Jonas Bülow Knudsen
Jonas Bülow Knudsen
In you have a permission like GenericAll on an OU, you will have a path to all descendant objects with the Contains edge: You - [GenericAll] -> OU - [Contains]...
My colleagues and I have discovered some new AD trust attacks. Thought it would be cool if they were in your great library :)
**Describe the bug** If you click a button that spawns a sub-window (e.g., settings) and you move that sub-window to a new location on the screen, BH will save that...
The GetChangesInFilteredSet edge is not fully implemented. Right-clicking the edge does not work but I expect there could additional aspects which are not working. It is also not documented in...
TLDR: BloodHound creates AdminTo edges to DCs based on group policy preferences in GPOs. Group policy preferences do not apply to DCs, why this is a false positive. **Description** It...
The msPKI-RA-Application-Policies attribute has two different syntaxes. This change implements parsing of the second syntax described here: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-crtd/c55ec697-be3f-4117-8316-8895e4399237 The result is that we no longer get strings like this (if...
We check if principals are added to local groups such as Administrators through linked GPOs and create edges like AdminTo based on that with the function `ReadGPOLocalGroups`: https://github.com/BloodHoundAD/SharpHoundCommon/blob/ed7b3916d304c9dba901cf58876607bb0576610e/src/CommonLib/Processors/GPOLocalGroupProcessor.cs#L63 We should...
Collecting RODC attributes and ACEs related to RODC abuses. Here is the computers file generated including an example of a RODC and some other computers. [20230222102129_computers.txt](https://github.com/BloodHoundAD/SharpHoundCommon/files/10807299/20230222102129_computers.txt) SharpHound PR: https://github.com/BloodHoundAD/SharpHound/pull/41
Related PR for SharpHoundCommon: https://github.com/BloodHoundAD/SharpHoundCommon/pull/48