fix: added timeout wrapper to SmbProcessor.cs (#188)

* fix: added timeout wrapper to SmbProcessor.cs

* fix: added timeout wrapper to DCLdapProcessor.cs

* remove empty space

* chore: adding SendComputerStatus and send fail if Timeout Task fail

* chore: version bump

* chore: test smbProcessor timeout

* chore: fix test

* chore: test DCLdapProcessor timeouts

* chore: ???

* chore: fixed DCLdapProcessor tests \o/

* chore: fixing up some bits

* fix: split logic for dc ldap processor

* chore: fix test

* chore: fix test?

* chore: use it.isany

* chore: bump version

* chore: remove bad code

* chore: already bumped the version, it should be on 4.2.3

* chore: add todo

---------

Co-authored-by: Rohan Vazarkar <rvazarkar@specterops.io>

Author: ktstrader

src/CommonLib/Processors/DCLdapProcessor.cs

@@ -6,6 +6,7 @@
 using System;
 using System.Diagnostics.CodeAnalysis;
 using System.Threading.Tasks;
+using SharpHoundRPC;
 using SharpHoundRPC.PortScanner;
 
 namespace SharpHoundCommonLib.Processors;
@@ -25,39 +26,88 @@ public class DCLdapProcessor {
     private readonly int _ldapTimeout;
     private readonly Uri _ldapEndpoint;
     private readonly Uri _ldapSslEndpoint;
+    public delegate Task ComputerStatusDelegate(CSVComputerStatus status);
 
     private readonly string SEC_E_UNSUPPORTED_FUNCTION = "80090302";
     private readonly string SEC_E_BAD_BINDINGS = "80090346";
 
 
-    public DCLdapProcessor(int portScanTimeout, string dcHostname, ILogger log) {
-        _log = log;
+    public DCLdapProcessor(int portScanTimeout, string dcHostname, ILogger log = null) {
+        _log = log ?? Logging.LogProvider.CreateLogger("DCLdapProcessor");
         _scanner = new PortScanner();
         _portScanTimeout = portScanTimeout;
         _ldapTimeout = portScanTimeout / 1000;
         _ldapEndpoint = new Uri($"ldap://{dcHostname}:389");
         _ldapSslEndpoint = new Uri($"ldaps://{dcHostname}:636");
     }
+    
+    public event ComputerStatusDelegate ComputerStatusEvent;
 
-    public async Task<LdapService> Scan() {
+    public async Task<LdapService> Scan(string computerName, TimeSpan timeout = default) {
+        if (timeout == default) {
+            timeout = TimeSpan.FromMinutes(2);
+        }
+        
         var hasLdap = await TestLdapPort();
         var hasLdaps = await TestLdapsPort();
-        APIResult<bool> isSigningRequired = new(),
+        SharpHoundRPC.Result<bool> isSigningRequired = new(),
             isChannelBindingDisabled = new();
 
         if (hasLdap) {
-            isSigningRequired = await CheckIsNtlmSigningRequired();
+            isSigningRequired = await Task.Run(CheckIsNtlmSigningRequired).TimeoutAfter(timeout);
         }
 
         if (hasLdaps) {
-            isChannelBindingDisabled = await CheckIsChannelBindingDisabled();
+            isChannelBindingDisabled = await Task.Run(CheckIsChannelBindingDisabled).TimeoutAfter(timeout);
+        }
+
+        if (isSigningRequired.IsFailed) {
+            await SendComputerStatus(new CSVComputerStatus {
+                Status = isSigningRequired.Error,
+                Task = "DCLdapIsSigningRequired",
+                ComputerName = computerName
+            });
+            _log.LogTrace("DCLdapScan failed on IsSigningRequired for {ComputerName}: {Status}", computerName, isSigningRequired.Status);
+        } else {
+            await SendComputerStatus(new CSVComputerStatus {
+                Status = CSVComputerStatus.StatusSuccess,
+                Task = "DCLdapIsSigningRequired",
+                ComputerName = computerName
+            });
         }
 
+        if (isChannelBindingDisabled.IsFailed) {
+            await SendComputerStatus(new CSVComputerStatus {
+                Status = isChannelBindingDisabled.Error,
+                Task = "DCLdapIsChannelBindingDisabled",
+                ComputerName = computerName
+            });
+            _log.LogTrace("DCLdapScan failed on IsChannelBindingDisabled for {ComputerName}: {Status}", computerName, isSigningRequired.Status);
+        } else {
+            await SendComputerStatus(new CSVComputerStatus {
+                Status = CSVComputerStatus.StatusSuccess,
+                Task = "DCLdapIsChannelBindingDisabled",
+                ComputerName = computerName
+            });
+        }
+        
         return new LdapService(
             hasLdap,
             hasLdaps,
-            isSigningRequired,
-            isChannelBindingDisabled
+            new APIResult<bool>
+            {
+                Collected = isSigningRequired.IsSuccess,
+                FailureReason = isSigningRequired.Error,
+                Result = isSigningRequired.Value,
+
+            },
+            new APIResult<bool>
+            {
+                Collected = isChannelBindingDisabled.IsSuccess,
+                FailureReason = isChannelBindingDisabled.Error,
+                Result = isChannelBindingDisabled.Value,
+
+            }
         );
     }
 
@@ -66,25 +116,26 @@ public async Task<LdapService> Scan() {
     /// </summary>
     /// <returns>bool</returns>
     [ExcludeFromCodeCoverage]
-    public async Task<bool> TestLdapPort() {
+    public virtual async Task<bool> TestLdapPort() {
         return await _scanner.CheckPort(_ldapEndpoint.Host, _ldapEndpoint.Port, _portScanTimeout);
     }
 
     [ExcludeFromCodeCoverage]
-    public async Task<bool> TestLdapsPort() {
+    public virtual async Task<bool> TestLdapsPort() {
         return await _scanner.CheckPort(_ldapSslEndpoint.Host, _ldapSslEndpoint.Port, _portScanTimeout);
     }
 
-    public async Task<APIResult<bool>> CheckIsNtlmSigningRequired() {
+    public virtual async Task<SharpHoundRPC.Result<bool>> CheckIsNtlmSigningRequired() {
         try {
             var options = new LdapAuthOptions() {
                 Signing = false
             };
             var accessibleWithoutSigning = await Authenticate(_ldapEndpoint, options);
 
-            return APIResult<bool>.Success(accessibleWithoutSigning == false);
+            return SharpHoundRPC.Result<bool>.Ok(accessibleWithoutSigning == false);
+
         } catch (Exception ex) {
-            return APIResult<bool>.Failure($"CheckIsNtlmSigningRequired failed: {ex}");
+            return SharpHoundRPC.Result<bool>.Fail($"CheckIsNtlmSigningRequired failed: {ex}");
         }
     }
 
@@ -96,7 +147,7 @@ public async Task<APIResult<bool>> CheckIsNtlmSigningRequired() {
     // 3) Correct bindings to ensure NTLM auth is enabled
     // However, as of right now we only do #2. We can't do #1 right now since the
     // Window's SSPI APIs (InitSecurityContext) always add channel bindings.
-    public async Task<APIResult<bool>> CheckIsChannelBindingDisabled() {
+    public virtual async Task<SharpHoundRPC.Result<bool>> CheckIsChannelBindingDisabled() {
         try {
             // 1) Can we connect with *invalid* bindings
 
@@ -107,10 +158,10 @@ public async Task<APIResult<bool>> CheckIsChannelBindingDisabled() {
                 Signing = false,
                 Bindings = bindings
             });
+            return SharpHoundRPC.Result<bool>.Ok(accessibleWithNoBindings);
 
-            return APIResult<bool>.Success(accessibleWithNoBindings);
         } catch (Exception ex) {
-            return APIResult<bool>.Failure($"CheckIsNtlmSigningRequired failed: {ex}");
+            return SharpHoundRPC.Result<bool>.Fail($"CheckIsNtlmSigningRequired failed: {ex}");
         }
     }
 
@@ -169,4 +220,8 @@ private async Task<bool> Authenticate(Uri endpoint, LdapAuthOptions options) {
 
         return false;
     }
+    
+    private async Task SendComputerStatus(CSVComputerStatus status) {
+        if (ComputerStatusEvent is not null) await ComputerStatusEvent.Invoke(status);
+    }
 }

src/CommonLib/Processors/SmbProcessor.cs

@@ -5,6 +5,7 @@
 using System.Net.Sockets;
 using System.Text;
 using System.Threading.Tasks;
+using SharpHoundRPC;
 
 namespace SharpHoundCommonLib.Processors {
     /// <summary>
@@ -16,43 +17,85 @@ namespace SharpHoundCommonLib.Processors {
     /// </summary>
     /// <param name="timeoutMs"></param>
     /// <param name="log"></param>
-    public class SmbProcessor(int timeoutMs, ILogger log = null) {
-        private readonly ILogger _log = log ?? Logging.LogProvider.CreateLogger("SmbProcessor");
-
-        public async Task<APIResult<SmbInfo>> Scan(string host) {
-            var scanner = new SmbScanner();
-            var result = await scanner.Scan(host, 445, timeoutMs);
-
-            if (result.Success && result.Info != null) {
-                var info = new SmbInfo() {
-                    SigningEnabled = result.Info.SmbSigning,
-                    OsVersion = result.Info.OsVersion,
-                    OsBuild = result.Info.OsBuildNumber.ToString(),
-                    DnsComputerName = result.Info.DnsComputerName,
-                };
-
-                return APIResult<SmbInfo>.Success(info);
-            } else {
-                return APIResult<SmbInfo>.Failure(result.ErrorMessage ?? "Unknown error");
+    public class SmbProcessor
+    {
+        //TODO: Have this class take in our portscanner class and use that
+        public delegate Task ComputerStatusDelegate(CSVComputerStatus status);
+        private readonly ILogger _log;
+        private readonly SmbScanner _smbScanner;
+        private readonly int _timeoutMs;
+        
+        public SmbProcessor(int timeoutMs, SmbScanner smbScanner = null, ILogger log = null)
+        {
+            _timeoutMs = timeoutMs;
+            _smbScanner = smbScanner ?? new SmbScanner();
+            _log = log ?? Logging.LogProvider.CreateLogger("SmbProcessor");
+        }
+
+        public event ComputerStatusDelegate ComputerStatusEvent;
+        public virtual async Task<APIResult<SmbInfo>> Scan(string host, TimeSpan timeout = default) {
+            if (timeout == default) {
+                timeout = TimeSpan.FromMinutes(2);
             }
+
+            var result = await Task.Run(() => _smbScanner.Scan(host, 445, _timeoutMs)).TimeoutAfter(timeout);
+
+            if (result.IsFailed) {
+                await SendComputerStatus(new CSVComputerStatus {
+                    Status = result.Error,
+                    Task = "SmbScan",
+                    ComputerName = host
+                });
+                _log.LogTrace("SmbScan failed on {ComputerName}: {Status}", host, result.Status);
+                return APIResult<SmbInfo>.Failure(result.Status.ToString());
+            }
+
+            if (result.Value.Info == null)
+            {
+                await SendComputerStatus(new CSVComputerStatus {
+                    Status = result.Error ?? "Unknown error",
+                    Task = "SmbScan",
+                    ComputerName = host
+                });
+                _log.LogTrace("SmbScan failed on {ComputerName}: {Status}", host, result.Status);
+                return APIResult<SmbInfo>.Failure(result.Error ?? "Unknown error");
+            }
+            
+            _log.LogDebug("SmbScan succeeded on {ComputerName}", host);
+            await SendComputerStatus(new CSVComputerStatus {
+                Status = CSVComputerStatus.StatusSuccess,
+                Task = "SmbScan",
+                ComputerName = host
+            });
+            
+            var info = new SmbInfo() {
+                SigningEnabled = result.Value.Info.SmbSigning,
+                OsVersion = result.Value.Info.OsVersion,
+                OsBuild = result.Value.Info.OsBuildNumber.ToString(),
+                DnsComputerName = result.Value.Info.DnsComputerName,
+            };
+
+            return APIResult<SmbInfo>.Success(info);
+
+        }
+        
+        private async Task SendComputerStatus(CSVComputerStatus status) {
+            if (ComputerStatusEvent is not null) await ComputerStatusEvent.Invoke(status);
         }
     }
 
-
     public enum SmbVersion {
         Unknown,
         SMBv1,
         SMBv2
     }
 
-    public class SmbScanResult {
-        public SmbScanResult(string host) {
+    public class SmbScanInfo {
+        public SmbScanInfo(string host) {
             Host = host;
         }
 
         public string Host { get; set; }
-        public bool Success { get; set; }
-        public string ErrorMessage { get; set; }
         public NTLMInfo Info { get; set; }
         public SmbVersion SmbVersion { get; set; }
     }
@@ -150,9 +193,8 @@ public static NTLMInfo FromBytes(byte[] buf) {
     }
 
     public class SmbScanner {
-        public async Task<SmbScanResult> Scan(string host, int port, int timeoutMs = 10000) {
-            var result = new SmbScanResult(host) {
-                Success = false,
+        public virtual async Task<SharpHoundRPC.Result<SmbScanInfo>> Scan(string host, int port, int timeoutMs = 10000) {
+            var scanInfo = new SmbScanInfo(host) {
                 SmbVersion = SmbVersion.Unknown
             };
 
@@ -162,8 +204,7 @@ public async Task<SmbScanResult> Scan(string host, int port, int timeoutMs = 100
                 smbClient = await ConnectAsync(host, port, timeoutMs);
 
                 if (!smbClient.Connected) {
-                    result.ErrorMessage = "SMBInfo can't connect!";
-                    return result;
+                    return SharpHoundRPC.Result<SmbScanInfo>.Fail("SMBInfo can't connect!");
                 }
 
                 var smbClientStream = smbClient.GetStream();
@@ -199,14 +240,13 @@ public async Task<SmbScanResult> Scan(string host, int port, int timeoutMs = 100
                     }
 
                     if (ss.Length >= 2) {
-                        result.Info = NTLMInfo.FromBytes(smbClientReceive);
-                        result.Info.NativeOs = ss[0];
-                        result.Info.NativeLanManager = ss[1];
-                        result.Info.SmbSigning = signingEnabled;
+                        scanInfo.Info = NTLMInfo.FromBytes(smbClientReceive);
+                        scanInfo.Info.NativeOs = ss[0];
+                        scanInfo.Info.NativeLanManager = ss[1];
+                        scanInfo.Info.SmbSigning = signingEnabled;
                     }
 
-                    result.SmbVersion = SmbVersion.SMBv1;
-                    result.Success = true;
+                    scanInfo.SmbVersion = SmbVersion.SMBv1;
                 } catch {
                     // If SMBv1 fails, try SMBv2 with a new connection
                     if (smbClient != null) {
@@ -221,8 +261,7 @@ public async Task<SmbScanResult> Scan(string host, int port, int timeoutMs = 100
                     if (BitConverter.ToString([
                             smbClientReceive[4], smbClientReceive[5], smbClientReceive[6], smbClientReceive[7]
                         ]).ToLower() == "ff-53-4d-42") {
-                        result.ErrorMessage = "Could not connect with SMBv2";
-                        return result;
+                        return SharpHoundRPC.Result<SmbScanInfo>.Fail("Could not connect with SMBv2");
                     }
 
                     var signingEnabled = BitConverter.ToString([smbClientReceive[70]]) == "03";
@@ -233,19 +272,18 @@ public async Task<SmbScanResult> Scan(string host, int port, int timeoutMs = 100
                     smbClientReceive = await SendStreamAsync(smbClientStream, GetNTLMSSPNegotiatev2Data(smbPackets),
                         operationCts.Token);
 
-                    result.Info = NTLMInfo.FromBytes(smbClientReceive);
-                    result.Info.SmbSigning = smbPackets.SMB_Signing;
+                    scanInfo.Info = NTLMInfo.FromBytes(smbClientReceive);
+                    scanInfo.Info.SmbSigning = smbPackets.SMB_Signing;
 
-                    result.SmbVersion = SmbVersion.SMBv2;
-                    result.Success = true;
+                    scanInfo.SmbVersion = SmbVersion.SMBv2;
                 }
             } catch (Exception ex) {
-                result.ErrorMessage = ex.Message;
+                return SharpHoundRPC.Result<SmbScanInfo>.Fail(ex.Message);
             } finally {
                 smbClient?.Close();
             }
 
-            return result;
+            return SharpHoundRPC.Result<SmbScanInfo>.Ok(scanInfo);
         }
 
         private static async Task<TcpClient> ConnectAsync(string host, int port, int timeoutMs) {

src/CommonLib/SharpHoundCommonLib.csproj

@@ -9,7 +9,7 @@
         <PackageDescription>Common library for C# BloodHound enumeration tasks</PackageDescription>
         <PackageLicenseExpression>GPL-3.0-only</PackageLicenseExpression>
         <RepositoryUrl>https://github.com/BloodHoundAD/SharpHoundCommon</RepositoryUrl>
-        <Version>4.2.2</Version>
+        <Version>4.2.3</Version>
         <AssemblyName>SharpHoundCommonLib</AssemblyName>
         <RootNamespace>SharpHoundCommonLib</RootNamespace>
     </PropertyGroup>