search

cyberark / CYBRHardeningCheck

A utility to check CyberArk component servers hardening status
GNU General Public License v3.0
53 stars 25 forks source link

PSM Hardening Check script fails on the 'Check up AppLocker Rules' step #90

Closed Holland2209 closed 2 years ago

Holland2209 commented 2 years ago

Summary

The 'Check up AppLocker Rules' step failed with the following error: Could not verify RunAppLocker. Error: Source:System.Management.Automation; Message: Cannot bind argument to parameter 'ReferenceObject' because it is null.

Please see the output from the Hardening_HealthCheck.log file for the 'Disable ScreenSaver' step:

[2021-12-08 11:43:49] [INFO] Start Step Check up AppLocker Rules [2021-12-08 11:43:49] [INFO] Start verify RunAppLocker [2021-12-08 11:43:49] [VERBOSE] Checking rules for 'Exe'... [2021-12-08 11:43:49] [ERROR] Could not verify RunAppLocker. Error: Source:System.Management.Automation; Message: Cannot bind argument to parameter 'ReferenceObject' because it is null. [2021-12-08 11:43:49] [INFO] Finished Step Check up AppLocker Rules [2021-12-08 11:43:49] [DEBUG] Check up AppLocker Rules (Bad)

image

Holland2209 commented 2 years ago

Hi,

The AppLocker portion still fails after the change.

image

[2021-12-08 05:12:36] [INFO] Start Step Check up AppLocker Rules [2021-12-08 05:12:36] [INFO] Start verify RunAppLocker [2021-12-08 05:12:36] [VERBOSE] Checking rules for 'Exe'... [2021-12-08 05:12:36] [ERROR] Could not verify RunAppLocker. Error: Source:System.Management.Automation; Message: Cannot bind argument to parameter 'ReferenceObject' because it is null. [2021-12-08 05:12:36] [INFO] Finished Step Check up AppLocker Rules [2021-12-08 05:12:36] [DEBUG] Check up AppLocker Rules (Bad)

AngryPanda25 commented 2 years ago

Good Day

I have the same issues on a 2016 server : Cannot bind to argument to parameter referencObject because it is null :

[2021-12-09 09:27:22] [INFO] Start Step Check up AppLocker Rules [2021-12-09 09:27:22] [INFO] Start verify RunAppLocker [2021-12-09 09:27:23] [ERROR] Could not verify RunAppLocker. Error: Source:System.Management.Automation; Message: Cannot bind argument to parameter 'ReferenceObject' because it is null. [2021-12-09 09:27:23] [INFO] Finished Step Check up AppLocker Rules

AssafMiron commented 2 years ago

Hey @Holland2209 and @AngryPanda25 ,

I pushed another change to this section, hopefully solving it This change is now merged to main so you can download the script (not the latest release) or change the line specifically (see more details in the PR #94 )

let us know if it solves the issue

Thanks, Assaf

AngryPanda25 commented 2 years ago

Good Day

The change is showing it needs to be done to the PSMHardeningSteps.psm1 : but i can't seem to find that line in that document

On Thu, Dec 9, 2021 at 9:53 AM Assaf Miron @.***> wrote:

Hey @Holland2209 https://github.com/Holland2209 and @AngryPanda25 https://github.com/AngryPanda25 ,

I pushed another change to this section, hopefully solving it This change is now merged to main so you can download the script (not the latest release) or change the line specifically (see more details in the PR #94 https://github.com/cyberark/CYBRHardeningCheck/pull/94 )

let us know if it solves the issue

Thanks, Assaf

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/cyberark/CYBRHardeningCheck/issues/90#issuecomment-989598710, or unsubscribe https://github.com/notifications/unsubscribe-auth/AOJDGIXPTXNDEHLSXNGSCZ3UQBN6HANCNFSM5JURJFCQ . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

AngryPanda25 commented 2 years ago

Good Day , its doing it now , so thank you for the update.