diff options
| author | Jon Cave <jon.cave@mwrinfosecurity.com> | 2016-06-27 17:52:28 +0200 |
|---|---|---|
| committer | Jon Cave <jon.cave@mwrinfosecurity.com> | 2016-06-27 17:52:28 +0200 |
| commit | 5a05a024b675f9483b7e3b2fa37e472400642330 (patch) | |
| tree | ff76672ec378b65b5003405d8eae83a07dc85056 /Recon | |
| parent | 81ac124f2211799207711fcd1b5fadb0091510f6 (diff) | |
| download | PowerSploit-5a05a024b675f9483b7e3b2fa37e472400642330.tar.gz PowerSploit-5a05a024b675f9483b7e3b2fa37e472400642330.zip | |
Fix Get-GroupsXML for multiple <Group> tags
Select all <Group> nodes and iterate through them, not just the root
<Groups> node.
Diffstat (limited to 'Recon')
| -rwxr-xr-x | Recon/PowerView.ps1 | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/Recon/PowerView.ps1 b/Recon/PowerView.ps1 index a636bf1..be6401a 100755 --- a/Recon/PowerView.ps1 +++ b/Recon/PowerView.ps1 @@ -6141,12 +6141,12 @@ filter Get-GroupsXML { [XML]$GroupsXMLcontent = Get-Content $TargetGroupsXMLPath -ErrorAction Stop # process all group properties in the XML - $GroupsXMLcontent | Select-Xml "//Groups" | Select-Object -ExpandProperty node | ForEach-Object { + $GroupsXMLcontent | Select-Xml "/Groups/Group" | Select-Object -ExpandProperty node | ForEach-Object { - $Groupname = $_.Group.Properties.groupName + $Groupname = $_.Properties.groupName # extract the localgroup sid for memberof - $GroupSID = $_.Group.Properties.GroupSid + $GroupSID = $_.Properties.groupSid if(-not $LocalSid) { if($Groupname -match 'Administrators') { $GroupSID = 'S-1-5-32-544' @@ -6163,7 +6163,7 @@ filter Get-GroupsXML { } # extract out members added to this group - $Members = $_.Group.Properties.members | Select-Object -ExpandProperty Member | Where-Object { $_.action -match 'ADD' } | ForEach-Object { + $Members = $_.Properties.members | Select-Object -ExpandProperty Member | Where-Object { $_.action -match 'ADD' } | ForEach-Object { if($_.sid) { $_.sid } else { $_.name } } @@ -6171,8 +6171,8 @@ filter Get-GroupsXML { if ($Members) { # extract out any/all filters...I hate you GPP - if($_.Group.filters) { - $Filters = $_.Group.filters.GetEnumerator() | ForEach-Object { + if($_.filters) { + $Filters = $_.filters.GetEnumerator() | ForEach-Object { New-Object -TypeName PSObject -Property @{'Type' = $_.LocalName;'Value' = $_.name} } } |