Fixed ReadLAPSPassword Logic

BloodHoundAD · Oct 16, 2024 · 33c75a3 · 33c75a3
1 parent b272381
commit 33c75a3
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 11 deletions.
diff --git a/src/CommonLib/Enums/LDAPProperties.cs b/src/CommonLib/Enums/LDAPProperties.cs
@@ -35,7 +35,7 @@ public static class LDAPProperties
         public const string OperatingSystem = "operatingsystem";
         public const string ServicePack = "operatingsystemservicepack";
         public const string DNSHostName = "dnshostname";
-        public const string LAPSExpirationTime = "ms-laps-passwordexpirationtime";
+        public const string LAPSExpirationTime = "mslaps-passwordexpirationtime";
         public const string LAPSPlaintextPassword = "ms-laps-password";
         public const string LAPSEncryptedPassword = "ms-laps-encryptedpassword";
         public const string LegacyLAPSExpirationTime = "ms-mcs-admpwdexpirationtime";

diff --git a/src/CommonLib/Processors/ACLProcessor.cs b/src/CommonLib/Processors/ACLProcessor.cs
@@ -300,8 +300,6 @@ public async IAsyncEnumerable<ACE> ProcessACL(byte[] ntSecurityDescriptor, strin
                     aceInheritanceHash = CalculateInheritanceHash(ir, aceRights, aceType, ace.InheritedObjectType());
                 }
 
-                _guidMap.TryGetValue(aceType, out var mappedGuid);
-
                 _log.LogTrace("Processing ACE with rights {Rights} and guid {GUID} on object {Name}", aceRights,
                     aceType, objectName);
 
@@ -414,14 +412,23 @@ public async IAsyncEnumerable<ACE> ProcessACL(byte[] ntSecurityDescriptor, strin
                                     RightName = EdgeNames.AllExtendedRights,
                                     InheritanceHash = aceInheritanceHash
                                 };
-                            else if (mappedGuid is LDAPProperties.LegacyLAPSPassword or LDAPProperties.LAPSPlaintextPassword or LDAPProperties.LAPSEncryptedPassword)
-                                yield return new ACE {
-                                    PrincipalType = resolvedPrincipal.ObjectType,
-                                    PrincipalSID = resolvedPrincipal.ObjectIdentifier,
-                                    IsInherited = inherited,
-                                    RightName = EdgeNames.ReadLAPSPassword,
-                                    InheritanceHash = aceInheritanceHash
-                                };
+                            else if (_guidMap.TryGetValue(aceType, out var lapsAttribute))
+                            {
+                                // Compare the retrieved attribute name against LDAPProperties values
+                                if (lapsAttribute == LDAPProperties.LegacyLAPSPassword ||
+                                    lapsAttribute == LDAPProperties.LAPSPlaintextPassword ||
+                                    lapsAttribute == LDAPProperties.LAPSEncryptedPassword)
+                                {
+                                    yield return new ACE
+                                    {
+                                        PrincipalType = resolvedPrincipal.ObjectType,
+                                        PrincipalSID = resolvedPrincipal.ObjectIdentifier,
+                                        IsInherited = inherited,
+                                        RightName = EdgeNames.ReadLAPSPassword,
+                                        InheritanceHash = aceInheritanceHash
+                                    };
+                                }
+                            }
                         }
                     } else if (objectType == Label.CertTemplate) {
                         if (aceType is ACEGuids.AllGuid or "")