Merge branch 'testing' into esc13-detections

TrimarcJake · Nov 10, 2024 · c72c78b · c72c78b
2 parents d0bbe92 + 3210fe7
commit c72c78b
Show file tree

Hide file tree

Showing 6 changed files with 136 additions and 25 deletions.
diff --git a/Invoke-Locksmith.ps1 b/Invoke-Locksmith.ps1
@@ -1144,7 +1144,7 @@ function Find-ESC6 {
                 Name              = $_.Name
                 DistinguishedName = $_.DistinguishedName
                 Technique         = 'ESC6'
-                Issue             = $_.AuditFilter
+                Issue             = $_.SANFlag
                 Fix               = 'N/A'
                 Revert            = 'N/A'
             }
@@ -2468,17 +2468,35 @@ function Set-AdditionalCAProperty {
 
     begin {
         $CAEnrollmentEndpoint = @()
-        $code = @"
-using System.Net;
-using System.Security.Cryptography.X509Certificates;
-public class TrustAllCertsPolicy : ICertificatePolicy {
-    public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) {
-        return true;
-    }
-}
+        if (-not ([System.Management.Automation.PSTypeName]'TrustAllCertsPolicy') ) {
+            if ($PSVersionTable.PSEdition -eq 'Desktop') {
+                $code = @"
+                    using System.Net;
+                    using System.Security.Cryptography.X509Certificates;
+                    public class TrustAllCertsPolicy : ICertificatePolicy {
+                        public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) {
+                            return true;
+                        }
+                    }
+"@
+                Add-Type -TypeDefinition $code -Language CSharp
+                [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
+            }
+            else {
+                Add-Type @"
+                    using System.Net;
+                    using System.Security.Cryptography.X509Certificates;
+                    using System.Net.Security;
+                    public class TrustAllCertsPolicy {
+                        public static bool TrustAllCerts(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) {
+                            return true;
+                        }
+                    }
 "@
-        Add-Type -TypeDefinition $code -Language CSharp
-        [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
+                # Set the ServerCertificateValidationCallback
+                [System.Net.ServicePointManager]::ServerCertificateValidationCallback = [TrustAllCertsPolicy]::TrustAllCerts
+            }
+        }
     }
 
     process {
@@ -2662,6 +2680,44 @@ function Set-Severity {
     }
 }
 
+function Show-LocksmithLogo {
+    Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%'
+    Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%'
+    Write-Host '%%%%%%%%%%%%%%%%%#+==============#%%%%%%%%%%%%%%%%%'
+    Write-Host '%%%%%%%%%%%%%%#=====================#%%%%%%%%%%%%%%'
+    Write-Host '%%%%%%%%%%%%#=========================#%%%%%%%%%%%%'
+    Write-Host '%%%%%%%%%%%=============================%%%%%%%%%%%'
+    Write-Host '%%%%%%%%%#==============+++==============#%%%%%%%%%'
+    Write-Host '%%%%%%%%#===========#%%%%%%%%%#===========#%%%%%%%%'
+    Write-Host '%%%%%%%%==========%%%%%%%%%%%%%%%==========%%%%%%%%'
+    Write-Host '%%%%%%%*=========%%%%%%%%%%%%%%%%%=========*%%%%%%%'
+    Write-Host '%%%%%%%+========*%%%%%%%%%%%%%%%%%#=========%%%%%%%'
+    Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
+    Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
+    Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
+    Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
+    Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
+    Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%'
+    Write-Host '#=================================================#'
+    Write-Host '#=================================================#'
+    Write-Host '#=================+%%%============================#'
+    Write-Host '#==================%%%%*==========================#'
+    Write-Host '#===================*%%%%+========================#'
+    Write-Host '#=====================#%%%%=======================#'
+    Write-Host '#======================+%%%%#=====================#'
+    Write-Host '#========================*%%%%*===================#'
+    Write-Host '#========================+%%%%%===================#'
+    Write-Host '#======================#%%%%%+====================#'
+    Write-Host '#===================+%%%%%%=======================#'
+    Write-Host '#=================#%%%%%+=========================#'
+    Write-Host '#==============+%%%%%#============================#'
+    Write-Host '#============*%%%%%+====+%%%%%%%%%%===============#'
+    Write-Host '#=============%%*========+********+===============#'
+    Write-Host '#=================================================#'
+    Write-Host '#=================================================#'
+    Write-Host '#=================================================#'
+}
+
 function Test-IsADAdmin {
     <#
     .SYNOPSIS
@@ -3170,6 +3226,7 @@ function Invoke-Locksmith {
     )
 
     $Version = '2024.11.10'
+
     $LogoPart1 = @"
     _       _____  _______ _     _ _______ _______ _____ _______ _     _
     |      |     | |       |____/  |______ |  |  |   |      |    |_____|

diff --git a/Private/Find-ESC6.ps1 b/Private/Find-ESC6.ps1
@@ -36,7 +36,7 @@
                 Name              = $_.Name
                 DistinguishedName = $_.DistinguishedName
                 Technique         = 'ESC6'
-                Issue             = $_.AuditFilter
+                Issue             = $_.SANFlag
                 Fix               = 'N/A'
                 Revert            = 'N/A'
             }

diff --git a/Private/Invoke-Scans.ps1 b/Private/Invoke-Scans.ps1
@@ -99,9 +99,9 @@ function Invoke-Scans {
             Write-Host 'Identifying HTTP-based certificate enrollment interfaces (ESC8)...'
             [array]$ESC8 = Find-ESC8 -ADCSObjects $ADCSObjects
         }
-        ESC6 {
+        ESC11 {
             Write-Host 'Identifying Issuing CAs with IF_ENFORCEENCRYPTICERTREQUEST disabled (ESC11)...'
-            [array]$ESC6 = Find-ESC6 -ADCSObjects $ADCSObjects
+            [array]$ESC11 = Find-ESC11 -ADCSObjects $ADCSObjects
         }
         All {
             Write-Host 'Identifying auditing issues...'

diff --git a/Private/New-Dictionary.ps1 b/Private/New-Dictionary.ps1
@@ -21,7 +21,7 @@ descriptions, code used to find, code used to fix, and reference URLs. This is i
 
 function New-Dictionary {
     class VulnerableConfigurationItem {
-        static [string] $Version = '2023.10.01.000'
+        static [string] $Version = '2024.11.03.000'
         [string]$Name
         [ValidateSet('Escalation Path','Server Configuration','GPO Setting')][string]$Category
         [string]$Subcategory

diff --git a/Private/Set-AdditionalCAProperty.ps1 b/Private/Set-AdditionalCAProperty.ps1
@@ -37,17 +37,34 @@
 
     begin {
         $CAEnrollmentEndpoint = @()
-        $code= @"
-using System.Net;
-using System.Security.Cryptography.X509Certificates;
-public class TrustAllCertsPolicy : ICertificatePolicy {
-    public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) {
-        return true;
-    }
-}
+        if (-not ([System.Management.Automation.PSTypeName]'TrustAllCertsPolicy') ) {
+            if ($PSVersionTable.PSEdition -eq 'Desktop') {
+                $code= @"
+                    using System.Net;
+                    using System.Security.Cryptography.X509Certificates;
+                    public class TrustAllCertsPolicy : ICertificatePolicy {
+                        public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) {
+                            return true;
+                        }
+                    }
+"@
+                Add-Type -TypeDefinition $code -Language CSharp
+                [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
+            } else {
+                Add-Type @"
+                    using System.Net;
+                    using System.Security.Cryptography.X509Certificates;
+                    using System.Net.Security;
+                    public class TrustAllCertsPolicy {
+                        public static bool TrustAllCerts(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) {
+                            return true;
+                        }
+                    }
 "@
-        Add-Type -TypeDefinition $code -Language CSharp
-        [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
+                # Set the ServerCertificateValidationCallback
+                [System.Net.ServicePointManager]::ServerCertificateValidationCallback = [TrustAllCertsPolicy]::TrustAllCerts
+            }
+        }
     }
 
     process {

diff --git a/Private/Show-LocksmithLogo.ps1 b/Private/Show-LocksmithLogo.ps1
@@ -0,0 +1,37 @@
+function Show-LocksmithLogo {
+    Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%'
+    Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%'
+    Write-Host '%%%%%%%%%%%%%%%%%#+==============#%%%%%%%%%%%%%%%%%'
+    Write-Host '%%%%%%%%%%%%%%#=====================#%%%%%%%%%%%%%%'
+    Write-Host '%%%%%%%%%%%%#=========================#%%%%%%%%%%%%'
+    Write-Host '%%%%%%%%%%%=============================%%%%%%%%%%%'
+    Write-Host '%%%%%%%%%#==============+++==============#%%%%%%%%%'
+    Write-Host '%%%%%%%%#===========#%%%%%%%%%#===========#%%%%%%%%'
+    Write-Host '%%%%%%%%==========%%%%%%%%%%%%%%%==========%%%%%%%%'
+    Write-Host '%%%%%%%*=========%%%%%%%%%%%%%%%%%=========*%%%%%%%'
+    Write-Host '%%%%%%%+========*%%%%%%%%%%%%%%%%%#=========%%%%%%%'
+    Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
+    Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
+    Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
+    Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
+    Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
+    Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%'
+    Write-Host '#=================================================#'
+    Write-Host '#=================================================#'
+    Write-Host '#=================+%%%============================#'
+    Write-Host '#==================%%%%*==========================#'
+    Write-Host '#===================*%%%%+========================#'
+    Write-Host '#=====================#%%%%=======================#'
+    Write-Host '#======================+%%%%#=====================#'
+    Write-Host '#========================*%%%%*===================#'
+    Write-Host '#========================+%%%%%===================#'
+    Write-Host '#======================#%%%%%+====================#'
+    Write-Host '#===================+%%%%%%=======================#'
+    Write-Host '#=================#%%%%%+=========================#'
+    Write-Host '#==============+%%%%%#============================#'
+    Write-Host '#============*%%%%%+====+%%%%%%%%%%===============#'
+    Write-Host '#=============%%*========+********+===============#'
+    Write-Host '#=================================================#'
+    Write-Host '#=================================================#'
+    Write-Host '#=================================================#'
+}