Powershell Script to Fix Unquoted Path Vulnerability

# This script is designed to fix an unquoted path vulnerability that could be detected as a vulnerability
# Designed for Powershell

$Username = 'username'
$Password = 'password'
$pass = ConvertTo-SecureString -AsPlainText $Password -Force
$Cred = New-Object System.Management.Automation.PSCredential -ArgumentList $Username,$pass

# Resolve the IP Address to a Hostname
$hostName = [System.Net.DNS]::GetHostbyAddress("IP Address").HostName

# Created to change the unquoted path for "A Service"
$info = Invoke-Command -ComputerName $hostName -ScriptBlock {
    (Get-ItemProperty "hklm:\SYSTEM\CurrentControlSet\Services\Service Name" -Name ImagePath).ImagePath
} -credential $Cred

if ($info -eq 'Z:\Path Name')
{
    Write-Host "Service does not contain quotes adding them for Service"
    Invoke-Command -ComputerName $hostName -ScriptBlock {
        Set-ItemProperty "hklm:\SYSTEM\CurrentControlSet\Services\Service Name" -Name ImagePath -Value '"Z:\Path Name"'
    } -credential $Cred
}

Comments

Popular posts from this blog

Netflix Streaming Blocked by Sophos UTM

BSides 2016 Hackers Challenge

VBA - Script to Download a file from a URL

IoT Malware Analysis - CnC Server - Part 3

vulnhub - Pandora's Box by c0ne Level 1 - Following walkthrough by strata