From 5d2353641b51006a4a5369d4556c4f377cd262ce Mon Sep 17 00:00:00 2001
From: anemeth <anemeth@specterops.io>
Date: Wed, 8 Jan 2025 15:30:54 -0800
Subject: [PATCH] Check blacklist against global catalog connections too

---
 src/CommonLib/LdapConnectionPool.cs | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/CommonLib/LdapConnectionPool.cs b/src/CommonLib/LdapConnectionPool.cs
index d9cf7328..604591a2 100644
--- a/src/CommonLib/LdapConnectionPool.cs
+++ b/src/CommonLib/LdapConnectionPool.cs
@@ -618,6 +618,10 @@ private bool CallDsGetDcName(string domainName, out NetAPIStructs.DomainControll
         }
 
         public async Task<(bool Success, LdapConnectionWrapper ConnectionWrapper, string Message)> GetGlobalCatalogConnectionAsync() {
+            if (_blacklistedDomains.Contains(_identifier)) {
+                return (false, null, $"Identifier {_identifier} blacklisted for connection attempt");
+            }
+            
             if (!_globalCatalogConnection.TryTake(out var connectionWrapper)) {
                 var (success, connection, message) = await CreateNewConnection(true);
                 if (!success) {