Skip to content

Commit

Permalink
Merge pull request #61 from BloodHoundAD/channel-audit
Browse files Browse the repository at this point in the history 
BED-3828: Audit bare channel writes
  • Loading branch information
@irshadaj
irshadaj authored Nov 8, 2023
2 parents 3564c7f + e433482 commit faeb09f
Show file tree
Hide file tree
Showing 68 changed files with 986 additions and 318 deletions.
29 changes: 22 additions & 7 deletions client/app_role_assignments.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ import (
"github.com/bloodhoundad/azurehound/v2/client/rest"
"github.com/bloodhoundad/azurehound/v2/constants"
"github.com/bloodhoundad/azurehound/v2/models/azure"
"github.com/bloodhoundad/azurehound/v2/pipeline"
)

func (s *azureClient) GetAzureADAppRoleAssignments(ctx context.Context, servicePrincipalId string, filter, search, orderBy, expand string, selectCols []string, top int32, count bool) (azure.AppRoleAssignmentList, error) {
Expand Down Expand Up @@ -64,34 +65,48 @@ func (s *azureClient) ListAzureADAppRoleAssignments(ctx context.Context, service

if list, err := s.GetAzureADAppRoleAssignments(ctx, servicePrincipal, filter, search, orderBy, expand, selectCols, 999, false); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
} else {
for _, u := range list.Value {
out <- azure.AppRoleAssignmentResult{Ok: u}
if ok := pipeline.Send(ctx.Done(), out, azure.AppRoleAssignmentResult{Ok: u}); !ok {
return
}
}

nextLink = list.NextLink
for nextLink != "" {
var list azure.AppRoleAssignmentList
if url, err := url.Parse(nextLink); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else if req, err := rest.NewRequest(ctx, "GET", url, nil, nil, nil); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else if res, err := s.msgraph.Send(req); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else if err := rest.Decode(res.Body, &list); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else {
for _, u := range list.Value {
out <- azure.AppRoleAssignmentResult{Ok: u}
if ok := pipeline.Send(ctx.Done(), out, azure.AppRoleAssignmentResult{Ok: u}); !ok {
return
}
}
nextLink = list.NextLink
}
Expand Down
85 changes: 64 additions & 21 deletions client/apps.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ import (
"github.com/bloodhoundad/azurehound/v2/constants"
"github.com/bloodhoundad/azurehound/v2/enums"
"github.com/bloodhoundad/azurehound/v2/models/azure"
"github.com/bloodhoundad/azurehound/v2/pipeline"
)

func (s *azureClient) GetAzureADApp(ctx context.Context, objectId string, selectCols []string) (*azure.Application, error) {
Expand Down Expand Up @@ -113,34 +114,48 @@ func (s *azureClient) ListAzureADApps(ctx context.Context, filter, search, order

if list, err := s.GetAzureADApps(ctx, filter, search, orderBy, expand, selectCols, 999, false); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
} else {
for _, u := range list.Value {
out <- azure.ApplicationResult{Ok: u}
if ok := pipeline.Send(ctx.Done(), out, azure.ApplicationResult{Ok: u}); !ok {
return
}
}

nextLink = list.NextLink
for nextLink != "" {
var list azure.ApplicationList
if url, err := url.Parse(nextLink); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
return
} else if req, err := rest.NewRequest(ctx, "GET", url, nil, nil, nil); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
return
} else if res, err := s.msgraph.Send(req); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
return
} else if err := rest.Decode(res.Body, &list); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
return
} else {
for _, u := range list.Value {
out <- azure.ApplicationResult{Ok: u}
if ok := pipeline.Send(ctx.Done(), out, azure.ApplicationResult{Ok: u}); !ok {
return
}
}
nextLink = list.NextLink
}
Expand All @@ -163,12 +178,16 @@ func (s *azureClient) ListAzureADAppOwners(ctx context.Context, objectId string,

if list, err := s.GetAzureADAppOwners(ctx, objectId, filter, search, orderBy, selectCols, 999, false); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
} else {
for _, u := range list.Value {
out <- azure.AppOwnerResult{
if ok := pipeline.Send(ctx.Done(), out, azure.AppOwnerResult{
AppId: objectId,
Ok: u,
}); !ok {
return
}
}

Expand All @@ -177,25 +196,35 @@ func (s *azureClient) ListAzureADAppOwners(ctx context.Context, objectId string,
var list azure.DirectoryObjectList
if url, err := url.Parse(nextLink); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
return
} else if req, err := rest.NewRequest(ctx, "GET", url, nil, nil, nil); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
return
} else if res, err := s.msgraph.Send(req); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
return
} else if err := rest.Decode(res.Body, &list); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
return
} else {
for _, u := range list.Value {
out <- azure.AppOwnerResult{
if ok := pipeline.Send(ctx.Done(), out, azure.AppOwnerResult{
AppId: objectId,
Ok: u,
}); !ok {
return
}
}
nextLink = list.NextLink
Expand All @@ -221,13 +250,17 @@ func (s *azureClient) ListAzureADAppMemberObjects(ctx context.Context, objectId
)
if list, err := s.GetAzureADAppMemberObjects(ctx, objectId, securityEnabledOnly); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
} else {
for _, u := range list.Value {
out <- azure.MemberObjectResult{
if ok := pipeline.Send(ctx.Done(), out, azure.MemberObjectResult{
ParentId: objectId,
ParentType: string(enums.EntityApplication),
Ok: u,
}); !ok {
return
}
}

Expand All @@ -236,26 +269,36 @@ func (s *azureClient) ListAzureADAppMemberObjects(ctx context.Context, objectId
var list azure.MemberObjectList
if url, err := url.Parse(nextLink); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else if req, err := rest.NewRequest(ctx, "GET", url, nil, nil, nil); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else if res, err := s.msgraph.Send(req); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else if err := rest.Decode(res.Body, &list); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else {
for _, u := range list.Value {
out <- azure.MemberObjectResult{
if ok := pipeline.Send(ctx.Done(), out, azure.MemberObjectResult{
ParentId: objectId,
ParentType: string(enums.EntityApplication),
Ok: u,
}); !ok {
return
}
}
nextLink = list.NextLink
Expand Down
29 changes: 22 additions & 7 deletions client/automation_accounts.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ import (
"github.com/bloodhoundad/azurehound/v2/client/query"
"github.com/bloodhoundad/azurehound/v2/client/rest"
"github.com/bloodhoundad/azurehound/v2/models/azure"
"github.com/bloodhoundad/azurehound/v2/pipeline"
)

func (s *azureClient) GetAzureAutomationAccount(ctx context.Context, subscriptionId, groupName, aaName, expand string) (*azure.AutomationAccount, error) {
Expand Down Expand Up @@ -75,36 +76,50 @@ func (s *azureClient) ListAzureAutomationAccounts(ctx context.Context, subscript

if result, err := s.GetAzureAutomationAccounts(ctx, subscriptionId); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
} else {
for _, u := range result.Value {
out <- azure.AutomationAccountResult{SubscriptionId: subscriptionId, Ok: u}
if ok := pipeline.Send(ctx.Done(), out, azure.AutomationAccountResult{SubscriptionId: subscriptionId, Ok: u}); !ok {
return
}
}

nextLink = result.NextLink
for nextLink != "" {
var list azure.AutomationAccountList
if url, err := url.Parse(nextLink); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else if req, err := rest.NewRequest(ctx, "GET", url, nil, nil, nil); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else if res, err := s.resourceManager.Send(req); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else if err := rest.Decode(res.Body, &list); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else {
for _, u := range list.Value {
out <- azure.AutomationAccountResult{
if ok := pipeline.Send(ctx.Done(), out, azure.AutomationAccountResult{
SubscriptionId: "/subscriptions/" + subscriptionId,
Ok: u,
}); !ok {
return
}
}
nextLink = list.NextLink
Expand Down
29 changes: 22 additions & 7 deletions client/container_registries.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ import (
"github.com/bloodhoundad/azurehound/v2/client/query"
"github.com/bloodhoundad/azurehound/v2/client/rest"
"github.com/bloodhoundad/azurehound/v2/models/azure"
"github.com/bloodhoundad/azurehound/v2/pipeline"
)

func (s *azureClient) GetAzureContainerRegistry(ctx context.Context, subscriptionId, groupName, crName, expand string) (*azure.ContainerRegistry, error) {
Expand Down Expand Up @@ -75,36 +76,50 @@ func (s *azureClient) ListAzureContainerRegistries(ctx context.Context, subscrip

if result, err := s.GetAzureContainerRegistries(ctx, subscriptionId); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
} else {
for _, u := range result.Value {
out <- azure.ContainerRegistryResult{SubscriptionId: subscriptionId, Ok: u}
if ok := pipeline.Send(ctx.Done(), out, azure.ContainerRegistryResult{SubscriptionId: subscriptionId, Ok: u}); !ok {
return
}
}

nextLink = result.NextLink
for nextLink != "" {
var list azure.ContainerRegistryList
if url, err := url.Parse(nextLink); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else if req, err := rest.NewRequest(ctx, "GET", url, nil, nil, nil); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else if res, err := s.resourceManager.Send(req); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else if err := rest.Decode(res.Body, &list); err != nil {
errResult.Error = err
out <- errResult
if ok := pipeline.Send(ctx.Done(), out, errResult); !ok {
return
}
nextLink = ""
} else {
for _, u := range list.Value {
out <- azure.ContainerRegistryResult{
if ok := pipeline.Send(ctx.Done(), out, azure.ContainerRegistryResult{
SubscriptionId: "/subscriptions/" + subscriptionId,
Ok: u,
}); !ok {
return
}
}
nextLink = list.NextLink
Expand Down
Loading

0 comments on commit faeb09f

Please sign in to comment.