Attribute type fixes, AD Explorer conversion fix for "bool"

lkarlslund · Apr 19, 2022 · 6cfb28f · 6cfb28f
1 parent 093e807
commit 6cfb28f
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 33 deletions.
diff --git a/modules/engine/attributes.go b/modules/engine/attributes.go
@@ -27,7 +27,8 @@ type attributeinfo struct {
 type AttributeType uint8
 
 const (
-	AttributeTypeString AttributeType = iota
+	AttributeTypeUnknown AttributeType = iota
+	AttributeTypeString
 	AttributeTypeInt
 	AttributeTypeFloat
 	AttributeTypeBool
@@ -141,39 +142,30 @@ func (a Attribute) String() string {
 }
 
 func (a Attribute) Type(t AttributeType) Attribute {
-	ai := attributenums[a]
-	ai.atype = t
-	attributenums[a] = ai
+	attributenums[a].atype = t
 	return a
 }
 
 func (a Attribute) Single() Attribute {
-	ai := attributenums[a]
-	ai.single = true
-	attributenums[a] = ai
+	attributenums[a].single = true
 	return a
 }
 
 func (a Attribute) IsSingle() bool {
-	ai := attributenums[a]
-	return ai.single
+	return attributenums[a].single
 }
 
 func (a Attribute) Unique() Attribute {
-	ai := attributenums[a]
-	ai.unique = true
-	attributenums[a] = ai
+	attributenums[a].unique = true
 	return a
 }
 
 func (a Attribute) IsNonUnique() bool {
-	ai := attributenums[a]
-	return !ai.unique
+	return !attributenums[a].unique
 }
 
 func (a Attribute) IsUnique() bool {
-	ai := attributenums[a]
-	return ai.unique
+	return attributenums[a].unique
 }
 
 var ErrDontMerge = errors.New("Dont merge objects using any methods")

diff --git a/modules/integrations/activedirectory/attributes.go b/modules/integrations/activedirectory/attributes.go
@@ -17,15 +17,15 @@ var (
 	GroupType                  = engine.NewAttribute("groupType").Tag("AD").Single()
 	MemberOf                   = engine.NewAttribute("memberOf").Tag("AD")
 	Member                     = engine.NewAttribute("member").Tag("AD")
-	AccountExpires             = engine.NewAttribute("accountExpires").Tag("AD")
+	AccountExpires             = engine.NewAttribute("accountExpires").Tag("AD").Type(engine.AttributeTypeTime)
 	RepsTo                     = engine.NewAttribute("repsTo").Tag("AD")
 	InstanceType               = engine.NewAttribute("instanceType").Tag("AD")
 	ModifiedCount              = engine.NewAttribute("modifiedCount").Tag("AD")
 	MinPwdAge                  = engine.NewAttribute("minPwdAge").Tag("AD")
-	MinPwdLength               = engine.NewAttribute("minPwdLength").Tag("AD")
+	MinPwdLength               = engine.NewAttribute("minPwdLength").Tag("AD").Type(engine.AttributeTypeInt)
 	PwdProperties              = engine.NewAttribute("pwdProperties").Tag("AD")
 	LockOutDuration            = engine.NewAttribute("lockoutDuration").Tag("AD")
-	PwdHistoryLength           = engine.NewAttribute("pwdHistoryLength").Tag("AD")
+	PwdHistoryLength           = engine.NewAttribute("pwdHistoryLength").Tag("AD").Type(engine.AttributeTypeInt)
 	IsCriticalSystemObject     = engine.NewAttribute("isCriticalSystemObject").Tag("AD")
 	FSMORoleOwner              = engine.NewAttribute("fSMORoleOwner").Tag("AD")
 	NTMixedDomain              = engine.NewAttribute("nTMixedDomain").Tag("AD")
@@ -73,7 +73,7 @@ var (
 	MSDSHostServiceAccount      = engine.NewAttribute("msDS-HostServiceAccount").Tag("AD")
 	MSDSHostServiceAccountBL    = engine.NewAttribute("msDS-HostServiceAccountBL").Tag("AD")
 	MSmcsAdmPwdExpirationTime   = engine.NewAttribute("ms-mcs-AdmPwdExpirationTime").Tag("AD").Type(engine.AttributeTypeTime) // LAPS password timeout
-	SecurityIdentifier          = engine.NewAttribute("securityIdentifier")
+	SecurityIdentifier          = engine.NewAttribute("securityIdentifier").Type(engine.AttributeTypeSID)
 	TrustDirection              = engine.NewAttribute("trustDirection").Type(engine.AttributeTypeInt)
 	TrustAttributes             = engine.NewAttribute("trustAttributes")
 	TrustPartner                = engine.NewAttribute("trustPartner")

diff --git a/modules/integrations/activedirectory/rawobject.go b/modules/integrations/activedirectory/rawobject.go
@@ -80,6 +80,7 @@ func EncodeAttributeData(attribute engine.Attribute, values []string) engine.Att
 		case WhenChanged, WhenCreated, DsCorePropagationData,
 			MsExchLastUpdateTime, MsExchPolicyLastAppliedTime, MsExchWhenMailboxCreated,
 			GWARTLastModified, SpaceLastComputed:
+
 			tvalue := strings.TrimSuffix(value, "Z")  // strip "Z"
 			tvalue = strings.TrimSuffix(tvalue, ".0") // strip ".0"
 			switch len(tvalue) {
@@ -133,23 +134,23 @@ func EncodeAttributeData(attribute engine.Attribute, values []string) engine.Att
 			} else {
 				log.Warn().Msgf("Failed to convert attribute %v value %2x to GUID: %v", attribute.String(), []byte(value), err)
 			}
-		case ObjectCategory:
-			attributevalue = engine.AttributeValueString(value)
-		case ObjectSid, SIDHistory:
+		case ObjectSid, SIDHistory, SecurityIdentifier:
 			attributevalue = engine.AttributeValueSID(value)
 		default:
-			// Just use string encoding
-			if intval, err := strconv.ParseInt(value, 10, 64); err == nil {
-				attributevalue = engine.AttributeValueInt(intval)
+			// AUTO CONVERSION
+
+			if strings.HasSuffix(value, "Z") { // "20171111074031.0Z"
+				// Lets try as a timestamp
+				tvalue := strings.TrimSuffix(value, "Z")  // strip "Z"
+				tvalue = strings.TrimSuffix(tvalue, ".0") // strip ".0"
+				if t, err := time.Parse("20060102150405", tvalue); err == nil {
+					attributevalue = engine.AttributeValueTime(t)
+				}
 			}
 			if attributevalue == nil {
-				// Lets try as a timestamp
-				if strings.HasSuffix(value, "Z") { // "20171111074031.0Z"
-					tvalue := strings.TrimSuffix(value, "Z")  // strip "Z"
-					tvalue = strings.TrimSuffix(tvalue, ".0") // strip ".0"
-					if t, err := time.Parse("20060102150405", tvalue); err == nil {
-						attributevalue = engine.AttributeValueTime(t)
-					}
+				// Integer
+				if intval, err := strconv.ParseInt(value, 10, 64); err == nil {
+					attributevalue = engine.AttributeValueInt(intval)
 				}
 			}
 			if attributevalue == nil {