From b54eb893307cd2592c3c79af627f9d821c082793 Mon Sep 17 00:00:00 2001
From: Oran Nadler <orann>
Date: Tue, 15 May 2018 11:10:32 +0300
Subject: [PATCH] Add 'Two machines should not share any local admin.' report

---
 monkey_island/cc/resources/pthmap.py | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/monkey_island/cc/resources/pthmap.py b/monkey_island/cc/resources/pthmap.py
index daf2dab60..af2688f56 100644
--- a/monkey_island/cc/resources/pthmap.py
+++ b/monkey_island/cc/resources/pthmap.py
@@ -49,6 +49,9 @@ SidTypeInvalid = 7
 SidTypeUnknown = 8
 SidTypeComputer = 9
 
+def is_group_sid_type(type):
+    return type in (SidTypeGroup, SidTypeAlias, SidTypeWellKnownGroup)
+
 def myntlm(x):
     hash = hashlib.new('md4', x.encode('utf-16le')).digest()
     return str(binascii.hexlify(hash))
@@ -298,8 +301,8 @@ class Machine(object):
         for group in doc["data"]["Win32_Group"]:
             if eval(group["Name"]) != group_name:
                 continue
-
-            if group["SIDType"] != SidTypeGroup:
+            
+            if not is_group_sid_type(group["SIDType"]):
                 continue
 
             return eval(group["SID"])
@@ -316,7 +319,7 @@ class Machine(object):
             if eval(group_user["GroupComponent"]["SID"]) != sid:
                 continue
 
-            if group_user["GroupComponent"]["SIDType"] != SidTypeGroup:
+            if not is_group_sid_type(group_user["GroupComponent"]["SIDType"]):
                 continue
             
             if "PartComponent" not in group_user.keys():