From 1d25ba90856019381ae2734c740229039ccb3fa7 Mon Sep 17 00:00:00 2001
From: Oran Nadler <orann>
Date: Mon, 30 Apr 2018 18:40:11 +0300
Subject: [PATCH] check SidType everywhere to make sure we don't have type
 errors

---
 monkey_island/cc/resources/pthmap.py | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/monkey_island/cc/resources/pthmap.py b/monkey_island/cc/resources/pthmap.py
index 67ed3e23d..400919d50 100644
--- a/monkey_island/cc/resources/pthmap.py
+++ b/monkey_island/cc/resources/pthmap.py
@@ -39,6 +39,16 @@ DsRole_RoleMemberServer = 3
 DsRole_RoleBackupDomainController = 4
 DsRole_RolePrimaryDomainController = 5
 
+SidTypeUser = 1
+SidTypeGroup = 2
+SidTypeDomain = 3
+SidTypeAlias = 4
+SidTypeWellKnownGroup = 5
+SidTypeDeletedAccount = 6
+SidTypeInvalid = 7
+SidTypeUnknown = 8
+SidTypeComputer = 9
+
 def myntlm(x):
     hash = hashlib.new('md4', x.encode('utf-16le')).digest()
     return str(binascii.hexlify(hash))
@@ -162,6 +172,9 @@ class Machine(object):
         for user in doc["data"]["Win32_UserAccount"]:
             if eval(user["Name"]) != username:
                 continue
+                
+            if eval(user["SIDType"]) != SidTypeUser:
+                continue
 
             return eval(user["SID"])
 
@@ -190,6 +203,9 @@ class Machine(object):
         for user in doc["data"]["Win32_UserAccount"]:
             if eval(user["SID"]) != sid:
                 continue
+                
+            if eval(user["SIDType"]) != SidTypeUser:
+                continue
 
             return { "Domain": eval(user["Domain"]),
                      "Username": eval(user["Name"]),
@@ -280,6 +296,9 @@ class Machine(object):
             if eval(group["Name"]) != group_name:
                 continue
 
+            if eval(group["SIDType"]) != SidTypeGroup:
+                continue
+
             return eval(group["SID"])
         
         return None
@@ -293,10 +312,16 @@ class Machine(object):
         for group_user in doc["data"]["Win32_GroupUser"]:
             if eval(group_user["GroupComponent"]["SID"]) != sid:
                 continue
+
+            if eval(group_user["GroupComponent"]["SIDType"]) != SidTypeGroup:
+                continue
             
             if "PartComponent" not in group_user.keys():
                 continue
 
+            if eval(group_user["PartComponent"]["SIDType"]) != SidTypeUser:
+                continue
+
             users[eval(group_user["PartComponent"]["SID"])] = eval(group_user["PartComponent"]["Name"])
         
         return users
@@ -335,6 +360,9 @@ class Machine(object):
         SIDs = set()
     
         for user in doc["data"]["Win32_UserAccount"]:
+            if eval(user["SIDType"]) != SidTypeUser:
+                continue
+        
             SIDs.add(eval(user["SID"]))
         
         return SIDs