-
-
Notifications
You must be signed in to change notification settings - Fork 30
/
Copy pathparse-memberships.py
76 lines (64 loc) · 2.94 KB
/
parse-memberships.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
#!/usr/bin/python3
# Author: Dylan Evans|fin3ss3g0d
import re
import sys
import os
import collections
def escape_special_characters(input_string):
# Escape backslash first to avoid double escaping later characters
escaped_string = re.sub(r'\\', r'\\\\', input_string)
# Escape other special characters
escaped_string = re.sub(r'("|\$|`)', r'\\\1', escaped_string)
return escaped_string
def process_file(filename, domain):
user_group_dict = collections.defaultdict(set)
try:
with open(filename, 'r', encoding='cp1252') as file:
for line in file:
match = re.match(r'User ([\w.-]+)@' + domain + r' is MemberOf (.*?)@' + domain + r' (\(Group/Base\)|\(Base/Group\))', line, re.IGNORECASE)
if match:
username = match.group(1).lower()
group = match.group(2).strip()
user_group_dict[username].add(group)
print("user_group_dict contents:")
for key, values in user_group_dict.items():
print(f"{key}: {', '.join(values)}")
except Exception as e:
print(f"Error processing file: {e}")
return user_group_dict
def process_ntds_file(filename, user_group_dict, output_dir):
group_files = set()
try:
with open(filename, 'r', encoding='cp1252') as file:
for line in file:
match = re.match(r'(.*?)\\([\w.-]*):.*', line)
if match:
domain = match.group(1).lower()
username = match.group(2).lower()
print(f"Checking for match: {username}")
if username in user_group_dict:
for group in user_group_dict[username]:
print(f"Match found for user '{username}' in group '{group}': {line.strip()}")
group_name = group.replace(' ', '_')
output_file_path = os.path.join(output_dir, f'{group_name}.txt')
group_files.add(output_file_path)
with open(output_file_path, 'a') as output_file:
output_file.write(f"{domain}\\{username}\n")
except Exception as e:
print(f"Error processing NTDS file: {e}")
print("\nCommandline arguments for DPAT (run from output dir):")
print("-g", end=' ')
for file_path in group_files:
basename = os.path.basename(file_path)
escaped_basename = escape_special_characters(basename)
print(f'"{escaped_basename}"', end=' ')
print()
if __name__ == "__main__":
if len(sys.argv) != 5:
print(f"Usage: python {sys.argv[0]} <memberships_filename> <domain> <ntds_filename> <output_directory>")
sys.exit(1)
try:
user_group_dict = process_file(sys.argv[1], sys.argv[2])
process_ntds_file(sys.argv[3], user_group_dict, sys.argv[4])
except Exception as e:
print(f"Error running script: {e}")