8000 BED-5435 AddSelf, BED-5988 Mandatory Filters by ktstrader · Pull Request #209 · SpecterOps/SharpHoundCommon · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

BED-5435 AddSelf, BED-5988 Mandatory Filters #209

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 6, 2025
Merged

BED-5435 AddSelf, BED-5988 Mandatory Filters #209

merged 3 commits into from
Jun 6, 2025

Conversation

ktstrader
Copy link
Contributor
@ktstrader ktstrader commented Jun 5, 2025
edited
Loading

Description

BED-5435:
AddSelf edge creation was happening when user has ACE GUID WriteMember but another way AddSelf can be used is when a user has an ACE GUID 00000000-0000-0000-0000-000000000000 (AllGuid)

BED-5988:
Include mandatory filters in each filter retrieved from GetFilterList()

Motivation and Context

https://specterops.atlassian.net/browse/BED-5435
https://specterops.atlassian.net/browse/BED-5988

How Has This Been Tested?

BED-5435:
Set up user to have ACE GUID 00000000-0000-0000-0000-000000000000 and give them Add/Remove self as member to a group. Run a collection and search in BH/BHE and see that AddSelf edge is shown from user to group.

BED-5988:

Screenshots (if appropriate):

Types of changes

  • Chore (a change that does not modify the application functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • Documentation updates are needed, and have been made accordingly.
  • I have added and/or updated tests to cover my changes.
  • All new and existing tests passed.
  • My changes include a database migration.

rvazarkar and others added 2 commits June 4, 2025 15:47
@rvazarkar
fix: properly account for AddSelf edges where the RightsGuid is AllGu…
eb0bf65 
…id, which is a valid attack for this scenario

fix: Make our ldap filters actually respect mandatory filters properly

https://specterops.atlassian.net/browse/BED-5435
@ktstrader
chore: add unit tests to check that AddSelf edge is added when approp…
d53de77 
…riate and not added if not
@ktstrader ktstrader self-assigned this Jun 5, 2025
MikeX777
MikeX777 reviewed Jun 6, 2025
View reviewed changes
@ktstrader ktstrader changed the title BED-5435 AddSelf Bug Fix BED-5435 AddSelf, BED-5988 Mandatory Filters Jun 6, 2025
@ktstrader ktstrader merged commit 367fc76 into v4 Jun 6, 2025
3 checks passed
@ktstrader ktstrader deleted the BED-5435-BadAddSelfAce branch June 6, 2025 21:31
@github-actions github-actions bot locked and limited conversation to collaborators Jun 6, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@MikeX777 MikeX777 MikeX777 approved these changes

@definitelynotagoblin definitelynotagoblin definitelynotagoblin approved these changes

Assignees

@ktstrader ktstrader

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ktstrader @MikeX777 @definitelynotagoblin @rvazarkar
0