Skip to content

Commit

Permalink
Merge pull request #78 from BloodHoundAD/BED-3926
Browse files Browse the repository at this point in the history
fix: bad filter sneaking into configurations NC
  • Loading branch information
rvazarkar authored Nov 29, 2023
2 parents 437894e + ff68481 commit a341b73
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 5 deletions.
2 changes: 1 addition & 1 deletion src/Producers/BaseProducer.cs
Original file line number Diff line number Diff line change
Expand Up @@ -151,7 +151,7 @@ protected LDAPData CreateConfigNCData()
props.AddRange(CommonProperties.TypeResolutionProps);

var methods = Context.ResolvedCollectionMethods;
var allObjectTypesQuery = query.AddContainers().AddConfiguration().AddCertificateTemplates().AddCertificateAuthorities().AddEnterpriseCertificationAuthorities();
var allObjectTypesQuery = new LDAPFilter().AddContainers().AddConfiguration().AddCertificateTemplates().AddCertificateAuthorities().AddEnterpriseCertificationAuthorities();

if ((methods & ResolvedCollectionMethod.ObjectProps) != 0)
{
Expand Down
9 changes: 5 additions & 4 deletions src/Producers/LdapProducer.cs
Original file line number Diff line number Diff line change
Expand Up @@ -94,9 +94,12 @@ public override async Task ProduceConfigNC()
{
var cancellationToken = Context.CancellationTokenSource.Token;
var configNcData = CreateConfigNCData();
List<string> configurationNCsCollected = new List<string>();
var configurationNCsCollected = new List<string>();

foreach (EnumerationDomain domain in Context.Domains)
if (string.IsNullOrEmpty(configNcData.Filter.GetFilter()))
return;

foreach (var domain in Context.Domains)
{
var configAdsPath = Context.LDAPUtils.GetConfigurationPath(domain.Name);
if (!configurationNCsCollected.Contains(configAdsPath))
Expand All @@ -121,8 +124,6 @@ public override async Task ProduceConfigNC()
Context.Logger.LogTrace("Skipping already collected config NC '{path}' for domain {Domain}", configAdsPath, domain.Name);
}
}

}

}
}

0 comments on commit a341b73

Please sign in to comment.