Add additional common SIDs

zeroSteiner · zeroSteiner · commit 389e8af22334 · 2025-03-21T10:01:04.000-04:00
diff --git a/modules/auxiliary/gather/ldap_esc_vulnerable_cert_finder.rb b/modules/auxiliary/gather/ldap_esc_vulnerable_cert_finder.rb
@@ -218,10 +218,17 @@ def query_ldap_server_certificates(esc_raw_filter, esc_id, notes: [])
   def map_sids_to_names(sids_array)
     mapped = []
     sids_array.each do |sid|
-      # this common SID doesn't always have an entry
-      if sid == Rex::Proto::Secauthz::WellKnownSids::SECURITY_AUTHENTICATED_USER_SID
+      # these common SIDs don't always have an entry
+      case sid
+      when Rex::Proto::Secauthz::WellKnownSids::SECURITY_AUTHENTICATED_USER_SID
         mapped << SID.new(sid, 'Authenticated Users')
         next
+      when Rex::Proto::Secauthz::WellKnownSids::SECURITY_ENTERPRISE_CONTROLLERS_SID
+        mapped << SID.new(sid, 'Enterprise Domain Controllers')
+        next
+      when Rex::Proto::Secauthz::WellKnownSids::SECURITY_LOCAL_SYSTEM_SID
+        mapped << SID.new(sid, 'Local System')
+        next
       end
 
       sid_entry = get_object_by_sid(sid)
