|
1 | 1 | /* |
2 | 2 | * SharpADIDNS |
3 | 3 | * ------------ |
4 | | - * A standalone C# command-line utility for reading, decoding, creating, |
5 | | - * modifying, tombstoning, and removing Active Directory-integrated DNS |
6 | | - * records over LDAP or LDAPS. |
7 | | - * |
8 | | - * This file contains the full SharpADIDNS implementation, including the CLI |
9 | | - * entry point, argument parsing, credential handling, LDAP binding through |
10 | | - * System.DirectoryServices, ADIDNS zone and dnsNode operations, dnsRecord |
11 | | - * blob construction and parsing, structured JSON output, backup receipts, |
12 | | - * batch execution, PDC targeting checks, and Sliver C2 execute-assembly |
13 | | - * friendly runtime behavior. |
14 | | - * |
15 | | - * Core capabilities: |
16 | | - * - Enumerates ADIDNS zones and dnsNode objects across DomainDnsZones, |
17 | | - * ForestDnsZones, and System partitions. |
18 | | - * - Reads and decodes dnsRecord blobs for common DNS record types. |
19 | | - * - Creates or updates A, AAAA, CNAME, TXT, PTR, SRV, MX, and raw records. |
20 | | - * - Supports soft deletion through tombstoning and hard deletion of dnsNode |
21 | | - * objects. |
22 | | - * - Emits operator-friendly text output or machine-readable JSON receipts. |
23 | | - * - Provides dry-run validation, structured backups, script execution, and |
24 | | - * C2-oriented defaults for unattended execution contexts. |
25 | | - * |
26 | | - * Implementation notes: |
27 | | - * - Targets .NET Framework 4.x. |
28 | | - * - Uses only the .NET Framework standard library and System.DirectoryServices. |
29 | | - * - Implements the ADIDNS DNS_RPC_RECORD layout and DNS_COUNT_NAME encoding |
30 | | - * required for directory-backed DNS record data. |
31 | | - * - Keeps structured stdout clean in JSON mode so receipts can be collected |
32 | | - * reliably by automation or C2 tasking workflows. |
33 | | - * |
34 | | - * Safety and authorization: |
35 | | - * - This tool modifies directory-backed DNS data and can affect name |
36 | | - * resolution across an Active Directory environment. |
37 | | - * - Use only in authorized red-team engagements, penetration tests, internal |
38 | | - * assessments, and lab environments. |
39 | | - * - Prefer dry-run validation and backup capture before destructive or |
40 | | - * high-impact operations such as wildcard records, tombstoning, hard |
41 | | - * deletion, or updates to sensitive names such as WPAD and ISATAP. |
| 4 | + * A C# CLI tool for reading and modifying AD-Integrated DNS records over LDAP, |
| 5 | + * built for serious red teaming and packed with tradecraft features tailored |
| 6 | + * for Sliver C2 execute-assembly. |
42 | 7 | */ |
43 | 8 |
|
44 | 9 | using System; |
|
0 commit comments