rusthound_ce/enums/
ldaptype.rs1use ldap3::SearchEntry;
2use std::collections::HashMap;
3pub enum Type {
7 User,
8 Computer,
9 Group,
10 Ou,
11 Domain,
12 Gpo,
13 ForeignSecurityPrincipal,
14 Container,
15 Trust,
16 RootCA,
17 NtAutStore,
18 EnterpriseCA,
19 AIACA,
20 CertTemplate,
21 IssuancePolicie,
22 Unknown
23}
24
25pub fn get_type(result: SearchEntry) -> std::result::Result<Type, Type> {
27 let result_attrs: HashMap<String, Vec<String>> = result.attrs;
28
29 let contains = |values: &Vec<String>, to_find: &str| values.iter().any(|elem| elem == to_find);
30 let object_class_vals = result_attrs.get("objectClass");
31 let flags_vals = result_attrs.get("flags");
32
33 if let Some(vals) = object_class_vals {
34 match () {
35 _ if contains(vals, "person")
36 && contains(vals, "user")
37 && !contains(vals, "computer")
38 && !contains(vals, "group") => {
39 return Ok(Type::User);
40 }
41 _ if contains(vals, "msDS-GroupManagedServiceAccount") => {
42 return Ok(Type::User);
43 }
44 _ if contains(vals, "group") => {
45 return Ok(Type::Group);
46 }
47 _ if contains(vals, "computer") => {
48 return Ok(Type::Computer);
49 }
50 _ if contains(vals, "organizationalUnit") => {
51 return Ok(Type::Ou);
52 }
53 _ if contains(vals, "domain") => {
54 return Ok(Type::Domain);
55 }
56 _ if contains(vals, "groupPolicyContainer") => {
57 return Ok(Type::Gpo);
58 }
59 _ if contains(vals, "top")
60 && contains(vals, "foreignSecurityPrincipal") => {
61 return Ok(Type::ForeignSecurityPrincipal);
62 }
63 _ if contains(vals, "top") && contains(vals, "container")
64 && !contains(vals, "groupPolicyContainer") => {
65 return Ok(Type::Container);
66 }
67 _ if contains(vals, "trustedDomain") => {
68 return Ok(Type::Trust);
69 }
70 _ if contains(vals, "certificationAuthority")
71 && result.dn.contains(DirectoryPaths::ROOT_CA_LOCATION) => {
72 return Ok(Type::RootCA);
73 }
74 _ if contains(vals, "pKIEnrollmentService")
75 && result.dn.contains(DirectoryPaths::ENTERPRISE_CA_LOCATION) => {
76 return Ok(Type::EnterpriseCA);
77 }
78 _ if contains(vals, "pKICertificateTemplate")
79 && result.dn.contains(DirectoryPaths::CERT_TEMPLATE_LOCATION) => {
80 return Ok(Type::CertTemplate);
81 }
82 _ if contains(vals, "certificationAuthority")
83 && result.dn.contains(DirectoryPaths::AIA_CA_LOCATION) => {
84 return Ok(Type::AIACA);
85 }
86 _ if contains(vals, "certificationAuthority")
87 && result.dn.contains(DirectoryPaths::NT_AUTH_STORE_LOCATION) => {
88 return Ok(Type::NtAutStore);
89 }
90 _ if contains(vals, "msPKI-Enterprise-Oid")
91 && result.dn.contains(DirectoryPaths::ISSUANCE_LOCATION) => {
92 if let Some(flags) = flags_vals {
93 if contains(flags, "2") {
94 return Ok(Type::IssuancePolicie);
95 }
96 }
97 }
98 _ => {}
99 }
100 }
101 Err(Type::Unknown)
102}
103
104pub struct DirectoryPaths;
106
107impl DirectoryPaths {
108 pub const ENTERPRISE_CA_LOCATION : &'static str = "CN=Enrollment Services,CN=Public Key Services,CN=Services,CN=Configuration";
109 pub const ROOT_CA_LOCATION : &'static str = "CN=Certification Authorities,CN=Public Key Services,CN=Services,CN=Configuration";
110 pub const AIA_CA_LOCATION : &'static str = "CN=AIA,CN=Public Key Services,CN=Services,CN=Configuration";
111 pub const CERT_TEMPLATE_LOCATION : &'static str = "CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration";
112 pub const NT_AUTH_STORE_LOCATION : &'static str = "CN=NTAuthCertificates,CN=Public Key Services,CN=Services,CN=Configuration";
113 pub const PKI_LOCATION : &'static str = "CN=Public Key Services,CN=Services,CN=Configuration";
114 pub const CONFIG_LOCATION : &'static str = "CN=Configuration";
115 pub const ISSUANCE_LOCATION : &'static str = "CN=OID,CN=Public Key Services,CN=Services,CN=Configuration";
116}