rusthound_ce/json/checker/
mod.rs

1use std::collections::HashMap;
2use std::error::Error;
3
4use log::{info,debug};
5use crate::args::Options;
6use crate::enums::{ldaptype::*, templates_enabled_change_displayname_to_sid};
7use crate::objects::{
8    user::User,
9    computer::Computer,
10    group::Group,
11    ou::Ou,
12    container::Container,
13    gpo::Gpo,
14    domain::Domain,
15    fsp::Fsp,
16    trust::Trust,
17    ntauthstore::NtAuthStore,
18    aiaca::AIACA,
19    rootca::RootCA,
20    enterpriseca::EnterpriseCA,
21    certtemplate::CertTemplate,
22    inssuancepolicie::IssuancePolicie,
23};
24pub mod common;
25
26/// Functions to replace and add missing values
27pub fn check_all_result(
28    common_args:             &Options,
29    vec_users:               &mut Vec<User>,
30    vec_groups:              &mut Vec<Group>,
31    vec_computers:           &mut [Computer],
32    vec_ous:                 &mut [Ou],
33    vec_domains:             &mut Vec<Domain>,
34    vec_gpos:                &mut [Gpo],
35    _vec_fsps:               &mut [Fsp],
36    vec_containers:          &mut [Container],
37    vec_trusts:              &mut [Trust],
38    vec_ntauthstores:        &mut [NtAuthStore],
39    vec_aiacas:              &mut [AIACA],
40    vec_rootcas:             &mut [RootCA],
41    vec_enterprisecas:       &mut [EnterpriseCA],
42    vec_certtemplates:       &mut [CertTemplate],
43    vec_issuancepolicies:    &mut [IssuancePolicie],
44    dn_sid:                  &mut HashMap<String, String>,
45    sid_type:                &mut HashMap<String, String>,
46    fqdn_sid:                &mut HashMap<String, String>,
47    _fqdn_ip:                &mut HashMap<String, String>,
48) -> Result<(), Box<dyn Error>> {
49    let domain = &common_args.domain;
50    info!("Starting checker to replace some values...");
51    
52    debug!("Replace SID with checker.rs started");
53    common::replace_fqdn_by_sid(Type::User, vec_users, fqdn_sid)?;
54    common::replace_fqdn_by_sid(Type::Computer, vec_computers, fqdn_sid)?;
55    templates_enabled_change_displayname_to_sid(vec_certtemplates, vec_enterprisecas)?;
56    common::replace_sid_members(vec_groups, dn_sid, sid_type, vec_trusts)?;
57    debug!("Replace SID finished!");
58
59    debug!("Adding defaults groups and default users");
60    common::add_default_groups(vec_groups, &vec_computers, domain.to_owned())?;
61    common::add_default_users(vec_users, domain.to_owned())?;
62    debug!("Defaults groups and default users added!");
63
64    debug!("Adding PrincipalType for ACEs started");
65    common::add_type_for_ace(vec_users, sid_type)?;
66    common::add_type_for_ace(vec_groups, sid_type)?;
67    common::add_type_for_ace(vec_computers, sid_type)?;
68    common::add_type_for_ace(vec_gpos, sid_type)?;
69    common::add_type_for_ace(vec_ous, sid_type)?;
70    common::add_type_for_ace(vec_domains, sid_type)?;
71    common::add_type_for_ace(vec_containers, sid_type)?;
72    common::add_type_for_ace(vec_ntauthstores, sid_type)?;
73    common::add_type_for_ace(vec_aiacas, sid_type)?;
74    common::add_type_for_ace(vec_rootcas, sid_type)?;
75    common::add_type_for_ace(vec_enterprisecas, sid_type)?;
76    common::add_type_for_ace(vec_certtemplates, sid_type)?;
77    common::add_type_for_ace(vec_issuancepolicies, sid_type)?;
78
79    common::add_type_for_allowtedtoact(vec_computers, sid_type)?;
80    debug!("PrincipalType for ACEs added!");
81
82    debug!("Adding ChildObject members started");
83    common::add_childobjects_members(vec_ous, dn_sid, sid_type)?;
84    common::add_childobjects_members(vec_domains, dn_sid, sid_type)?;
85    common::add_childobjects_members(vec_containers, dn_sid, sid_type)?;
86    debug!("ChildObject members added!");
87
88    debug!("Adding ContainedBy value started");
89    common::add_contained_by_for(vec_users, dn_sid, sid_type)?;
90    common::add_contained_by_for(vec_groups, dn_sid, sid_type)?;
91    common::add_contained_by_for(vec_computers, dn_sid, sid_type)?;
92    common::add_contained_by_for(vec_gpos, dn_sid, sid_type)?;
93    common::add_contained_by_for(vec_ous, dn_sid, sid_type)?;
94    common::add_contained_by_for(vec_containers, dn_sid, sid_type)?;
95    common::add_contained_by_for(vec_ntauthstores, dn_sid, sid_type)?;
96    common::add_contained_by_for(vec_aiacas, dn_sid, sid_type)?;
97    common::add_contained_by_for(vec_rootcas, dn_sid, sid_type)?;
98    common::add_contained_by_for(vec_enterprisecas, dn_sid, sid_type)?;
99    common::add_contained_by_for(vec_certtemplates, dn_sid, sid_type)?;
100    common::add_contained_by_for(vec_issuancepolicies, dn_sid, sid_type)?;
101
102    debug!("ContainedBy value added!");
103
104    debug!("Adding affected computers in GpoChanges");
105    common::add_affected_computers(vec_domains, sid_type)?;
106    common::add_affected_computers_for_ou(vec_ous, dn_sid, sid_type)?;
107    debug!("Affected computers in GpoChanges added!");
108
109    debug!("Replacing guid for gplinks started");
110    common::replace_guid_gplink(vec_ous, dn_sid)?;
111    common::replace_guid_gplink(vec_domains, dn_sid)?;
112    debug!("guid for gplinks added!");
113
114    if !vec_trusts.is_empty() {
115        debug!("Adding trust domain relation");
116        common::add_trustdomain(vec_domains, vec_trusts)?;
117        debug!("Trust domain relation added!");
118    }
119    info!("Checking and replacing some values finished!");
120    Ok(())
121}