rusthound_ce/enums/
ldaptype.rs1use ldap3::SearchEntry;
2use std::collections::HashMap;
3use std::fmt;
4pub enum Type {
8 User,
9 Computer,
10 Group,
11 Ou,
12 Domain,
13 Gpo,
14 ForeignSecurityPrincipal,
15 Container,
16 Trust,
17 RootCA,
18 NtAutStore,
19 EnterpriseCA,
20 AIACA,
21 CertTemplate,
22 IssuancePolicie,
23 Unknown
24}
25
26impl fmt::Debug for Type {
27 fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
28 write!(f, "{:?}", self)
29 }
30}
31
32pub fn get_type(result: SearchEntry) -> std::result::Result<Type, Type> {
34 let result_attrs: HashMap<String, Vec<String>> = result.attrs;
35
36 let contains = |values: &Vec<String>, to_find: &str| {
37 values.iter().any(|elem| elem == to_find)
38 };
39
40 let object_class_vals = result_attrs.get("objectClass");
41 let flags_vals = result_attrs.get("flags");
42
43 if let Some(vals) = object_class_vals {
44 match () {
45 _ if contains(vals, "person") && contains(vals, "user") && !contains(vals, "computer") && !contains(vals, "group") => {
46 return Ok(Type::User);
47 }
48 _ if contains(vals, "msDS-GroupManagedServiceAccount") => {
49 return Ok(Type::User);
50 }
51 _ if contains(vals, "group") => {
52 return Ok(Type::Group);
53 }
54 _ if contains(vals, "computer") => {
55 return Ok(Type::Computer);
56 }
57 _ if contains(vals, "organizationalUnit") => {
58 return Ok(Type::Ou);
59 }
60 _ if contains(vals, "domain") => {
61 return Ok(Type::Domain);
62 }
63 _ if contains(vals, "groupPolicyContainer") => {
64 return Ok(Type::Gpo);
65 }
66 _ if contains(vals, "top") && contains(vals, "foreignSecurityPrincipal") => {
67 return Ok(Type::ForeignSecurityPrincipal);
68 }
69 _ if contains(vals, "top") && contains(vals, "container") && !contains(vals, "groupPolicyContainer") => {
70 return Ok(Type::Container);
71 }
72 _ if contains(vals, "trustedDomain") => {
73 return Ok(Type::Trust);
74 }
75 _ if contains(vals, "certificationAuthority") && result.dn.contains(DirectoryPaths::ROOT_CA_LOCATION) => {
76 return Ok(Type::RootCA);
77 }
78 _ if contains(vals, "pKIEnrollmentService") && result.dn.contains(DirectoryPaths::ENTERPRISE_CA_LOCATION) => {
79 return Ok(Type::EnterpriseCA);
80 }
81 _ if contains(vals, "pKICertificateTemplate") && result.dn.contains(DirectoryPaths::CERT_TEMPLATE_LOCATION) => {
82 return Ok(Type::CertTemplate);
83 }
84 _ if contains(vals, "certificationAuthority") && result.dn.contains(DirectoryPaths::AIA_CA_LOCATION) => {
85 return Ok(Type::AIACA);
86 }
87 _ if contains(vals, "certificationAuthority") && result.dn.contains(DirectoryPaths::NT_AUTH_STORE_LOCATION) => {
88 return Ok(Type::NtAutStore);
89 }
90 _ if contains(vals, "msPKI-Enterprise-Oid") && result.dn.contains(DirectoryPaths::ISSUANCE_LOCATION) => {
91 if let Some(flags) = flags_vals {
92 if contains(flags, "2") {
93 return Ok(Type::IssuancePolicie);
94 }
95 }
96 }
97 _ => {}
98 }
99 }
100 Err(Type::Unknown)
101}
102
103pub struct DirectoryPaths;
105
106impl DirectoryPaths {
107 pub const ENTERPRISE_CA_LOCATION : &'static str = "CN=Enrollment Services,CN=Public Key Services,CN=Services,CN=Configuration";
108 pub const ROOT_CA_LOCATION : &'static str = "CN=Certification Authorities,CN=Public Key Services,CN=Services,CN=Configuration";
109 pub const AIA_CA_LOCATION : &'static str = "CN=AIA,CN=Public Key Services,CN=Services,CN=Configuration";
110 pub const CERT_TEMPLATE_LOCATION : &'static str = "CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration";
111 pub const NT_AUTH_STORE_LOCATION : &'static str = "CN=NTAuthCertificates,CN=Public Key Services,CN=Services,CN=Configuration";
112 pub const PKI_LOCATION : &'static str = "CN=Public Key Services,CN=Services,CN=Configuration";
113 pub const CONFIG_LOCATION : &'static str = "CN=Configuration";
114 pub const ISSUANCE_LOCATION : &'static str = "CN=OID,CN=Public Key Services,CN=Services,CN=Configuration";
115}