Merge branch 'v4' into BED-7724

rvazarkar · web-flow · commit 2553fd3e1966 · 2026-04-06T11:46:54.000-04:00
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
@@ -1,35 +1,40 @@
 ## Description
-
-<!--- Describe your changes in detail -->
+<!-- Describe your changes in detail -->
 
 ## Motivation and Context
+<!-- Why is this change required? What problem does it solve? -->
 
-<!--- Why is this change required? What problem does it solve? -->
-<!--- If it fixes an open issue, please link to the issue here. -->
+This PR addresses: [GitHub issue or Jira ticket number]
 
 ## How Has This Been Tested?
-
-<!--- Please describe in detail how you tested your changes. -->
-<!--- Include details of your testing environment, and the tests you ran to -->
-<!--- see how your change affects other areas of the code, etc. -->
+<!--
+Please describe in detail how you tested your changes.
+Include details of your testing environment, and the tests you ran to
+see how your change affects other areas of the code, etc.*
+-->
 
 ## Screenshots (if appropriate):
 
 ## Types of changes
+<!-- What types of changes does your code introduce? Put an `x` in all the boxes that apply: -->
 
-<!--- What types of changes does your code introduce? Put an `x` in all the boxes that apply: -->
-
--   [ ] Chore (a change that does not modify the application functionality)
--   [ ] Bug fix (non-breaking change which fixes an issue)
--   [ ] New feature (non-breaking change which adds functionality)
--   [ ] Breaking change (fix or feature that would cause existing functionality to change)
+- [ ] Chore (a change that does not modify the application functionality)
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to change)
 
 ## Checklist:
-
-<!--- Go over all the following points, and put an `x` in all the boxes that apply. -->
-<!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->
-
--   [ ] Documentation updates are needed, and have been made accordingly.
--   [ ] I have added and/or updated tests to cover my changes.
--   [ ] All new and existing tests passed.
--   [ ] My changes include a database migration.
+<!-- Please make sure you have completed all following checks. -->
+<!-- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->
+
+- [ ] I have met the contributing prerequisites
+  - Assigned myself to this PR
+  - Added the appropriate labels
+  - Associated an issue: https://github.com/SpecterOps/BloodHound/issues/672
+  - Read the Contributing guide: https://github.com/SpecterOps/BloodHound/wiki/Contributing
+- [ ] I have ensured that related documentation is up-to-date
+  - Open API docs
+  - Code comments
+- [ ] I have followed proper test practices
+  - Added/updated tests to cover my changes
+  - All new and existing tests passed
diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml
@@ -0,0 +1,27 @@
+name: Build and Test
+
+on:
+  pull_request:
+    branches:
+      - v4
+
+jobs:
+  build-and-test:
+    runs-on: windows-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+  
+      - name: Setup .NET
+        uses: actions/setup-dotnet@v5
+        with:
+          dotnet-version: 8.0.x
+  
+      - name: Restore dependencies
+        run: dotnet restore
+  
+      - name: Build
+        run: dotnet build --no-restore
+  
+      - name: Test
+        run: dotnet test --no-build
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
diff --git a/.github/workflows/publish-dev-package.yml b/.github/workflows/publish-dev-package.yml
@@ -0,0 +1,94 @@
+name: Publish Dev Package
+
+on:
+  push:
+    branches:
+      - "v4"
+
+jobs:
+  update-dev-package:
+    name: update-dev-package
+    runs-on: windows-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+
+      - name: Setup .NET
+        uses: actions/setup-dotnet@v5
+        with:
+          dotnet-version: 8.0.x
+
+      - name: Compute dev version
+        id: version
+        shell: pwsh
+        run: |
+          $base_version = dotnet msbuild Directory.Build.props --getProperty:Version
+          $parts = $base_version.Split('.')
+          $parts[2] = [int]$parts[2] + 1
+          $next_version = $parts -join '.'
+          $date_stamp = Get-Date -Format 'yyyyMMddHHmm'
+          "dev_version=$next_version-dev.$date_stamp" >> $env:GITHUB_OUTPUT
+
+      - name: Restore dependencies
+        run: dotnet restore
+
+      - name: Pack
+        run: |
+          mkdir pkgs
+          dotnet pack --no-restore -c Release -p:PackageVersion=${{ steps.version.outputs.dev_version }} -o ./pkgs
+
+      - name: Publish to SpecterOps Packages
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_KEY }}
+        run: |
+          dotnet tool install -g sleet
+          sleet push ./pkgs
+
+      #the prune command deletes older -dev package versions to avoid clutter
+      #it deletes any versions of the $packageIds with "-dev" that are older than the first $maxDevVersions
+      #set $dryRun to true for debugging without deleting any packages
+      - name: Prune old -dev packages
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_KEY }}
+        shell: pwsh
+        run: |
+          $dryRun = $false
+          $packageIndexUrl = 'https://s3.amazonaws.com/bloodhound-ad/sleet.packageindex.json'
+          $packageIds = @('SharpHoundCommon', 'SharpHoundRPC')
+          $maxDevVersions = 5
+          
+          $packageIndex = Invoke-RestMethod -Uri $packageIndexUrl
+          
+          foreach ($packageId in $packageIds) {
+            #get all -dev packages sorted by descending versions
+            $devPackages = @(
+              foreach ($version in ($packageIndex.packages.$packageId | Where-Object { $_ -like '*-dev.*' })) {
+                try {
+                  [pscustomobject]@{
+                    PackageId = $packageId
+                    Version   = $version
+                    SemVer    = [System.Management.Automation.SemanticVersion]$version
+                  }
+                } catch {
+                  Write-Warning "Skipping unparseable version: $packageId $version"
+                }
+              }
+            ) | Sort-Object SemVer -Descending
+              
+            Write-Host "($($devPackages.Length)) $packageId -dev versions in feed:"
+            $devPackages | Format-Table -AutoSize
+            
+            Write-Host "Beginning prune:"
+          
+            #skip $maxDevVersions and delete remaining -dev packages
+            $devPackages | Select-Object -Skip $maxDevVersions | ForEach-Object {
+              if ($dryRun) {
+                Write-Host "[DRY RUN] sleet delete --id $($_.PackageId) --version $($_.Version)"
+              }
+              else {
+                sleet delete --id $_.PackageId --version $_.Version --reason "Prune old dev build"
+              }
+            }
+          }
diff --git a/Directory.Build.props b/Directory.Build.props
@@ -1,4 +1,14 @@
 <Project>
+    <PropertyGroup>
+        <TargetFramework>net472</TargetFramework>
+        <OutputType>library</OutputType>
+        <LangVersion>default</LangVersion>
+        <Authors>Rohan Vazarkar</Authors>
+        <Company>SpecterOps</Company>
+        <PackageLicenseExpression>GPL-3.0-only</PackageLicenseExpression>
+        <RepositoryUrl>https://github.com/SpecterOps/SharpHoundCommon</RepositoryUrl>
+        <Version>4.6.0</Version>
+    </PropertyGroup>
     <ItemGroup>
         <AssemblyAttribute Include="System.Runtime.CompilerServices.InternalsVisibleTo">
             <_Parameter1>CommonLibTest</_Parameter1>
diff --git a/src/CommonLib/README.md b/src/CommonLib/README.md
@@ -0,0 +1,46 @@
+# SharpHoundCommon
+
+SharpHoundCommon provides the high-level shared components used to build AD enumeration workflows. It includes initialization, caching, LDAP helpers, host and service processors, and registry and user-rights collection logic used by SharpHound collectors.
+
+## When to use this package
+
+Use `SharpHoundCommon` if you are building a collector or integration that needs higher-level enumeration behavior. This is the package most consumers should start with.
+
+## Requirements
+
+- .NET Framework 4.7.2
+- Windows and Active Directory oriented workloads
+
+## Install
+
+```powershell
+dotnet add package SharpHoundCommon
+```
+
+## Getting started
+
+```csharp
+using SharpHoundCommonLib;
+
+CommonLib.InitializeCommonLib();
+```
+
+You may optionally provide an `ILogger` and a pre-created `Cache` instance to `CommonLib.InitializeCommonLib(...)`.
+
+## Included capabilities
+
+- Shared initialization and cache management via `CommonLib` and `Cache`
+- LDAP querying and identity resolution via `LdapUtils`
+- Host availability, SMB, and LDAP service checks via `ComputerAvailability`, `SmbProcessor`, and `DCLdapProcessor`
+- Registry collection orchestration via `RegistryProcessor`
+- User rights, SPN, and certificate-related processing helpers
+
+## Relationship to SharpHoundRPC
+
+`SharpHoundCommon` depends on `SharpHoundRPC` and is intended to be the higher-level entry point. Most consumers should not reference `SharpHoundRPC` directly unless they need its lower-level SAM, LSA, NetAPI, or registry APIs.
+
+## Source and support
+
+- Source: https://github.com/SpecterOps/SharpHoundCommon
+- Issues: https://github.com/SpecterOps/SharpHoundCommon/issues
+- License: GPL-3.0-only
diff --git a/src/CommonLib/SharpHoundCommonLib.csproj b/src/CommonLib/SharpHoundCommonLib.csproj
@@ -1,17 +1,11 @@
 ﻿<Project Sdk="Microsoft.NET.Sdk">
     <PropertyGroup>
-        <TargetFramework>net472</TargetFramework>
-        <OutputType>library</OutputType>
         <PackageId>SharpHoundCommon</PackageId>
-        <LangVersion>default</LangVersion>
-        <Authors>Rohan Vazarkar</Authors>
-        <Company>SpecterOps</Company>
         <PackageDescription>Common library for C# BloodHound enumeration tasks</PackageDescription>
-        <PackageLicenseExpression>GPL-3.0-only</PackageLicenseExpression>
-        <RepositoryUrl>https://github.com/BloodHoundAD/SharpHoundCommon</RepositoryUrl>
-        <Version>4.6.0</Version>
+        <PackageReadmeFile>README.md</PackageReadmeFile>
         <AssemblyName>SharpHoundCommonLib</AssemblyName>
         <RootNamespace>SharpHoundCommonLib</RootNamespace>
+        <AllowUnsafeBlocks>True</AllowUnsafeBlocks>
     </PropertyGroup>
     <PropertyGroup>
         <AllowedOutputExtensionsInPackageBuildOutputFolder>$(AllowedOutputExtensionsInPackageBuildOutputFolder);.pdb</AllowedOutputExtensionsInPackageBuildOutputFolder>
@@ -29,28 +23,9 @@
         <Reference Include="System.Net.Http" />
     </ItemGroup>
     <ItemGroup>
-        <Folder Include="Properties" />
+        <ProjectReference Include="..\SharpHoundRPC\SharpHoundRPC.csproj" />
     </ItemGroup>
     <ItemGroup>
-        <ProjectReference Include="..\SharpHoundRPC\SharpHoundRPC.csproj" PrivateAssets="All" />
+        <None Include="README.md" Pack="true" PackagePath="" />
     </ItemGroup>
-    <PropertyGroup>
-        <TargetsForTfmSpecificBuildOutput>
-            $(TargetsForTfmSpecificBuildOutput);CopyProjectReferencesToPackage</TargetsForTfmSpecificBuildOutput>
-        <AllowUnsafeBlocks>True</AllowUnsafeBlocks>
-    </PropertyGroup>
-    <Target Name="CopyProjectReferencesToPackage" DependsOnTargets="BuildOnlySettings;ResolveReferences">
-        <ItemGroup>
-            <!-- Filter out unnecessary files -->
-            <_ReferenceCopyLocalPaths Include="@(ReferenceCopyLocalPaths-&gt;WithMetadataValue('ReferenceSourceTarget', 'ProjectReference')-&gt;WithMetadataValue('PrivateAssets', 'All'))" />
-        </ItemGroup>
-
-        <!-- Print batches for debug purposes -->
-        <Message Text="Batch for .nupkg: ReferenceCopyLocalPaths = @(_ReferenceCopyLocalPaths), ReferenceCopyLocalPaths.DestinationSubDirectory = %(_ReferenceCopyLocalPaths.DestinationSubDirectory) Filename = %(_ReferenceCopyLocalPaths.Filename) Extension = %(_ReferenceCopyLocalPaths.Extension)" Importance="High" Condition="'@(_ReferenceCopyLocalPaths)' != ''" />
-
-        <ItemGroup>
-            <!-- Add file to package with consideration of sub folder. If empty, the root folder is chosen. -->
-            <BuildOutputInPackage Include="@(_ReferenceCopyLocalPaths)" TargetPath="%(_ReferenceCopyLocalPaths.DestinationSubDirectory)" />
-        </ItemGroup>
-    </Target>
 </Project>
diff --git a/src/SharpHoundRPC/README.md b/src/SharpHoundRPC/README.md
@@ -0,0 +1,33 @@
+# SharpHoundRPC
+
+SharpHoundRPC exposes low-level Windows RPC, Win32, and remote collection helpers used by SharpHoundCommon and SharpHound collectors. It wraps SAM, LSA, NetAPI, and remote registry operations behind C# interfaces and result types.
+
+## When to use this package
+
+Use `SharpHoundRPC` directly only if you need low-level RPC or interop access. If you want higher-level enumeration workflows, install `SharpHoundCommon` instead.
+
+## Requirements
+
+- .NET Framework 4.7.2
+- Windows-focused functionality
+- Appropriate privileges, network reachability, and RPC availability on target systems
+
+## Install
+
+```powershell
+dotnet add package SharpHoundRPC
+```
+
+## Included capabilities
+
+- SAM access through `ISAMServer`, `ISAMDomain`, `SAMServerAccessor`, and related wrappers
+- LSA policy access via `LSAPolicy` for SID lookup and privilege enumeration
+- NetAPI helpers for sessions, workstation information, and domain controller discovery
+- Remote registry strategies using WMI or Remote Registry
+- Shared `Result<T>` and related helper types for error handling
+
+## Source and support
+
+- Source: https://github.com/SpecterOps/SharpHoundCommon
+- Issues: https://github.com/SpecterOps/SharpHoundCommon/issues
+- License: GPL-3.0-only
diff --git a/src/SharpHoundRPC/SharpHoundRPC.csproj b/src/SharpHoundRPC/SharpHoundRPC.csproj
@@ -1,14 +1,8 @@
 ﻿<Project Sdk="Microsoft.NET.Sdk">
     <PropertyGroup>
-        <TargetFramework>net472</TargetFramework>
-        <OutputType>library</OutputType>
         <PackageId>SharpHoundRPC</PackageId>
-        <LangVersion>default</LangVersion>
-        <Authors>Rohan Vazarkar</Authors>
-        <Company>SpecterOps</Company>
         <PackageDescription>SAM/LSA Wrapper for C# BloodHound tasks</PackageDescription>
-        <PackageLicenseExpression>GPL-3.0-only</PackageLicenseExpression>
-        <Version>4.6.0</Version>
+        <PackageReadmeFile>README.md</PackageReadmeFile>
         <AssemblyName>SharpHoundRPC</AssemblyName>
         <RootNamespace>SharpHoundRPC</RootNamespace>
     </PropertyGroup>
@@ -20,9 +14,9 @@
         <PackageReference Include="System.ValueTuple" Version="4.5.0"/>
     </ItemGroup>
     <ItemGroup>
-        <Folder Include="Properties"/>
+        <Reference Include="System.Management" />
     </ItemGroup>
     <ItemGroup>
-        <Reference Include="System.Management" />
+        <None Include="README.md" Pack="true" PackagePath="" />
     </ItemGroup>
 </Project>
