BUILD.

Jake Hildreth · Jake Hildreth · commit 81d0850e9b5c · 2024-11-10T07:08:14.000-06:00
diff --git a/Build/Build-Module.ps1 b/Build/Build-Module.ps1
@@ -129,10 +129,11 @@ Build-Module -ModuleName 'Locksmith' {
 
     $PostScriptMerge = { Invoke-Locksmith -Mode $Mode -Scans $Scans }
 
-    New-ConfigurationArtefact -Type Packed -Enable -Path "$PSScriptRoot\..\Artefacts\Packed" -ArtefactName '<ModuleName>-v<ModuleVersion>.zip'
+    New-ConfigurationArtefact -Type Packed -Enable -Path "$PSScriptRoot\..\Artefacts\Packed" -ArtefactName '<ModuleName>.zip'
     New-ConfigurationArtefact -Type Script -Enable -Path "$PSScriptRoot\..\Artefacts\Script" -PreScriptMerge $PreScriptMerge -PostScriptMerge $PostScriptMerge -ScriptName "Invoke-<ModuleName>.ps1"
     New-ConfigurationArtefact -Type ScriptPacked -Enable -Path "$PSScriptRoot\..\Artefacts\ScriptPacked" -ArtefactName "Invoke-<ModuleName>.zip" -PreScriptMerge $PreScriptMerge -PostScriptMerge $PostScriptMerge -ScriptName "Invoke-<ModuleName>.ps1"
     New-ConfigurationArtefact -Type Unpacked -Enable -Path "$PSScriptRoot\..\Artefacts\Unpacked"
+    # New-ConfigurationPublish -Type PowerShellGallery -FilePath 'C:\Users\jake.BLUETUXEDO\Documents\API Keys\PSGallery.txt'
 }
 
 Copy-Item "$PSScriptRoot\..\Artefacts\Script\Invoke-Locksmith.ps1" "$PSScriptRoot\..\"
diff --git a/Invoke-Locksmith.ps1 b/Invoke-Locksmith.ps1
@@ -2160,7 +2160,7 @@ function Invoke-Scans {
         }
         ESC1 {
             Write-Host 'Identifying AD CS templates with dangerous ESC1 configurations...'
-            [array]$ESC1 = Find-ESC1 -ADCSObjects $ADCSObjects -SafeUsers $SafeUsers
+            [array]$ESC1 = Find-ESC1 -ADCSObjects $ADCSObjects -SafeUsers $SafeUsers -ClientAuthEKUs $ClientAuthEkus
         }
         ESC2 {
             Write-Host 'Identifying AD CS templates with dangerous ESC2 configurations...'
@@ -2187,9 +2187,13 @@ function Invoke-Scans {
             Write-Host 'Identifying HTTP-based certificate enrollment interfaces (ESC8)...'
             [array]$ESC8 = Find-ESC8 -ADCSObjects $ADCSObjects
         }
-        ESC6 {
+        ESC11 {
             Write-Host 'Identifying Issuing CAs with IF_ENFORCEENCRYPTICERTREQUEST disabled (ESC11)...'
-            [array]$ESC6 = Find-ESC6 -ADCSObjects $ADCSObjects
+            [array]$ESC11 = Find-ESC11 -ADCSObjects $ADCSObjects
+        }
+        ESC13 {
+            Write-Host 'Identifying AD CS templates with dangerous ESC13 configurations...'
+            [array]$ESC11 = Find-ESC13 -ADCSObjects $ADCSObjects -SafeUsers $SafeUsers -ClientAuthEKUs $ClientAuthEKUs
         }
         All {
             Write-Host 'Identifying auditing issues...'
@@ -2264,7 +2268,7 @@ descriptions, code used to find, code used to fix, and reference URLs. This is i
 
 function New-Dictionary {
     class VulnerableConfigurationItem {
-        static [string] $Version = '2023.10.01.000'
+        static [string] $Version = '2024.11.03.000'
         [string]$Name
         [ValidateSet('Escalation Path', 'Server Configuration', 'GPO Setting')][string]$Category
         [string]$Subcategory
@@ -3226,7 +3230,6 @@ function Invoke-Locksmith {
     )
 
     $Version = '2024.11.10'
-
     $LogoPart1 = @"
     _       _____  _______ _     _ _______ _______ _____ _______ _     _
     |      |     | |       |____/  |______ |  |  |   |      |    |_____|
diff --git a/Private/Invoke-Scans.ps1 b/Private/Invoke-Scans.ps1
@@ -72,7 +72,7 @@ function Invoke-Scans {
         }
         ESC1 {
             Write-Host 'Identifying AD CS templates with dangerous ESC1 configurations...'
-            [array]$ESC1 = Find-ESC1 -ADCSObjects $ADCSObjects -SafeUsers $SafeUsers
+            [array]$ESC1 = Find-ESC1 -ADCSObjects $ADCSObjects -SafeUsers $SafeUsers -ClientAuthEKUs $ClientAuthEkus
         }
         ESC2 {
             Write-Host 'Identifying AD CS templates with dangerous ESC2 configurations...'
@@ -103,6 +103,10 @@ function Invoke-Scans {
             Write-Host 'Identifying Issuing CAs with IF_ENFORCEENCRYPTICERTREQUEST disabled (ESC11)...'
             [array]$ESC11 = Find-ESC11 -ADCSObjects $ADCSObjects
         }
+        ESC13 {
+            Write-Host 'Identifying AD CS templates with dangerous ESC13 configurations...'
+            [array]$ESC11 = Find-ESC13 -ADCSObjects $ADCSObjects -SafeUsers $SafeUsers -ClientAuthEKUs $ClientAuthEKUs
+        }
         All {
             Write-Host 'Identifying auditing issues...'
             [array]$AuditingIssues = Find-AuditingIssue -ADCSObjects $ADCSObjects

Original file line number	Diff line number	Diff line change
`@@ -72,7 +72,7 @@ function Invoke-Scans {`
`72`	`72`	`}`
`73`	`73`	`ESC1 {`
`74`	`74`	`Write-Host 'Identifying AD CS templates with dangerous ESC1 configurations...'`
`75`		`- [array]$ESC1 = Find-ESC1 -ADCSObjects $ADCSObjects -SafeUsers $SafeUsers`
	`75`	`+ [array]$ESC1 = Find-ESC1 -ADCSObjects $ADCSObjects -SafeUsers $SafeUsers -ClientAuthEKUs $ClientAuthEkus`
`76`	`76`	`}`
`77`	`77`	`ESC2 {`
`78`	`78`	`Write-Host 'Identifying AD CS templates with dangerous ESC2 configurations...'`
`@@ -103,6 +103,10 @@ function Invoke-Scans {`
`103`	`103`	`Write-Host 'Identifying Issuing CAs with IF_ENFORCEENCRYPTICERTREQUEST disabled (ESC11)...'`
`104`	`104`	`[array]$ESC11 = Find-ESC11 -ADCSObjects $ADCSObjects`
`105`	`105`	`}`
	`106`	`+ ESC13 {`
	`107`	`+ Write-Host 'Identifying AD CS templates with dangerous ESC13 configurations...'`
	`108`	`+ [array]$ESC11 = Find-ESC13 -ADCSObjects $ADCSObjects -SafeUsers $SafeUsers -ClientAuthEKUs $ClientAuthEKUs`
	`109`	`+ }`
`106`	`110`	`All {`
`107`	`111`	`Write-Host 'Identifying auditing issues...'`
`108`	`112`	`[array]$AuditingIssues = Find-AuditingIssue -ADCSObjects $ADCSObjects`