search

cyberark / CYBRHardeningCheck

A utility to check CyberArk component servers hardening status
GNU General Public License v3.0
53 stars 25 forks source link

Searching for Hardening_Scripts_Folder is hanging #97

Open ediulia opened 2 years ago

ediulia commented 2 years ago

Summary

Main.ps1 is hanging on searching Hardening_Scripts_Folder after the next line output: Start looking for hardening folders named 'InstallationAutomation'

I also found script is only scanning the system drive $ENV:SystemDrive*

Steps to Reproduce

Run the Script on the hardened vault remotely

Expected Results

The script should finish searching and completing the report

Actual Results

The script is stack on: Start looking for hardening folders named 'InstallationAutomation'

Reproducible

Version/Tag number

What version of the product are you running? Any version info that you can share is helpful. For example, you might give the version from Docker logs, the Docker tag, a specific download URL, the output of the /info route, etc.

Environment setup

Running the script from remote WinRM session

Additional Information

The bug has been identified in the main.ps1 in the Function Out-HardeningFolderPath

  1. Script is only searching for folders in the system drive only ($ENV:SystemDrive*). main.ps1 - line 410
  2. main.ps1 line 414 -while doesn't reach the timeout and keeps searching forever as $now not defined parameter is used for the condition check
ediulia commented 2 years ago

I also don't understand the purpose of this search in the report. InstallationAutomation folder it's a part of the installation package and not always stored on the server after the product installation completed I would recommend removing that step from the report After removing that recommendation - script runtime reduces from 4 minutes to 40 seconds including network copy