Skip to content

Commit

Permalink
Renamed some variables, fixed merging, better objects for local machi…
Browse files Browse the repository at this point in the history 
…nes and added a detector for Remote Desktop based on privileges and not group name only
  • Loading branch information
@lkarlslund
lkarlslund committed Sep 27, 2022
1 parent 46ea5b4 commit de0d736
Show file tree
Hide file tree
Showing 3 changed files with 147 additions and 128 deletions.
29 changes: 17 additions & 12 deletions modules/engine/object.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -185,20 +185,20 @@ func (o *Object) AbsorbEx(source *Object, fast bool) {
})
}

for pwntarget, methods := range source.edges[Out] {
target.edges[Out][pwntarget] = target.edges[Out][pwntarget].Merge(methods)
delete(source.edges[Out], pwntarget)
for edgetarget, edges := range source.edges[Out] {
target.edges[Out][edgetarget] = target.edges[Out][edgetarget].Merge(edges)
delete(source.edges[Out], edgetarget)

pwntarget.edges[In][target] = pwntarget.edges[In][target].Merge(methods)
delete(pwntarget.edges[In], source)
edgetarget.edges[In][target] = edgetarget.edges[In][target].Merge(edges)
delete(edgetarget.edges[In], source)
}

for pwner, methods := range source.edges[In] {
target.edges[In][pwner] = target.edges[In][pwner].Merge(methods)
delete(source.edges[In], pwner)
for edgesource, edges := range source.edges[In] {
target.edges[In][edgesource] = target.edges[In][edgesource].Merge(edges)
delete(source.edges[In], edgesource)

pwner.edges[Out][target] = pwner.edges[Out][target].Merge(methods)
delete(pwner.edges[Out], source)
edgesource.edges[Out][target] = edgesource.edges[Out][target].Merge(edges)
delete(edgesource.edges[Out], source)
}

for _, child := range source.children {
Expand Down Expand Up @@ -374,6 +374,9 @@ func (o *Object) OneAttrRendered(attr Attribute) string {

// Returns synthetic blank attribute value if it isn't set
func (o *Object) get(attr Attribute) (AttributeValues, bool) {
if o.invalidated {
panic("object is invalidated")
}
if attributenums[attr].onget != nil {
return attributenums[attr].onget(o, attr)
}
Expand Down Expand Up @@ -998,7 +1001,8 @@ func (o *Object) ChildOf(parent *Object) {
if o.parent != nil {
// Unlock, as we call thing that lock in the debug message
o.unlock()
ui.Debug().Msgf("Object already %v has %v as parent, so I'm not assigning %v as parent", o.Label(), o.parent.Label(), parent.Label())
ui.Debug().Msgf("Object %v already has %v as parent, so I'm not assigning %v as parent", o.Label(), o.parent.Label(), parent.Label())
return
o.lock()
// panic("objects can only have one parent")
}
Expand All @@ -1011,7 +1015,8 @@ func (o *Object) ChildOf(parent *Object) {

func (o *Object) childOf(parent *Object) {
if o.parent != nil {
ui.Debug().Msgf("Object already %v has %v as parent, so I'm not assigning %v as parent", o.Label(), o.parent.Label(), parent.Label())
ui.Debug().Msgf("Object %v already has %v as parent, so I'm not assigning %v as parent", o.Label(), o.parent.Label(), parent.Label())
return
}
o.parent = parent
parent.children = append(parent.children, o)
Expand Down
17 changes: 9 additions & 8 deletions modules/integrations/localmachine/analyze/analyzer.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,14 +37,15 @@ var (
EdgeSeRestorePrivilege = engine.NewEdge("SeRestorePrivilege")
EdgeSeTakeOwnershipPrivilege = engine.NewEdge("SeTakeOwnershipPrivilege")

EdgeSeAssignPrimaryToken = engine.NewEdge("SeAssignPrimaryToken")
EdgeSeCreateToken = engine.NewEdge("SeCreateToken")
EdgeSeDebug = engine.NewEdge("SeDebug")
EdgeSeImpersonate = engine.NewEdge("SeImpersonate").RegisterProbabilityCalculator(func(source, target *engine.Object) engine.Probability { return 20 })
EdgeSeLoadDriver = engine.NewEdge("SeLoadDriver")
EdgeSeManageVolume = engine.NewEdge("SeManageVolume")
EdgeSeTakeOwnership = engine.NewEdge("SeTakeOwnership")
EdgeSeTcb = engine.NewEdge("SeTcb")
EdgeSeAssignPrimaryToken = engine.NewEdge("SeAssignPrimaryToken")
EdgeSeCreateToken = engine.NewEdge("SeCreateToken")
EdgeSeDebug = engine.NewEdge("SeDebug")
EdgeSeImpersonate = engine.NewEdge("SeImpersonate").RegisterProbabilityCalculator(func(source, target *engine.Object) engine.Probability { return 20 })
EdgeSeLoadDriver = engine.NewEdge("SeLoadDriver")
EdgeSeManageVolume = engine.NewEdge("SeManageVolume")
EdgeSeTakeOwnership = engine.NewEdge("SeTakeOwnership")
EdgeSeTrustedCredManAccess = engine.NewEdge("SeTrustedCredManAccess")
EdgeSeTcb = engine.NewEdge("SeTcb")

EdgeSIDCollision = engine.NewEdge("SIDCollision")

Expand Down
Loading

0 comments on commit de0d736

Please sign in to comment.