+------+------------------------------------------------+------+
| TEST | CREDS > WinLogon | VULN |
+------+------------------------------------------------+------+
| DESC | Parse the Winlogon registry keys and check whether |
| | they contain any clear-text password. Entries that |
| | have an empty password field are filtered out. |
+------+-------------------------------------------------------+
[*] Found 1 result(s).
Domain :
Username :
Password :
This may occur if the values DefaultPassword or AltDefaultPassword exist but are empty. Indeed, the code only checks whether the value exist with $null -ne ....
if ($null -ne $RegItem.DefaultPassword) {
# ...
}
if ($null -ne $RegItem.AltDefaultPassword) {
# ....
}
The -ne comparison should be replaced by [System.String]::IsNullOrEmpty().
The script returns empty WinLogon credentials.
This may occur if the values
DefaultPassword
orAltDefaultPassword
exist but are empty. Indeed, the code only checks whether the value exist with$null -ne ...
.The
-ne
comparison should be replaced by[System.String]::IsNullOrEmpty()
.