From 72893712dc6c31b4998cb89b4b7f408c9f10dc49 Mon Sep 17 00:00:00 2001 From: Petros Koutroumpis Date: Tue, 30 Jul 2019 11:04:45 +0100 Subject: [PATCH] Added GenericWrite link to GPOs --- Sharphound2/Enumeration/ACLHelpers.cs | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/Sharphound2/Enumeration/ACLHelpers.cs b/Sharphound2/Enumeration/ACLHelpers.cs index d96135e..fd4ae5f 100644 --- a/Sharphound2/Enumeration/ACLHelpers.cs +++ b/Sharphound2/Enumeration/ACLHelpers.cs @@ -545,6 +545,32 @@ public static void GetObjectAces(SearchResultEntry entry, ResolvedEntry resolved continue; } + if (rights.HasFlag(ActiveDirectoryRights.GenericWrite) || rights.HasFlag(ActiveDirectoryRights.WriteProperty)) + { + if (rights.HasFlag(ActiveDirectoryRights.GenericWrite) && + (objectAceType == AllGuid || objectAceType == "")) + { + aces.Add(new ACL + { + AceType = "", + RightName = "GenericWrite", + PrincipalName = principal.PrincipalName, + PrincipalType = principal.ObjectType + }); + } + else if (rights.HasFlag(ActiveDirectoryRights.WriteProperty) && + (objectAceType == AllGuid || objectAceType == "")) + { + aces.Add(new ACL + { + AceType = "", + RightName = "GenericWrite", + PrincipalName = principal.PrincipalName, + PrincipalType = principal.ObjectType + }); + } + } + if (rights.HasFlag(ActiveDirectoryRights.WriteDacl)) { aces.Add(new ACL