From ba3361341307104450628b456d8b19ee047ef10e Mon Sep 17 00:00:00 2001
From: Matt Graeber <mattgraeber@gmail.com>
Date: Sat, 17 Aug 2013 16:31:48 -0400
Subject: Added additional error handling to Get-GPPPassword

---
 Exfiltration/Get-GPPPassword.ps1 | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/Exfiltration/Get-GPPPassword.ps1 b/Exfiltration/Get-GPPPassword.ps1
index c905f08..7dbd23d 100644
--- a/Exfiltration/Get-GPPPassword.ps1
+++ b/Exfiltration/Get-GPPPassword.ps1
@@ -61,12 +61,19 @@
     }  
     
     #ensure that machine is domain joined and script is running as a domain account
-    if (((Get-WmiObject Win32_ComputerSystem).partofdomain) -eq $False) {throw 'Machine is not joined to a domain.'}
-    if (($Env:USERDNSDOMAIN) -eq $Null) {throw 'Account is not a domain account.'}
+    if ( ( ((Get-WmiObject Win32_ComputerSystem).partofdomain) -eq $False ) -or ( -not $Env:USERDNSDOMAIN ) )
+    {
+        throw 'Machine is not joined to a domain.'
+    }
     
     #discover potential files containing passwords ; not complaining in case of denied access to a directory
-    $XMlFiles = Get-ChildItem -Path "\\$Env:USERDNSDOMAIN\SYSVOL" -Recurse -ErrorAction SilentlyContinue -Include 'groups.xml','services.xml','scheduledtasks.xml','datasources.xml'
+    $XMlFiles = Get-ChildItem -Path "\\$Env:USERDNSDOMAIN\SYSVOL" -Recurse -ErrorAction SilentlyContinue -Include 'Groups.xml','Services.xml','Scheduledtasks.xml','DataSources.xml'
     
+    if ( -not $XMlFiles )
+    {
+        throw 'No files containing encrypted passwords found.'
+    }
+
     foreach ($File in $XMLFiles) {
         
         try {
-- 
cgit v1.2.3