Added ESC9

ly4k · Jul 27, 2022 · 4ccf2f8 · 4ccf2f8
1 parent 84ecf5c
commit 4ccf2f8
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 3 deletions.
diff --git a/.gitignore b/.gitignore
@@ -6,3 +6,4 @@ npm-debug.log
 *.csv
 graph.json
 .DS_Store
+build.sh
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
     "name": "bloodhound",
-    "version": "4.1.0-ly4k",
+    "version": "4.1.1-ly4k",
     "description": "Graph Theory for Active Directory",
     "prettier": {
         "tabWidth": 4,

diff --git a/src/components/SearchContainer/Tabs/PrebuiltQueries.json b/src/components/SearchContainer/Tabs/PrebuiltQueries.json
@@ -534,6 +534,26 @@
                     "query": "MATCH (n:CA) WHERE n.`Web Enrollment` = 'Enabled' RETURN n"
                 }
             ]
+        },
+        {
+            "name": "Find Unsecured Certificate Templates (ESC9)",
+            "category": "PKI",
+            "queryList": [
+                {
+                    "final": true,
+                    "query": "MATCH (n:CertificateTemplate) WHERE 'NoSecurityExtension' in n.`Enrollment Flag` and n.`Enabled` = true  RETURN n"
+                }
+            ]
+        },
+        {
+            "name": "Shortest Paths to Unsecured Certificate Templates from Owned Principals (ESC9)",
+            "category": "PKI",
+            "queryList": [
+                {
+                    "final": true,
+                    "query": "MATCH p=allShortestPaths((g {owned:true})-[r*1..]->(n:CertificateTemplate)) WHERE g<>n and 'NoSecurityExtension' in n.`Enrollment Flag` and n.`Enabled` = true and NONE(rel in r WHERE type(rel) in ['EnabledBy','Read','ManageCa','ManageCertificates']) return p"
+                }
+            ]
         }
     ]
 }
diff --git a/src/components/SearchContainer/Tabs/TemplateNodeData.jsx b/src/components/SearchContainer/Tabs/TemplateNodeData.jsx
@@ -139,7 +139,7 @@ const TemplateNodeData = () => {
                                     property='First Degree Enrollment Rights'
                                     target={objectid}
                                     baseQuery={
-                                        'MATCH p=(n)-[r:AutoEnroll|Enroll]->(u1:CertificateTemplate {objectid: $objectid}) WHERE r.isacl=true'
+                                        'MATCH p=(n)-[r:AutoEnroll|Enroll|GenericAll]->(u1:CertificateTemplate {objectid: $objectid}) WHERE r.isacl=true'
                                     }
                                     end={label}
                                     distinct
@@ -148,7 +148,7 @@ const TemplateNodeData = () => {
                                     property='Group Delegated Enrollment Rights'
                                     target={objectid}
                                     baseQuery={
-                                        'MATCH p=(n)-[r:MemberOf*1..]->(g:Group)-[r1:AutoEnroll|Enroll]->(u:CertificateTemplate {objectid: $objectid}) WITH LENGTH(p) as pathLength, p, n WHERE NONE (x in NODES(p)[1..(pathLength-1)] WHERE x.objectid = u.objectid) AND NOT n.objectid = u.objectid'
+                                        'MATCH p=(n)-[r:MemberOf*1..]->(g:Group)-[r1:AutoEnroll|Enroll|GenericAll]->(u:CertificateTemplate {objectid: $objectid}) WITH LENGTH(p) as pathLength, p, n WHERE NONE (x in NODES(p)[1..(pathLength-1)] WHERE x.objectid = u.objectid) AND NOT n.objectid = u.objectid'
                                     }
                                     end={label}
                                     distinct