============#%%%%%%%%%%%%%%%%%'
Write-Host '%%%%%%%%%%%%%%#=====================#%%%%%%%%%%%%%%'
Write-Host '%%%%%%%%%%%%#=========================#%%%%%%%%%%%%'
Write-Host '%%%%%%%%%%%=============================%%%%%%%%%%%'
Write-Host '%%%%%%%%%#==============+++==============#%%%%%%%%%'
Write-Host '%%%%%%%%#===========#%%%%%%%%%#===========#%%%%%%%%'
Write-Host '%%%%%%%%==========%%%%%%%%%%%%%%%==========%%%%%%%%'
Write-Host '%%%%%%%*=========%%%%%%%%%%%%%%%%%=========*%%%%%%%'
Write-Host '%%%%%%%+========*%%%%%%%%%%%%%%%%%#=========%%%%%%%'
Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%'
Write-Host '#=================================================#'
Write-Host '#=================================================#'
Write-Host '#=================+%%%============================#'
Write-Host '#==================%%%%*==========================#'
Write-Host '#===================*%%%%+========================#'
Write-Host '#=====================#%%%%=======================#'
Write-Host '#======================+%%%%#=====================#'
Write-Host '#========================*%%%%*===================#'
Write-Host '#========================+%%%%%===================#'
Write-Host '#======================#%%%%%+====================#'
Write-Host '#===================+%%%%%%=======================#'
Write-Host '#=================#%%%%%+=========================#'
Write-Host '#==============+%%%%%#============================#'
Write-Host '#============*%%%%%+====+%%%%%%%%%%===============#'
Write-Host '#=============%%*========+********+===============#'
Write-Host '#=================================================#'
Write-Host '#=================================================#'
Write-Host '#=================================================#'
}

function Test-IsADAdmin {
<#
.SYNOPSIS
Expand Down Expand Up @@ -2902,5 +2942,4 @@ function Invoke-Locksmith {
}


# Export functions and aliases as required
Invoke-Locksmith -Mode $Mode -Scans $Scans
44 changes: 23 additions & 21 deletions Private/Set-AdditionalCAProperty.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,31 +37,33 @@

begin {
$CAEnrollmentEndpoint = @()
if ($PSVersionTable.PSEdition -eq 'Desktop') {
$code= @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) {
return true;
if (-not ([System.Management.Automation.PSTypeName]'TrustAllCertsPolicy') ) {
if ($PSVersionTable.PSEdition -eq 'Desktop') {
$code= @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) {
return true;
}
}
}
"@
Add-Type -TypeDefinition $code -Language CSharp
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
} else {
Add-Type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
using System.Net.Security;
public class TrustAllCertsPolicy {
public static bool TrustAllCerts(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) {
return true;
Add-Type -TypeDefinition $code -Language CSharp
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
} else {
Add-Type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
using System.Net.Security;
public class TrustAllCertsPolicy {
public static bool TrustAllCerts(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) {
return true;
}
}
}
"@
# Set the ServerCertificateValidationCallback
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = [TrustAllCertsPolicy]::TrustAllCerts
# Set the ServerCertificateValidationCallback
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = [TrustAllCertsPolicy]::TrustAllCerts
}
}
}

Expand Down

0 comments on commit c56a7c5

Please sign in to comment.