Filter out session domain names with spaces

Author: rvazarkar

SharpHound3/ResolutionHelpers.cs

@@ -257,6 +257,10 @@ private static string GetDomainControllerForDomain(string domainName)
             string accountDomain)
         {
             var domain = Helpers.NormalizeDomainName(accountDomain);
+            //If we have a space in the domain name, its most likely NT AUTHORITY or some other variation, and its not a valid name either way. Ignore it
+            if (domain.Contains(" "))
+                return (false, null, LdapTypeEnum.Unknown);
+
             var key = new UserDomainKey
             {
                 AccountDomain = domain,

SharpHound3/Tasks/LoggedOnTasks.cs

@@ -112,7 +112,11 @@ private static async Task<List<Session>> GetLoggedOnUsersAPI(Computer computer)
                         continue;
 
                     //Remove blank accounts and computer accounts
-                    if (username.Trim() == "" || username.EndsWith("$"))
+                    if (username.Trim() == "" || username.EndsWith("$") || username == "ANONYMOUS LOGON" || username == Options.Instance.CurrentUserName)
+                        continue;
+
+                    //Any domain with a space is unusable (ex: NT AUTHORITY, FONT DRIVER HOST)
+                    if (domain.Contains(" "))
                         continue;
 
                     var (rSuccess, sid, _) = await ResolutionHelpers.ResolveAccountNameToSidAndType(username, domain);