Jump to content

Recommended Posts

Posted (edited)

Recently I was using csvde to execute some LDAP queries on a domain controller to create some reports.  I noticed that when I queried the objectSID, it was returned (output) in binary format instead of the S-#-#-##-### (string) format I needed to compare with.  I found there was a function I could use in the Security.au3 UDF to convert the SID Binary value to the SID String format; however, the example in the help file collected the SID binary value by using another function to lookup an AD object by name.  Since I already had the SID, this "step" was erroneous to me, but I was still required to do some work to make the _Security__SidToStringSid function accept my binary values--namely creating and populating a DLLStruct before using as a parameter for the SidToSTringSid function.  Below is a small illustration of what I did. It wasn't particularly complicated or difficult, but may provide some insight to folks who don't mess/work with DLLStructs much.  Also, my "real" script utilized a lengthy CSV report and parsed it to replace the binary values with the SID strings.  I just wanted to share this snippet.

#include <security.au3>

msgbox(0,"Builtin\Users",_SIDBinaryToStr("01020000000000052000000021020000"))
msgbox(0,"Builtin\Guests",_SIDBinaryToStr("01020000000000052000000022020000"))
msgbox(0,"Domain Users",_SIDBinaryToStr("010500000000000515000000e2ef6c5193efdefff2b6dd4401020000"))

Func _SIDBinaryToStr($hSID)
    Local $tSID = DllStructCreate("byte SID[256]")
    DllStructSetData($tSID, "SID", Binary("0x" & $hSID))

    Local $sStringSID = _Security__SidToStringSid($tSID)
    Return $sStringSID
EndFunc

 

Edited by spudw2k
Posted

My AD UDF already has all needed functions to handle SIDs :) 

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Posted (edited)

I would have liked to have used it too, but the environment I was working in is very locked down.  Scripting and non-approved applications are blocked by application control.  Not only are they blocked, but they are alerted and monitored by a SOC. I had to use the tool(s) available to me, extract the data from the network--thankfully I had that luxury at least--, use autoit outside the environment and upload the data back into the network.

:( Very inefficient, but my only option--at least the quickest one I knew of.

Edited by spudw2k
Posted

You have the luxury of a SOC? Great! But they should establish a process to add applications to a whitelist so th efficiency of the company can be enhanced :)

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Posted (edited)

One would hope, but it's senthsitive. What I need to do is build a case for justification.  For some reason efficiency isn't an easy selling point.

Hell, i'd settle for vbscript or powershell, but if I had my druthers, it'd be autoit. ;)

Edited by spudw2k

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...