AdFind V01.52.00 is close to release. It went slow because I finally worked on integrating boost::regex functionality into AdFind. Including both match and substitute functionality. The regex components will be considered beta for a few versions as there is a lot to figure out here and how people will use it. Also it isn’t my code, I am just pulling in the boost functionality. It is pretty close to perl regular expressions but not exactly.
If you want to play with the release candidate beta, you can find it at https://www.joeware.net/downloads/beta/rc
List of fixes/updates:
//* V01.52.00 2019.0514 o 05/14 Convert to VS 2019 *
//* Add 2K19 RootDSE decodes *
//* Change all rootdse to have nopaging *
//* Alias expandfilter 4 filterbreakdown*
//* Add more usage for -mvfilter *,? *
//* Fixed stupid MSFT LDAP URL format *
//* o 05/20 BUGFIX: -e base override *
//* BUGFIX: jcsv changed to jcsv2 *
//* BUGFIX: otherWellKnownObjects *
//* BUGFIX: Shortcut doc bug *
//* BUGFIX: -metamvcsv \0x01\0x01 *
//* BUGFIX: Bug in remove attribs- func *
//* BUGFIX: -sc psomgr sort&displayname *
//* BUGFIX: usage missing -(s)elapsedms *
//* BUGFIX: sddl(not)filter – -> ~ *
//* BUGFIX: Invalid format -tdc(s)fmt *
//* o 05/21 BUGFIX: Fixed usage for tdctzstr *
//* BUGFIX: -alldc binary attrib decode *
//* o 05/23 BUGFIX: LDS appnc user error fix *
//* o 05/26 BUGFIX: crash bug LDS tokengroups *
//* Added Special base MSA *
//* BUGFIX: MSDS-Cached-Membership resol*
//* BUGFIX: currenttime preload gtime *
//* BUGFIX: -fgpp missing usage info *
//* o 05/27 BUGFIX: Fix multiple special bases *
//* Added -jsd(e)nlb switches *
//* BUGFIX: SC sitelinkdmp no site speci*
//* BUGFIX: Removed "non-specific" for *
//* for domain admins, et ali *
//* o 05/29 BUGFIX: added options to sitelinkdmp*
//* BUGFIX: Removed forced base on *
//* following shortcuts: *
//* sddldump,getacl *
//* caclnoinherit,aclnoinherit*
//* cexplaces,explaces *
//* o 05/30 BUGFIX: Bug in jsd(e)nlb with filter*
//* BUGFIX: Add O=* to structure filter *
//* o 05/31 BUGFIX: Allow specify position for *
//* _OBJECT_OWNER "attrib" CSV*
//* BUGFIX: -owneronly not in CSV output*
//* BUGFIX: Added sddl_explicit to allow*
//* for use of -jsde* w/ notfilt*
//* BUGFIX: Fixed nasty silent crash bug*
//* in -decsddlacl, what a PITA *
//* NOTE: All of the SDDL/SD/ACL/SACL/ *
//* SID resolve code ispissingmeoff*
//* o 06/01 BUGFIX: Password prompt going into *
//* CSV output when prompted -up * *
//* BUGFIX: Added -hh / -url to adcsv *
//* o 06/02 FEATUREFIX: Changed mv(not)filter to*
//* to allow multiple values for *
//* one attr to be specified like *
//* attr1=val1;val2;val3 instead of *
//* attr1=val1;attr1=val2;attr1=val3*
//* BUGFIX: Fixed non-rfc -url default *
//* =======LET THE DCRS BEGIN======= *
//* Added -x (HINT MODE) switch *
//* o 06/03 Added AJ FIX *
//* o 06/16 Allowed filterbreakdown to use -f *
//* Alert on -f with no = *
//* Added -pause *
//* Added -norrerr (range retr no err) *
//* o 06/18 ldap SID resolve was broken, fixed *
//* o 06/24 Added msDS-TrustForestTrustInfo to *
//* -sc trustdmp *
//* Added addtl trustAttribute decodes *
//* BUGFIX: Fixed trustType decode MIT *
//* Changed -ownercsv to not be special *
//* Added -recmutedsq *
//* Added -incllike,-excllike *
//* Added -bb xx (scope base -b xx) *
//* Added Replica Set/GUID to -extsrvinf*
//* o 06/26 Added -sddlpsflag *
//* BUGFIX: non-specific SID resolve for*
//* defaultsecuritydescriptors *
//* o 06/28 Added additional OID decodes *
//* Identify more non-MSFT directories *
//* o 07/01 BUGFIX: Bug in new filter explicits *
//* o 07/07 Added -rawsddlexpl *
//* Added -rawsddlnl *
//* o 07/08 Updated how -sddl_epxlicit works, *
//* uses the -rawsddlnl functiounality*
//* BUGFIX: -nopagingcheck *
//* Added -alldcd, -alldc + tdcda *
//* o 07/09 BUGFIX: Fixed -bit DNWDATA *
//* o 07/18 BUGFIX: Fixed bug in exterr info for*
//* initial bind functions as *
//* well as switching to stdout*
//* o 07/20 Added -noerr, when stdout redirect *
//* will prevent errors going to file *
//* o 07/21 Added staticly defined GUIDs that *
//* MSFT screwed up in schema. *
//* Started work on MSA password decode *
//* o 07/29 BUGFIX: Fixed bug in SID preload w/ *
//* built in mnemonic SIDs *
//* o 08/12 msDS-ManagedPassword decode, not *
//* sure if it works right lol *
//* BUGFIX: -ic with -excldn/-incldn *
//* o 8/13 Added -encguidtohex,-dechextoguid *
//* Added -encsidtohex, -dechextosid *
//* o 08/21 Added noroot param on -sc domainlist*
//* Added -metas, metasl, metasnl *
//* o 09/20 BUGFIX: Decode of oMObjectClass *
//* INFO: Don’t forget -x with -dsq *
//* Added -dsnq (-dsq with no quotes) *
//* o 09/21 Updated dsheuristics to show char#s *
//* o 09/22 Decoding of netlogon -ldapping debug*
//* o 09/28 Decoding of netlogon completed uses *
//* either -samdc or -rootdsedc *
//* Switches -ldapping / -ldappingex *
//* -netlogonexdc (special output) *
//* o 09/29 Bug fix in explicit ACE stripping *
//* o 09/30 BUGFIX: No port listed when -udp *
//* Added more usage info around -url *
//* o 10/01 Added -acecount *
//* Added -fl – formatted list jtsv2 nodn*
//* BUGFIX: Fixed -ef parsing of quotes *
//* Added :report for -sc fgpps/psos *
//* o 10/04 Added -attrvaldelim, -attrprefix *
//* o 10/06 Updated stdin pipein functionality *
//* to handle quoted CSV/TSV and filter *
//* out more garbage fed through the pipe*
//* Add -recmutedsq to usage!!! *
//* BIN: for password *
//* o 10/07 Added -dnbreakout <dn>:<tag> *
//* o 10/10 Added -decdelta *
//* o 10/11 Added currenttime to -extsrvinfo *
//* Fixed -nirs and nirsx *
//* o 10/12 Added -dpcanonical, -cva *
//* o 10/13 Added !closest to -ldapping/ex *
//* Added findpropsetrg alias of permguid*
//* Removed -sc domainlist:canonicalname *
//* as it makes no sense at all *
//* Added -sc domainlist:short option *
//* o 10/14 Added displayname to findpropsetrg *
//* o 10/17 Fixed -nirs/nirsx for real this time *
//* Fixed Garbage DN parsing to handle *
//* single label domains / ADLDS *
//* Renamed -x to -hint *
//* o 10/19 Decode attributesecurityguid with *
//* -schdc decode switch *
//* Decode appliesto on controlAccessRght*
//* objects with added -configdc *
//* o 10/20 Added do/do+ alias delobjs/delobjs+ *
//* Allow user to specify parentdn or *
//* parentcanonical to place anywhere *
//* within CSV, no need for -p switches*
//* BUGFIX: Detection of config/schema *
//* partition DNs was broken for cross *
//* forest situations. *
//* o 10/21 Add -samdc if -netlogonexdc *
//* Added -xmod (manual admod) *
//* Added -sc userinfo *
//* o 10/22 Added shortcuts ldsldapurl:xx, *
//* ldsldapurl:xx, ldsinstances:xx *
//* Allow specifying * for -mvsort and *
//* -mvrsort to sort all MV attribs *
//* Added -ddo *
//* Added -rootdseinternals *
//* Added virtual LDAPURL/LDAPSURL to *
//* CRootDSE Class *
//* o 10/23 BUGFIX: Fixed new bug in CRootDSE 😉 *
//* o 10/26 Added jwregex_match function, not *
//* hooked into anything but -joetest *
//* o 11/01 Added -CSVFinalCount *
//* *
//* o 11/02 Moved more errors from stderr>stdout *
//* Fixed filter counts for CSVFinalCount*
//* o 11/15 Fixed case insensitive for regex *
//* Adding regex functionality to all *
//* DisplayXXX functions *
//* o 11/20 Added more regex functionality *
//* Fixed some output bugs from regexfunc*
//* o 12/11 Moved oid gather details to -d2 *
//* o 12/16 Implemented SD regex *
//* Updated -jsd* shortcuts to accept *
//* long form regex m// , s/// *
//* o 12/20 RegEx for SDs for CSV mode *
//* o 12/22 Added -sdcsvsingle *
//* o 12/24 Added better regex input parsing *
//* Fixed -noerr for STDOUT/ERR *
//* Added new usage for switches and scs *
//* BUGFIX: empty regex SD showed {SD} *
//* o 12/27 Added -regex? *
