Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed PR for Authorized Signature Modification #11

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Fixed PR for Authorized Signature Modification #11

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d0eba36
Added additional help output for authorized signature modification
b1gbroth3r Dec 8, 2021
e3aacdb
added support for modifying authorized signature flag
b1gbroth3r Dec 8, 2021
1c7a10c
Update StandIn/StandIn/Program.cs
b1gbroth3r Mar 9, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 50 additions & 7 deletions StandIn/StandIn/Program.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3557,7 +3557,7 @@ public static void GetADCSTemplates(String sFilter = "", String sDomain = "", St
}
}

public static void ModifyADCSTemplate(String sFilter, Boolean bEKU, Boolean bNameFalg, Boolean bEnrollFlag, Boolean bRemove, String sDomain = "", String sUser = "", String sPass = "")
public static void ModifyADCSTemplate(String sFilter, Boolean bEKU, Boolean bNameFalg, Boolean bEnrollFlag, Boolean bRemove, Boolean bSignature, int iRestoreValue, String sDomain = "", String sUser = "", String sPass = "")
{
try
{
Expand Down Expand Up @@ -3812,6 +3812,26 @@ public static void ModifyADCSTemplate(String sFilter, Boolean bEKU, Boolean bNam
Console.WriteLine("\n[+] Removing msPKI-Enrollment-Flag : PEND_ALL_REQUESTS");
mde.Properties["mspki-enrollment-flag"].Value = (Int32)(oEnrollFlags & ~hStandIn.msPKIEnrollmentFlag.PEND_ALL_REQUESTS);
}
} else if (bSignature)
{
if (bRemove)
{
var currentSigVal = (int)mde.Properties["mspki-ra-signature"].Value;
if (currentSigVal == 0)
{
Console.WriteLine("\n[!] msPKI-RA-Signature flag is already set to 0");
}
else
{
Console.WriteLine("\n[+] Removing msPKI-RA-Signature flag...");
mde.Properties["mspki-ra-signature"].Value = 0;
}
}
else
{
Console.WriteLine("\n[+] Restoring msPKI-RA-Signature Value to " + iRestoreValue.ToString());
mde.Properties["mspki-ra-signature"].Value = iRestoreValue;
}
}

mde.CommitChanges();
Expand Down Expand Up @@ -4219,6 +4239,12 @@ class ArgOptions

[Option(null, "limit")]
public UInt32 iLimit { get; set; }

[Option(null, "signature")]
public Boolean bSig { get; set; }

[Option(null, "restore")]
public int iSigValue { get; set; }
}

static void Main(string[] args)
Expand Down Expand Up @@ -4409,10 +4435,10 @@ static void Main(string[] args)
{
if (ArgOptions.bAdd)
{
ModifyADCSTemplate(ArgOptions.sFilter, true, false, false, false, ArgOptions.sDomain, ArgOptions.sUser, ArgOptions.sPass);
ModifyADCSTemplate(ArgOptions.sFilter, true, false, false, false, false, ArgOptions.iSigValue = 0, ArgOptions.sDomain, ArgOptions.sUser, ArgOptions.sPass);
} else
{
ModifyADCSTemplate(ArgOptions.sFilter, true, false, false, true, ArgOptions.sDomain, ArgOptions.sUser, ArgOptions.sPass);
ModifyADCSTemplate(ArgOptions.sFilter, true, false, false, true, false, ArgOptions.iSigValue = 0, ArgOptions.sDomain, ArgOptions.sUser, ArgOptions.sPass);
}
} else
{
Expand All @@ -4424,28 +4450,45 @@ static void Main(string[] args)
{
if (ArgOptions.bAdd)
{
ModifyADCSTemplate(ArgOptions.sFilter, false, true, false, false, ArgOptions.sDomain, ArgOptions.sUser, ArgOptions.sPass);
ModifyADCSTemplate(ArgOptions.sFilter, false, true, false, false, false, ArgOptions.iSigValue = 0, ArgOptions.sDomain, ArgOptions.sUser, ArgOptions.sPass);
}
else
{
ModifyADCSTemplate(ArgOptions.sFilter, false, true, false, true, ArgOptions.sDomain, ArgOptions.sUser, ArgOptions.sPass);
ModifyADCSTemplate(ArgOptions.sFilter, false, true, false, true, false, ArgOptions.iSigValue = 0, ArgOptions.sDomain, ArgOptions.sUser, ArgOptions.sPass);
}
}
else
{
Console.WriteLine("[!] Insufficient arguments provided (--filter/--add/--remove)..");
}
} else if (ArgOptions.bSig)
{
if (!String.IsNullOrEmpty(ArgOptions.sFilter) && ArgOptions.bRemove || (ArgOptions.iSigValue > 0))
{
if (ArgOptions.iSigValue > 0)
{
ModifyADCSTemplate(ArgOptions.sFilter, false, false, false, false, true, ArgOptions.iSigValue, ArgOptions.sDomain, ArgOptions.sUser, ArgOptions.sPass);
}
else
{
ModifyADCSTemplate(ArgOptions.sFilter, false, false, false, true, false, ArgOptions.iSigValue = 0, ArgOptions.sDomain, ArgOptions.sUser, ArgOptions.sPass);
b1gbroth3r marked this conversation as resolved.
Show resolved Hide resolved
}
}
else
{
Console.WriteLine("[!] Insufficient arguments provided (--filter/--remove/--restore <val>)..");
}
} else if (ArgOptions.bPend)
{
if (!String.IsNullOrEmpty(ArgOptions.sFilter) && ArgOptions.bAdd || ArgOptions.bRemove)
{
if (ArgOptions.bAdd)
{
ModifyADCSTemplate(ArgOptions.sFilter, false, false, true, false, ArgOptions.sDomain, ArgOptions.sUser, ArgOptions.sPass);
ModifyADCSTemplate(ArgOptions.sFilter, false, false, true, false, false, ArgOptions.iSigValue = 0, ArgOptions.sDomain, ArgOptions.sUser, ArgOptions.sPass);
}
else
{
ModifyADCSTemplate(ArgOptions.sFilter, false, false, true, true, ArgOptions.sDomain, ArgOptions.sUser, ArgOptions.sPass);
ModifyADCSTemplate(ArgOptions.sFilter, false, false, true, true, false, ArgOptions.iSigValue = 0, ArgOptions.sDomain, ArgOptions.sUser, ArgOptions.sPass);
}
}
else
Expand Down
6 changes: 6 additions & 0 deletions StandIn/StandIn/hStandIn.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -401,6 +401,12 @@ public static void getHelp()
"StandIn.exe --adcs --filter Kingsport --ntaccount \"REDHOOK\\MBWillett\" --enroll --add\n" +
"StandIn.exe --adcs --filter Kingsport --ntaccount \"REDHOOK\\MBWillett\" --enroll --remove --domain redhook --user RFludd --pass Cl4vi$Alchemi4e\n\n" +

"# Removes authorized signatures requirement by setting value to 0, can also restore signature value by specifying --restore <num>, filter should contain exact name of the template\n" +
"StandIn.exe --adcs --filter Kingsport --signature --remove\n" +
"StandIn.exe --adcs --filter Kingsport --signature --domain redhook --user RFludd --pass Cl4vi$Alchemi4e\n\n" +
"StandIn.exe --adcs --filter Kingsport --signature --restore 1" +
"StandIn.exe --adcs --filter Kingsport --signature --restore 1 --domain redhook --user RFludd --pass Cl4vi$Alchemi4e\n\n" +

"# Create machine object\n" +
"StandIn.exe --computer Innsmouth --make\n" +
"StandIn.exe --computer Innsmouth --make --domain redhook --user RFludd --pass Cl4vi$Alchemi4e\n\n" +
Expand Down