@@ -9,7 +9,7 @@ function Get-GPPPassword {
99 License: BSD 3-Clause
1010 Required Dependencies: None
1111 Optional Dependencies: None
12- Version: 2.3.0
12+ Version: 2.3.2
1313
1414. DESCRIPTION
1515
@@ -19,29 +19,41 @@ function Get-GPPPassword {
1919
2020 PS C:\> Get-GPPPassword
2121
22- Password : {password12}
23- Changed : {2014-02-21 05:28:53}
24- UserName : {test1}
25- NewName : {}
26- File : \\DEMO.LAB\SYSVOL\demo.lab\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Preferences\DataSources
27-
28- Password : {Recycling*3ftw!, password123, password1234}
29- Changed : {2013-07-02 05:43:21, 2014-02-21 03:33:07, 2014-02-21 03:33:48}
30- UserName : {Administrator (built-in), DummyAccount, dummy2}
31- NewName : {mspresenters, $null, $null}
32- File : \\DEMO.LAB\SYSVOL\demo.lab\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Preferences\Groups
33-
34- Password : {password, password1234$}
35- Changed : {2014-02-21 05:29:53, 2014-02-21 05:29:52}
36- UserName : {administrator, admin}
37- NewName : {}
38- File : \\DEMO.LAB\SYSVOL\demo.lab\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Preferences\ScheduledTasks
39-
40- Password : {password, read123}
41- Changed : {2014-02-21 05:30:14, 2014-02-21 05:30:36}
42- UserName : {DEMO\Administrator, admin}
43- NewName : {}
44- File : \\DEMO.LAB\SYSVOL\demo.lab\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Preferences\Services
22+ NewName : [BLANK]
23+ Changed : {2014-02-21 05:28:53}
24+ Passwords : {password12}
25+ UserNames : {test1}
26+ File : \\DEMO.LAB\SYSVOL\demo.lab\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Preferences\DataSources\DataSources.xml
27+
28+ NewName : {mspresenters}
29+ Changed : {2013-07-02 05:43:21, 2014-02-21 03:33:07, 2014-02-21 03:33:48}
30+ Passwords : {Recycling*3ftw!, password123, password1234}
31+ UserNames : {Administrator (built-in), DummyAccount, dummy2}
32+ File : \\DEMO.LAB\SYSVOL\demo.lab\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Preferences\Groups\Groups.xml
33+
34+ NewName : [BLANK]
35+ Changed : {2014-02-21 05:29:53, 2014-02-21 05:29:52}
36+ Passwords : {password, password1234$}
37+ UserNames : {administrator, admin}
38+ File : \\DEMO.LAB\SYSVOL\demo.lab\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Preferences\ScheduledTasks\ScheduledTasks.xml
39+
40+ NewName : [BLANK]
41+ Changed : {2014-02-21 05:30:14, 2014-02-21 05:30:36}
42+ Passwords : {password, read123}
43+ UserNames : {DEMO\Administrator, admin}
44+ File : \\DEMO.LAB\SYSVOL\demo.lab\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Preferences\Services\Services.xml
45+
46+ . EXAMPLE
47+
48+ PS C:\> Get-GPPPassword | ForEach-Object {$_.passwords} | Sort-Object -Uniq
49+
50+ password
51+ password12
52+ password123
53+ password1234
54+ password1234$
55+ read123
56+ Recycling*3ftw!
4557
4658. LINK
4759
@@ -54,6 +66,9 @@ function Get-GPPPassword {
5466 [CmdletBinding ()]
5567 Param ()
5668
69+ # Some XML issues between versions
70+ Set-StrictMode - Version 2
71+
5772 # define helper function that decodes and decrypts password
5873 function Get-DecryptedCpassword {
5974 [CmdletBinding ()]
@@ -102,7 +117,6 @@ function Get-GPPPassword {
102117
103118 # $FileObject = Get-ChildItem $File
104119 $Filename = Split-Path $File - Leaf
105- $Filepath = Split-Path $File - Parent
106120 [xml ] $Xml = Get-Content ($File )
107121
108122 # declare empty arrays
@@ -120,48 +134,28 @@ function Get-GPPPassword {
120134 switch ($Filename ) {
121135
122136 ' Groups.xml'
123- $Count = $Xml.Groups.User.Count
124- If (! ($Count )) {$Count = 1 }
125- ForEach ($Number in 0 .. ($Count - 1 )){
126- If ($Count -eq 1 ) {$Replace = ' User' else {$Replace = " User[$Number ]"
127- $Cpassword += , $Xml.Groups.User [$Number ].Properties.cpassword
128- $UserName += , $Xml.Groups.User [$Number ].Properties.userName
129- $NewName += , $Xml.Groups.User [$Number ].Properties.newName
130- $Changed += , $Xml.Groups.User [$Number ].changed
131- }
137+ $Cpassword += , $Xml | Select-Xml " /Groups/User/Properties/@cpassword" | Select-Object - Expand Node | ForEach-Object {$_.Value }
138+ $UserName += , $Xml | Select-Xml " /Groups/User/Properties/@userName" | Select-Object - Expand Node | ForEach-Object {$_.Value }
139+ $NewName += , $Xml | Select-Xml " /Groups/User/Properties/@newName" | Select-Object - Expand Node | ForEach-Object {$_.Value }
140+ $Changed += , $Xml | Select-Xml " /Groups/User/@changed" | Select-Object - Expand Node | ForEach-Object {$_.Value }
132141 }
133142
134- ' Services.xml'
135- $Count = $Xml.NTServices.NTService.Count
136- If (! ($Count )) {$Count = 1 }
137- ForEach ($Number in 0 .. ($Count - 1 )){
138- If ($Count -eq 1 ) {$Replace = ' NTService' else {$Replace = " NTService[$Number ]"
139- $Cpassword += , $Xml.NTServices.NTService [$Number ].Properties.cpassword
140- $UserName += , $Xml.NTServices.NTService [$Number ].Properties.accountName
141- $Changed += , $Xml.NTServices.NTService [$Number ].changed
142- }
143+ ' Services.xml'
144+ $Cpassword += , $Xml | Select-Xml " /NTServices/NTService/Properties/@cpassword" | Select-Object - Expand Node | ForEach-Object {$_.Value }
145+ $UserName += , $Xml | Select-Xml " /NTServices/NTService/Properties/@accountName" | Select-Object - Expand Node | ForEach-Object {$_.Value }
146+ $Changed += , $Xml | Select-Xml " /NTServices/NTService/@changed" | Select-Object - Expand Node | ForEach-Object {$_.Value }
143147 }
144148
145149 ' Scheduledtasks.xml'
146- $Count = $Xml.ScheduledTasks.Task.Count
147- If (! ($Count )) {$Count = 1 }
148- ForEach ($Number in 0 .. ($Count - 1 )){
149- If ($Count -eq 1 ) {$Replace = ' Task' else {$Replace = " Task[$Number ]"
150- $Cpassword += , $Xml.ScheduledTasks.Task [$Number ].Properties.cpassword
151- $UserName += , $Xml.ScheduledTasks.Task [$Number ].Properties.runAs
152- $Changed += , $Xml.ScheduledTasks.Task [$Number ].changed
153- }
150+ $Cpassword += , $Xml | Select-Xml " /ScheduledTasks/Task/Properties/@cpassword" | Select-Object - Expand Node | ForEach-Object {$_.Value }
151+ $UserName += , $Xml | Select-Xml " /ScheduledTasks/Task/Properties/@runAs" | Select-Object - Expand Node | ForEach-Object {$_.Value }
152+ $Changed += , $Xml | Select-Xml " /ScheduledTasks/Task/@changed" | Select-Object - Expand Node | ForEach-Object {$_.Value }
154153 }
155154
156- ' DataSources.xml'
157- $Count = $Xml.DataSources.DataSource.Count
158- If (! ($Count )) {$Count = 1 }
159- ForEach ($Number in 0 .. ($Count - 1 )){
160- If ($Count -eq 1 ) {$Replace = ' DataSource' else {$Replace = " DataSource[$Number ]"
161- $Cpassword += , $Xml.DataSources .$Replace.Properties.cpassword
162- $UserName += , $Xml.DataSources .$Replace.Properties.username
163- $Changed += , $Xml.DataSources .$Replace.changed
164- }
155+ ' DataSources.xml'
156+ $Cpassword += , $Xml | Select-Xml " /DataSources/DataSource/Properties/@cpassword" | Select-Object - Expand Node | ForEach-Object {$_.Value }
157+ $UserName += , $Xml | Select-Xml " /DataSources/DataSource/Properties/@username" | Select-Object - Expand Node | ForEach-Object {$_.Value }
158+ $Changed += , $Xml | Select-Xml " /DataSources/DataSource/@changed" | Select-Object - Expand Node | ForEach-Object {$_.Value }
165159 }
166160 }
167161 }
@@ -173,48 +167,47 @@ function Get-GPPPassword {
173167 # append any new passwords to array
174168 $Password += , $DecryptedPassword
175169 }
170+
171+ # put [BLANK] in variables
172+ if (! ($Password )) {$Password = ' [BLANK]'
173+ if (! ($UserName )) {$UserName = ' [BLANK]'
174+ if (! ($Changed )) {$Changed = ' [BLANK]'
175+ if (! ($NewName )) {$NewName = ' [BLANK]'
176176
177177 # Create custom object to output results
178178 $ObjectProperties = @ {' Passwords' = $Password ;
179179 ' UserNames' = $UserName ;
180180 ' Changed' = $Changed ;
181181 ' NewName' = $NewName ;
182- ' File' = $Filepath }
182+ ' File' = $File }
183183
184184 $ResultsObject = New-Object - TypeName PSObject - Property $ObjectProperties
185185 Write-Verbose " The password is between {} and may be more than one value."
186- Return $ResultsObject
187-
186+ if ($ResultsObject ) {Return $ResultsObject }
188187 }
189188
190189 catch {Write-Error $Error [0 ]}
191-
192190 }
193191
194192 try {
195193 # ensure that machine is domain joined and script is running as a domain account
196- if ( ( ((Get-WmiObject Win32_ComputerSystem).partofdomain) -eq $False ) -or ( -not $Env: USERDNSDOMAIN ) )
197- {
194+ if ( ( ((Get-WmiObject Win32_ComputerSystem).partofdomain) -eq $False ) -or ( -not $Env: USERDNSDOMAIN ) ) {
198195 throw ' Machine is not a domain member or User is not a member of the domain.'
199196 }
200197
201198 # discover potential files containing passwords ; not complaining in case of denied access to a directory
202199 Write-Verbose ' Searching the DC. This could take a while.'
203200 $XMlFiles = Get-ChildItem - Path " \\$Env: USERDNSDOMAIN \SYSVOL" - Recurse - ErrorAction SilentlyContinue - Include ' Groups.xml' , ' Services.xml' , ' Scheduledtasks.xml' , ' DataSources.xml'
204201
205- if ( -not $XMlFiles )
206- {
207- throw ' No preference files found.'
208- }
202+ if ( -not $XMlFiles ) {throw ' No preference files found.'
209203
210204 Write-Verbose " Found $ ( $XMLFiles.Count ) files that could contain passwords."
211205
212206 foreach ($File in $XMLFiles ) {
213-
214207 $Result = (Get-GppInnerFields $File.Fullname )
215208 Write-Output $Result
216209 }
217210 }
218211
219212 catch {Write-Error $Error [0 ]}
220- }
213+ }
0 commit comments