refactor: remove localuser_spray automation and update domain naming to contoso.local#324
Merged
Merged
Conversation
…ta to contoso.local **Changed:** - Updated test data across modules from "sevenkingdoms.local" and "example.com" to "contoso.local" and similar modern domain names for consistency and clarity - Replaced test user/domain/hostnames in orchestrator, dedup, credential expansion, PTH spray, and domain probe with contoso.local, fabrikam.local, and child.contoso.local - Updated documentation comments and user guidance strings to use contoso.local and related domains instead of placeholder or legacy examples - Improved domain attribution logic in hash extraction to more accurately assign built-in accounts (e.g., Administrator) to domains when dump evidence is present - Adjusted hash parsing logic and tests to ensure Administrator and other built-ins are attributed to the correct domain in both ares-cli and ares-tools **Removed:** - Removed the `localuser_spray` automation module, associated test cases, and all references to its deduplication set and strategy weights - Eliminated `auto_localuser_spray` from automation spawner and public exports - Deleted deduplication constant and set for localuser_spray in state management - Removed localuser_spray weights from all orchestrator strategy profiles - Cleared localuser_spray from dedup set arrays and related orchestrator tests
**Added:** - Added detailed instructions and example commands for running a full clean test cycle on EC2, including environment setup, deployment, and Redis wipe to README.md and AGENTS.md - Provided warnings about `ulimit` and zig linker limitations in documentation **Removed:** - Removed `test.sh` script as its functionality is now fully documented in markdown guides and is redundant
**Changed:** - Expanded EC2 test cycle example to set and reuse shell variables for EC2_NAME, TARGET, and BLUE_ENABLED to improve clarity and reduce repetition - Moved shell setup commands (ulimit, export S3_BUCKET) out of comments and into executable lines for better usability - Updated all task command examples to reference shell variables instead of hardcoded values, making instructions more adaptable
…for retry **Added:** - Added detection of common failure markers in raise_child output even when exit status is zero; raise_child now marks result as failed if such markers are found - Added unit tests to verify detection of SessionError and KDC_ERR_ in raise_child output, as well as correct success handling without such markers **Changed:** - Updated auto_trust_follow to clear deduplication state and allow retry when raise_child reports error or fails to dispatch, improving reliability of trust-follow logic
dreadnode-renovate-bot
Bot
added
the
area/docs
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #324 +/- ##
==========================================
+ Coverage 78.83% 78.85% +0.01%
==========================================
Files 439 438 -1
Lines 125591 125532 -59
==========================================
- Hits 99012 98983 -29
+ Misses 26579 26549 -30
🚀 New features to boost your workflow:
|
**Changed:** - Reformatted test code to reduce unnecessary line breaks and improve code readability in test modules for credential_expansion.rs, pth_spray.rs, inner.rs, and publishing/credentials.rs - Updated multi-line function calls and chained method calls to use more concise, consistent formatting in test setups
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Key Changes:
localuser_sprayautomation module and all related referencesAdded:
cycle in README.md and AGENTS.md with explicit shell commands, variable
definitions, and troubleshooting tips for file descriptor limits
privesc::delegation::raise_childand improved test coverage forhash/domain attribution edge cases
Changed:
north.sevenkingdoms.local,sevenkingdoms.local, and similar withchild.contoso.localorcontoso.localacross code, tests, and sample data for clarity andconsistency
instructions, including required environment variables and shell notes
is_well_known_local_samandparse_secretsdumpto ensure Administrator hashes from NTDS/domain dumps areproperly attributed to the correct domain, fixing escalation path bugs
raise_childby inspectingstdout/stderr for Kerberos and Python exception markers, unmarking dedup keys
on failure for reliable retry behavior
the codebase to use the new contoso.local naming convention
Removed:
localuser_spray.rsand allreferences in orchestrator task spawning, module imports, deduplication sets,
and strategy weighting
test.shfor EC2 deployment cycle (now replaced by newdocumentation)