rusthound_ce/enums/
ldaptype.rs1use ldap3::SearchEntry;
2pub enum Type {
6 User,
7 Computer,
8 Group,
9 Ou,
10 Domain,
11 Gpo,
12 ForeignSecurityPrincipal,
13 Container,
14 Trust,
15 RootCA,
16 NtAutStore,
17 EnterpriseCA,
18 AIACA,
19 CertTemplate,
20 IssuancePolicie,
21 Unknown
22}
23
24pub fn get_type(result: &SearchEntry) -> std::result::Result<Type, Type> {
26 let result_attrs = &result.attrs;
27
28 let contains = |values: &Vec<String>, to_find: &str| values.iter().any(|elem| elem == to_find);
29 let object_class_vals = result_attrs.get("objectClass");
30 let flags_vals = result_attrs.get("flags");
31
32 if let Some(vals) = object_class_vals {
33 match () {
34 _ if contains(vals, "person")
35 && contains(vals, "user")
36 && !contains(vals, "computer")
37 && !contains(vals, "group") => {
38 return Ok(Type::User);
39 }
40 _ if contains(vals, "msDS-GroupManagedServiceAccount") => {
41 return Ok(Type::User);
42 }
43 _ if contains(vals, "group") => {
44 return Ok(Type::Group);
45 }
46 _ if contains(vals, "computer") => {
47 return Ok(Type::Computer);
48 }
49 _ if contains(vals, "organizationalUnit") => {
50 return Ok(Type::Ou);
51 }
52 _ if contains(vals, "domain") => {
53 return Ok(Type::Domain);
54 }
55 _ if contains(vals, "groupPolicyContainer") => {
56 return Ok(Type::Gpo);
57 }
58 _ if contains(vals, "top")
59 && contains(vals, "foreignSecurityPrincipal") => {
60 return Ok(Type::ForeignSecurityPrincipal);
61 }
62 _ if contains(vals, "top") && contains(vals, "container")
63 && !contains(vals, "groupPolicyContainer") => {
64 return Ok(Type::Container);
65 }
66 _ if contains(vals, "trustedDomain") => {
67 return Ok(Type::Trust);
68 }
69 _ if contains(vals, "certificationAuthority")
70 && result.dn.contains(DirectoryPaths::ROOT_CA_LOCATION) => {
71 return Ok(Type::RootCA);
72 }
73 _ if contains(vals, "pKIEnrollmentService")
74 && result.dn.contains(DirectoryPaths::ENTERPRISE_CA_LOCATION) => {
75 return Ok(Type::EnterpriseCA);
76 }
77 _ if contains(vals, "pKICertificateTemplate")
78 && result.dn.contains(DirectoryPaths::CERT_TEMPLATE_LOCATION) => {
79 return Ok(Type::CertTemplate);
80 }
81 _ if contains(vals, "certificationAuthority")
82 && result.dn.contains(DirectoryPaths::AIA_CA_LOCATION) => {
83 return Ok(Type::AIACA);
84 }
85 _ if contains(vals, "certificationAuthority")
86 && result.dn.contains(DirectoryPaths::NT_AUTH_STORE_LOCATION) => {
87 return Ok(Type::NtAutStore);
88 }
89 _ if contains(vals, "msPKI-Enterprise-Oid")
90 && result.dn.contains(DirectoryPaths::ISSUANCE_LOCATION) => {
91 if let Some(flags) = flags_vals {
92 if contains(flags, "2") {
93 return Ok(Type::IssuancePolicie);
94 }
95 }
96 }
97 _ => {}
98 }
99 }
100 Err(Type::Unknown)
101}
102
103pub struct DirectoryPaths;
105
106impl DirectoryPaths {
107 pub const ENTERPRISE_CA_LOCATION : &'static str = "CN=Enrollment Services,CN=Public Key Services,CN=Services,CN=Configuration";
108 pub const ROOT_CA_LOCATION : &'static str = "CN=Certification Authorities,CN=Public Key Services,CN=Services,CN=Configuration";
109 pub const AIA_CA_LOCATION : &'static str = "CN=AIA,CN=Public Key Services,CN=Services,CN=Configuration";
110 pub const CERT_TEMPLATE_LOCATION : &'static str = "CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration";
111 pub const NT_AUTH_STORE_LOCATION : &'static str = "CN=NTAuthCertificates,CN=Public Key Services,CN=Services,CN=Configuration";
112 pub const PKI_LOCATION : &'static str = "CN=Public Key Services,CN=Services,CN=Configuration";
113 pub const CONFIG_LOCATION : &'static str = "CN=Configuration";
114 pub const ISSUANCE_LOCATION : &'static str = "CN=OID,CN=Public Key Services,CN=Services,CN=Configuration";
115}