From dcdd8ae53ae7b7f10ae023fc24166334f5c0306c Mon Sep 17 00:00:00 2001 From: Ulises Rangel Date: Tue, 30 Jan 2024 14:27:07 -0600 Subject: [PATCH] chore: edge composition check from list of constants (#368) * chore: edge composition check from list of constants * fix: define list in cue to avoid circular deps --- .../harnesses/AZInboundControlHarness.svg | 19 ++++++++- .../harnesses/AZManagementGroup.svg | 19 ++++++++- .../harnesses/azgroupmembership.svg | 19 ++++++++- .../integration/harnesses/esc10aharness1.svg | 19 ++++++++- .../integration/harnesses/esc10aharness2.svg | 19 ++++++++- .../harnesses/esc10aharnesseca.svg | 19 ++++++++- .../harnesses/esc10aharnessvictim.svg | 19 ++++++++- .../harnesses/esc10aprincipalharness.svg | 19 ++++++++- .../test/integration/harnesses/harnessgen.py | 16 +++++++ .../Explore/EdgeInfo/EdgeInfoContent.tsx | 42 ++++++++----------- packages/cue/bh/ad/ad.cue | 10 +++++ packages/cue/bh/bh.cue | 21 ++++++---- packages/go/schemagen/generator/typescript.go | 14 +++++++ packages/go/schemagen/model/schema.go | 19 +++++---- .../bh-shared-ui/src/commonSearches.tsx | 5 ++- .../HelpTexts/ADCSESC9a/ADCSESC9a.tsx | 4 +- .../bh-shared-ui/src/graphSchema.ts | 8 ++++ 17 files changed, 237 insertions(+), 54 deletions(-) diff --git a/cmd/api/src/test/integration/harnesses/AZInboundControlHarness.svg b/cmd/api/src/test/integration/harnesses/AZInboundControlHarness.svg index 3c0d8c6ce5..aab189dd97 100644 --- a/cmd/api/src/test/integration/harnesses/AZInboundControlHarness.svg +++ b/cmd/api/src/test/integration/harnesses/AZInboundControlHarness.svg @@ -1 +1,18 @@ -AZResetPasswordAZResetPasswordAZMemberOfAZMemberOfAZResetPasswordAZResetPasswordAZRunsAsAZContainsControlledAZUserAZGroupAAZGroupBAZServicePrincipalAAZUserBAZUserAAZServicePrincipalBAZAppAAZTenant \ No newline at end of file + +AZResetPasswordAZResetPasswordAZMemberOfAZMemberOfAZResetPasswordAZResetPasswordAZRunsAsAZContainsControlledAZUserAZGroupAAZGroupBAZServicePrincipalAAZUserBAZUserAAZServicePrincipalBAZAppAAZTenant diff --git a/cmd/api/src/test/integration/harnesses/AZManagementGroup.svg b/cmd/api/src/test/integration/harnesses/AZManagementGroup.svg index 1a7ac2bbb2..f25852bef7 100644 --- a/cmd/api/src/test/integration/harnesses/AZManagementGroup.svg +++ b/cmd/api/src/test/integration/harnesses/AZManagementGroup.svg @@ -1 +1,18 @@ -AZManagementGroupAZManagementGroupAZManagementGroupAZContainsUserAAZUserUserBAZUserUserCAZUserTenantAZTenantGroupAZGroup \ No newline at end of file + +AZManagementGroupAZManagementGroupAZManagementGroupAZContainsUserAAZUserUserBAZUserUserCAZUserTenantAZTenantGroupAZGroup diff --git a/cmd/api/src/test/integration/harnesses/azgroupmembership.svg b/cmd/api/src/test/integration/harnesses/azgroupmembership.svg index d0f558b8a2..bbb47b29ad 100644 --- a/cmd/api/src/test/integration/harnesses/azgroupmembership.svg +++ b/cmd/api/src/test/integration/harnesses/azgroupmembership.svg @@ -1 +1,18 @@ -AZMemberOfAZMemberOfAZMemberOfAZContainsGroupAZGroupUserAAZUserUserBAZUserUserCAZUserTenant \ No newline at end of file + +AZMemberOfAZMemberOfAZMemberOfAZContainsGroupAZGroupUserAAZUserUserBAZUserUserCAZUserTenant diff --git a/cmd/api/src/test/integration/harnesses/esc10aharness1.svg b/cmd/api/src/test/integration/harnesses/esc10aharness1.svg index b2f3b82ef0..cf01340fca 100644 --- a/cmd/api/src/test/integration/harnesses/esc10aharness1.svg +++ b/cmd/api/src/test/integration/harnesses/esc10aharness1.svg @@ -1 +1,18 @@ -PublishedToRootCAForIssuedSignedByNTAuthStoreForTrustedForNTAuthCanAbuseUPNCertMappingDCForEnrollPublishedToPublishedToEnrollEnrollEnrollMemberOfMemberOfMemberOfPublishedToEnrollMemberOfMemberOfEnrollPublishedToPublishedToEnrollMemberOfPublishedToEnrollMemberOfGenericAllGenericAllGenericAllGenericAllGenericAllGenericAllGenericAllADCSESC10aADCSESC10aADCSESC10aDomainNTAuthStoreRootCAEnterpriseCACertTemplate2AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueNoSecurityExtension:TrueDCUser4CertTemplate3AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:FalseSubjectAltRequireSPN:TrueUser3User2CertTemplate4AuthenticationEnabled:TrueRequireManagerApproval:TrueSchemaVersion:1SubjectAltRequireUPN:TrueGroup0CertTemplate5AuthenticationEnabled:FalseRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueUser5CertTemplate6AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:2SubjectAltRequireUPN:TrueAuthorizedSignatures:1CertTemplate1AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:2SubjectAltRequireUPN:TrueAuthorizedSignatures:0User6User1CertTemplate7AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:FalseUser7Group7Group6Group5Group4Group3Group2Group1 \ No newline at end of file + +PublishedToRootCAForIssuedSignedByNTAuthStoreForTrustedForNTAuthCanAbuseUPNCertMappingDCForEnrollPublishedToPublishedToEnrollEnrollEnrollMemberOfMemberOfMemberOfPublishedToEnrollMemberOfMemberOfEnrollPublishedToPublishedToEnrollMemberOfPublishedToEnrollMemberOfGenericAllGenericAllGenericAllGenericAllGenericAllGenericAllGenericAllADCSESC10aADCSESC10aADCSESC10aDomainNTAuthStoreRootCAEnterpriseCACertTemplate2AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueNoSecurityExtension:TrueDCUser4CertTemplate3AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:FalseSubjectAltRequireSPN:TrueUser3User2CertTemplate4AuthenticationEnabled:TrueRequireManagerApproval:TrueSchemaVersion:1SubjectAltRequireUPN:TrueGroup0CertTemplate5AuthenticationEnabled:FalseRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueUser5CertTemplate6AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:2SubjectAltRequireUPN:TrueAuthorizedSignatures:1CertTemplate1AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:2SubjectAltRequireUPN:TrueAuthorizedSignatures:0User6User1CertTemplate7AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:FalseUser7Group7Group6Group5Group4Group3Group2Group1 diff --git a/cmd/api/src/test/integration/harnesses/esc10aharness2.svg b/cmd/api/src/test/integration/harnesses/esc10aharness2.svg index 2db2d6938d..d3677ec695 100644 --- a/cmd/api/src/test/integration/harnesses/esc10aharness2.svg +++ b/cmd/api/src/test/integration/harnesses/esc10aharness2.svg @@ -1 +1,18 @@ -RootCAForIssuedSignedByNTAuthStoreForTrustedForNTAuthCanAbuseUPNCertMappingDCForEnrollPublishedToEnrollMemberOfPublishedToPublishedToEnrollMemberOfEnrollMemberOfMemberOfMemberOfMemberOfEnrollEnrollEnrollMemberOfMemberOfMemberOfEnrollEnrollEnrollGenericAllGenericAllGenericAllGenericAllGenericAllGenericAllGenericAllGenericAllGenericAllADCSESC10aADCSESC10aADCSESC10aADCSESC10aDomainNTAuthStoreRootCAEnterpriseCADCGroup0CertTemplate1AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:2AuthorizedSignatures:0SubjectAltRequireEmail:TrueSubjectAltRequireUPN:TrueSubjectAltRequireDNS:FalseSubjectAltRequireDomainDNS:FalseGroup1CertTemplate2AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:2AuthorizedSignatures:0SubjectAltRequireEmail:TrueSubjectAltRequireUPN:TrueSubjectAltRequireDNS:TrueSubjectAltRequireDomainDNS:FalseCertTemplate3AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:2AuthorizedSignatures:0SubjectAltRequireEmail:TrueSubjectAltRequireUPN:TrueSubjectAltRequireDNS:FalseSubjectAltRequireDomainDNS:TrueComputer1User1Group2Computer2User2Group3Computer3User3Group4Group5Group6Computer4Computer5Computer6User4User5User6 \ No newline at end of file + +RootCAForIssuedSignedByNTAuthStoreForTrustedForNTAuthCanAbuseUPNCertMappingDCForEnrollPublishedToEnrollMemberOfPublishedToPublishedToEnrollMemberOfEnrollMemberOfMemberOfMemberOfMemberOfEnrollEnrollEnrollMemberOfMemberOfMemberOfEnrollEnrollEnrollGenericAllGenericAllGenericAllGenericAllGenericAllGenericAllGenericAllGenericAllGenericAllADCSESC10aADCSESC10aADCSESC10aADCSESC10aDomainNTAuthStoreRootCAEnterpriseCADCGroup0CertTemplate1AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:2AuthorizedSignatures:0SubjectAltRequireEmail:TrueSubjectAltRequireUPN:TrueSubjectAltRequireDNS:FalseSubjectAltRequireDomainDNS:FalseGroup1CertTemplate2AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:2AuthorizedSignatures:0SubjectAltRequireEmail:TrueSubjectAltRequireUPN:TrueSubjectAltRequireDNS:TrueSubjectAltRequireDomainDNS:FalseCertTemplate3AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:2AuthorizedSignatures:0SubjectAltRequireEmail:TrueSubjectAltRequireUPN:TrueSubjectAltRequireDNS:FalseSubjectAltRequireDomainDNS:TrueComputer1User1Group2Computer2User2Group3Computer3User3Group4Group5Group6Computer4Computer5Computer6User4User5User6 diff --git a/cmd/api/src/test/integration/harnesses/esc10aharnesseca.svg b/cmd/api/src/test/integration/harnesses/esc10aharnesseca.svg index 5a9511fdab..32c67a11ea 100644 --- a/cmd/api/src/test/integration/harnesses/esc10aharnesseca.svg +++ b/cmd/api/src/test/integration/harnesses/esc10aharnesseca.svg @@ -1 +1,18 @@ -RootCAForNTAuthStoreForDCForPublishedToIssuedSignedByTrustedForNTAuthEnrollCanAbuseUPNCertMappingEnrollRootCAForNTAuthStoreForDCForPublishedToIssuedSignedByTrustedForNTAuthEnrollEnrollRootCAForNTAuthStoreForDCForPublishedToIssuedSignedByEnrollCanAbuseUPNCertMappingEnrollRootCAForNTAuthStoreForDCForPublishedToTrustedForNTAuthEnrollCanAbuseUPNCertMappingEnrollRootCAForNTAuthStoreForDCForIssuedSignedByTrustedForNTAuthEnrollCanAbuseUPNCertMappingEnrollGenericAllADCSESC10aGenericAllGenericAllGenericAllGenericAllDomain1NTAuthStore1RootCA1CertTemplate1AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueDC1EnterpriseCA1User1Domain2NTAuthStore2RootCA2CertTemplate2AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueDC2EnterpriseCA2User2Domain3NTAuthStore3RootCA3CertTemplate3AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueDC3EnterpriseCA3User3Domain4NTAuthStore4RootCA4CertTemplate4AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueDC4EnterpriseCA4User4Domain5NTAuthStore5RootCA5CertTemplate5AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueDC5EnterpriseCA5User5Group1Group2Group3Group4Group5 \ No newline at end of file + +RootCAForNTAuthStoreForDCForPublishedToIssuedSignedByTrustedForNTAuthEnrollCanAbuseUPNCertMappingEnrollRootCAForNTAuthStoreForDCForPublishedToIssuedSignedByTrustedForNTAuthEnrollEnrollRootCAForNTAuthStoreForDCForPublishedToIssuedSignedByEnrollCanAbuseUPNCertMappingEnrollRootCAForNTAuthStoreForDCForPublishedToTrustedForNTAuthEnrollCanAbuseUPNCertMappingEnrollRootCAForNTAuthStoreForDCForIssuedSignedByTrustedForNTAuthEnrollCanAbuseUPNCertMappingEnrollGenericAllADCSESC10aGenericAllGenericAllGenericAllGenericAllDomain1NTAuthStore1RootCA1CertTemplate1AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueDC1EnterpriseCA1User1Domain2NTAuthStore2RootCA2CertTemplate2AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueDC2EnterpriseCA2User2Domain3NTAuthStore3RootCA3CertTemplate3AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueDC3EnterpriseCA3User3Domain4NTAuthStore4RootCA4CertTemplate4AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueDC4EnterpriseCA4User4Domain5NTAuthStore5RootCA5CertTemplate5AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueDC5EnterpriseCA5User5Group1Group2Group3Group4Group5 diff --git a/cmd/api/src/test/integration/harnesses/esc10aharnessvictim.svg b/cmd/api/src/test/integration/harnesses/esc10aharnessvictim.svg index 18146eadf7..faf0fbe30e 100644 --- a/cmd/api/src/test/integration/harnesses/esc10aharnessvictim.svg +++ b/cmd/api/src/test/integration/harnesses/esc10aharnessvictim.svg @@ -1 +1,18 @@ -RootCAForIssuedSignedByNTAuthStoreForTrustedForNTAuthCanAbuseUPNCertMappingDCForEnrollPublishedToGenericAllMemberOfAllExtendedRightsMemberOfGenericWriteMemberOfEnrollGenericAllADCSESC10aGenericAllADCSESC10aGenericAllGenericAllDomainNTAuthStoreRootCAEnterpriseCADCGroup0CertTemplate1AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueUser1User2User3User4Group1Group2Group3Group4 \ No newline at end of file + +RootCAForIssuedSignedByNTAuthStoreForTrustedForNTAuthCanAbuseUPNCertMappingDCForEnrollPublishedToGenericAllMemberOfAllExtendedRightsMemberOfGenericWriteMemberOfEnrollGenericAllADCSESC10aGenericAllADCSESC10aGenericAllGenericAllDomainNTAuthStoreRootCAEnterpriseCADCGroup0CertTemplate1AuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueUser1User2User3User4Group1Group2Group3Group4 diff --git a/cmd/api/src/test/integration/harnesses/esc10aprincipalharness.svg b/cmd/api/src/test/integration/harnesses/esc10aprincipalharness.svg index 2e5387ed13..3073fb3799 100644 --- a/cmd/api/src/test/integration/harnesses/esc10aprincipalharness.svg +++ b/cmd/api/src/test/integration/harnesses/esc10aprincipalharness.svg @@ -1 +1,18 @@ -RootCAForIssuedSignedByNTAuthStoreForTrustedForNTAuthCanAbuseUPNCertMappingDCForPublishedToGenericAllADCSESC10aADCSESC10aGenericWriteAllExtendedRightsWriteDaclADCSESC10aADCSESC10aWriteOwnerADCSESC10aWriteOwnerGenericAllADCSESC10aMemberOfMemberOfEnrollEnrollDomainNTAuthStoreRootCAEnterpriseCADCCertTemplateAuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueUser1Group1Group2Group6Group3Group4Group5User2Group0 \ No newline at end of file + +RootCAForIssuedSignedByNTAuthStoreForTrustedForNTAuthCanAbuseUPNCertMappingDCForPublishedToGenericAllADCSESC10aADCSESC10aGenericWriteAllExtendedRightsWriteDaclADCSESC10aADCSESC10aWriteOwnerADCSESC10aWriteOwnerGenericAllADCSESC10aMemberOfMemberOfEnrollEnrollDomainNTAuthStoreRootCAEnterpriseCADCCertTemplateAuthenticationEnabled:TrueRequireManagerApproval:FalseSchemaVersion:1SubjectAltRequireUPN:TrueUser1Group1Group2Group6Group3Group4Group5User2Group0 diff --git a/cmd/api/src/test/integration/harnesses/harnessgen.py b/cmd/api/src/test/integration/harnesses/harnessgen.py index 9b0167ee91..83699e7a5e 100644 --- a/cmd/api/src/test/integration/harnesses/harnessgen.py +++ b/cmd/api/src/test/integration/harnesses/harnessgen.py @@ -1,3 +1,19 @@ +# Copyright 2024 Specter Ops, Inc. +# +# Licensed under the Apache License, Version 2.0 +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + import json import sys diff --git a/cmd/ui/src/views/Explore/EdgeInfo/EdgeInfoContent.tsx b/cmd/ui/src/views/Explore/EdgeInfo/EdgeInfoContent.tsx index 21b9849d62..d04cac648f 100644 --- a/cmd/ui/src/views/Explore/EdgeInfo/EdgeInfoContent.tsx +++ b/cmd/ui/src/views/Explore/EdgeInfo/EdgeInfoContent.tsx @@ -14,14 +14,14 @@ // // SPDX-License-Identifier: Apache-2.0 -import {Box, Divider, Typography, useTheme} from '@mui/material'; -import {EdgeInfoComponents, EdgeSections, SelectedEdge, apiClient} from 'bh-shared-ui'; +import { Box, Divider, Typography, useTheme } from '@mui/material'; +import { EdgeCompositionRelationships, EdgeInfoComponents, EdgeSections, SelectedEdge, apiClient } from 'bh-shared-ui'; import isEmpty from 'lodash/isEmpty'; -import {Dispatch, FC, Fragment} from 'react'; -import {putGraphData, putGraphError, saveResponseForExport, setGraphLoading} from 'src/ducks/explore/actions'; -import {addSnackbar} from 'src/ducks/global/actions'; -import {useAppDispatch} from 'src/store'; -import {transformToFlatGraphResponse} from 'src/utils'; +import { Dispatch, FC, Fragment } from 'react'; +import { putGraphData, putGraphError, saveResponseForExport, setGraphLoading } from 'src/ducks/explore/actions'; +import { addSnackbar } from 'src/ducks/global/actions'; +import { useAppDispatch } from 'src/store'; +import { transformToFlatGraphResponse } from 'src/utils'; import EdgeInfoCollapsibleSection from 'src/views/Explore/EdgeInfo/EdgeInfoCollapsibleSection'; import EdgeObjectInformation from 'src/views/Explore/EdgeInfo/EdgeObjectInformation'; @@ -55,45 +55,39 @@ const getOnChange = (dispatch: Dispatch, sourceNodeId: number, targetNodeId }; }; -const EdgeInfoContent: FC<{ selectedEdge: NonNullable }> = ({selectedEdge}) => { +const EdgeInfoContent: FC<{ selectedEdge: NonNullable }> = ({ selectedEdge }) => { const theme = useTheme(); const dispatch = useAppDispatch(); const sections = EdgeInfoComponents[selectedEdge.name as keyof typeof EdgeInfoComponents]; - const {sourceNode, targetNode} = selectedEdge; + const { sourceNode, targetNode } = selectedEdge; return ( - + {sections ? ( <> {Object.entries(sections).map((section, index) => { const Section = section[1]; const sendOnChange = - (selectedEdge.name === 'GoldenCert' || - selectedEdge.name === 'ADCSESC1' || - selectedEdge.name === 'ADCSESC3' || - selectedEdge.name === 'ADCSESC6a' || - selectedEdge.name === 'ADCSESC9a' || - selectedEdge.name === 'ADCSESC10a') && - section[0] === 'composition'; + EdgeCompositionRelationships.includes(selectedEdge.name) && section[0] === 'composition'; return ( - +
}> = ({selec ) : ( <> - + diff --git a/packages/cue/bh/ad/ad.cue b/packages/cue/bh/ad/ad.cue index 7db18c1483..68af26fb64 100644 --- a/packages/cue/bh/ad/ad.cue +++ b/packages/cue/bh/ad/ad.cue @@ -24,6 +24,7 @@ NodeKinds: [...types.#Kind] RelationshipKinds: [...types.#Kind] ACLRelationships: [...types.#Kind] PathfindingRelationships: [...types.#Kind] +EdgeCompositionRelationships: [...types.#Kind] // Property name enumerations @@ -1165,3 +1166,12 @@ PathfindingRelationships: [ ADCSESC10b, DCFor ] + +EdgeCompositionRelationships: [ + GoldenCert, + ADCSESC1, + ADCSESC3, + ADCSESC6a, + ADCSESC9a, + ADCSESC10a, +] diff --git a/packages/cue/bh/bh.cue b/packages/cue/bh/bh.cue index f12a2910d3..4cc465126b 100644 --- a/packages/cue/bh/bh.cue +++ b/packages/cue/bh/bh.cue @@ -1,17 +1,17 @@ // Copyright 2023 Specter Ops, Inc. -// +// // Licensed under the Apache License, Version 2.0 // you may not use this file except in compliance with the License. // You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 -// +// // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -// +// // SPDX-License-Identifier: Apache-2.0 package schema @@ -47,6 +47,7 @@ import ( RelationshipKinds: [...types.#Kind] ACLRelationships: [...types.#Kind] PathfindingRelationships: [...types.#Kind] + EdgeCompositionRelationships: [...types.#Kind] } // Definitons @@ -68,9 +69,11 @@ Azure: #Azure & { } ActiveDirectory: #ActiveDirectory & { - Properties: ad.Properties - NodeKinds: ad.NodeKinds - RelationshipKinds: ad.RelationshipKinds - ACLRelationships: ad.ACLRelationships - PathfindingRelationships: ad.PathfindingRelationships + Properties: ad.Properties + NodeKinds: ad.NodeKinds + RelationshipKinds: ad.RelationshipKinds + ACLRelationships: ad.ACLRelationships + PathfindingRelationships: ad.PathfindingRelationships + EdgeCompositionRelationships: ad.EdgeCompositionRelationships + } diff --git a/packages/go/schemagen/generator/typescript.go b/packages/go/schemagen/generator/typescript.go index 08874d999f..42d1b2bf0f 100644 --- a/packages/go/schemagen/generator/typescript.go +++ b/packages/go/schemagen/generator/typescript.go @@ -42,6 +42,18 @@ func generateToDisplaySwitch(root tsgen.File, typeSymbol string, values []model. }) } +func GenerateTypeScriptArray(root tsgen.File, typeSymbol string, values []model.StringEnum) { + if len(values) == 0 { + return + } + + root.Export().Const().ID(typeSymbol).OP("=").List(func(cursor tsgen.Cursor) { + for _, value := range values { + cursor.Literal(value.GetRepresentation()) + } + }) +} + func GenerateTypeScriptStringEnum(root tsgen.File, typeSymbol string, values []model.StringEnum) { if len(values) == 0 { return @@ -99,6 +111,8 @@ func GenerateTypeScriptActiveDirectory(root tsgen.File, schema model.ActiveDirec GenerateTypeScriptStringEnum(root, "ActiveDirectoryRelationshipKind", schema.RelationshipKinds) GenerateTypeScriptUnionType(root, "ActiveDirectoryKind", unionKinds...) + GenerateTypeScriptArray(root, "EdgeCompositionRelationships", schema.EdgeCompositionRelationships) + GenerateTypeScriptStringEnum(root, "ActiveDirectoryKindProperties", schema.Properties) GenerateTypeScriptPathfindingEdgesFn(root, "ActiveDirectoryPathfindingEdges", "ActiveDirectoryRelationshipKind", schema.PathfindingRelationships) diff --git a/packages/go/schemagen/model/schema.go b/packages/go/schemagen/model/schema.go index f1fd58f242..cd93ecd521 100644 --- a/packages/go/schemagen/model/schema.go +++ b/packages/go/schemagen/model/schema.go @@ -1,17 +1,17 @@ // Copyright 2023 Specter Ops, Inc. -// +// // Licensed under the Apache License, Version 2.0 // you may not use this file except in compliance with the License. // You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 -// +// // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -// +// // SPDX-License-Identifier: Apache-2.0 package model @@ -57,9 +57,10 @@ type Azure struct { } type ActiveDirectory struct { - Properties []StringEnum - NodeKinds []StringEnum - RelationshipKinds []StringEnum - ACLRelationships []StringEnum - PathfindingRelationships []StringEnum + Properties []StringEnum + NodeKinds []StringEnum + RelationshipKinds []StringEnum + ACLRelationships []StringEnum + PathfindingRelationships []StringEnum + EdgeCompositionRelationships []StringEnum } diff --git a/packages/javascript/bh-shared-ui/src/commonSearches.tsx b/packages/javascript/bh-shared-ui/src/commonSearches.tsx index cf7de1eaee..42a6bf187e 100644 --- a/packages/javascript/bh-shared-ui/src/commonSearches.tsx +++ b/packages/javascript/bh-shared-ui/src/commonSearches.tsx @@ -184,7 +184,8 @@ export const CommonSearches: CommonSearchType[] = [ cypher: `MATCH p = ()-[:Enroll|GenericAll|AllExtendedRights]->(ct:CertTemplate)-[:PublishedTo]->(:EnterpriseCA)\nnWHERE ct.nosecurityextension = true\nRETURN p`, }, { - description: 'Enrollment rights on certificate templates published to Enterprise CA with User Specified SAN enabled', + description: + 'Enrollment rights on certificate templates published to Enterprise CA with User Specified SAN enabled', cypher: `MATCH p = ()-[:Enroll|GenericAll|AllExtendedRights]->(ct:CertTemplate)-[:PublishedTo]->(eca:EnterpriseCA)\nWHERE eca.isuserspecifiessanenabled = True\nRETURN p`, }, { @@ -198,7 +199,7 @@ export const CommonSearches: CommonSearchType[] = [ { description: 'Domain controllers with UPN certificate mapping enabled', cypher: `MATCH p = (dc:Computer)-[:DCFor]->(d)\nWHERE dc.certificatemappingmethodsraw IN [4, 5, 6, 7, 12, 13, 14, 15, 20, 21, 22, 23, 28, 29, 30, 31]\nRETURN p`, - } + }, ], }, { diff --git a/packages/javascript/bh-shared-ui/src/components/HelpTexts/ADCSESC9a/ADCSESC9a.tsx b/packages/javascript/bh-shared-ui/src/components/HelpTexts/ADCSESC9a/ADCSESC9a.tsx index 7dcde37b44..f9693e7d46 100644 --- a/packages/javascript/bh-shared-ui/src/components/HelpTexts/ADCSESC9a/ADCSESC9a.tsx +++ b/packages/javascript/bh-shared-ui/src/components/HelpTexts/ADCSESC9a/ADCSESC9a.tsx @@ -19,7 +19,7 @@ import WindowsAbuse from './WindowsAbuse'; import LinuxAbuse from './LinuxAbuse'; import Opsec from './Opsec'; import References from './References'; -import Composition from "./Composition"; +import Composition from './Composition'; const ADCSESC9a = { general: General, @@ -27,7 +27,7 @@ const ADCSESC9a = { linuxAbuse: LinuxAbuse, opsec: Opsec, references: References, - composition: Composition + composition: Composition, }; export default ADCSESC9a; diff --git a/packages/javascript/bh-shared-ui/src/graphSchema.ts b/packages/javascript/bh-shared-ui/src/graphSchema.ts index f475267d94..74d9ec5fab 100644 --- a/packages/javascript/bh-shared-ui/src/graphSchema.ts +++ b/packages/javascript/bh-shared-ui/src/graphSchema.ts @@ -271,6 +271,14 @@ export function ActiveDirectoryRelationshipKindToDisplay(value: ActiveDirectoryR } } export type ActiveDirectoryKind = ActiveDirectoryNodeKind | ActiveDirectoryRelationshipKind; +export const EdgeCompositionRelationships = [ + 'GoldenCert', + 'ADCSESC1', + 'ADCSESC3', + 'ADCSESC6a', + 'ADCSESC9a', + 'ADCSESC10a', +]; export enum ActiveDirectoryKindProperties { AdminCount = 'admincount', CASecurityCollected = 'casecuritycollected',