diff --git a/winPEAS/winPEASexe/winPEAS/Checks/SystemInfo.cs b/winPEAS/winPEASexe/winPEAS/Checks/SystemInfo.cs index 310071f..ab046f5 100644 --- a/winPEAS/winPEASexe/winPEAS/Checks/SystemInfo.cs +++ b/winPEAS/winPEASexe/winPEAS/Checks/SystemInfo.cs @@ -387,21 +387,28 @@ namespace winPEAS.Checks static void PrintCachedCreds() { - Beaprint.MainPrint("Cached Creds"); - Beaprint.LinkPrint("https://book.hacktricks.xyz/windows-hardening/stealing-credentials/credentials-protections#cached-credentials", "If > 0, credentials will be cached in the registry and accessible by SYSTEM user"); - string cachedlogonscount = RegistryHelper.GetRegValue("HKLM", @"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon", "CACHEDLOGONSCOUNT"); - if (!string.IsNullOrEmpty(cachedlogonscount)) + try { - int clc = Int16.Parse(cachedlogonscount); - if (clc > 0) + Beaprint.MainPrint("Cached Creds"); + Beaprint.LinkPrint("https://book.hacktricks.xyz/windows-hardening/stealing-credentials/credentials-protections#cached-credentials", "If > 0, credentials will be cached in the registry and accessible by SYSTEM user"); + string cachedlogonscount = RegistryHelper.GetRegValue("HKLM", @"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon", "CACHEDLOGONSCOUNT"); + if (!string.IsNullOrEmpty(cachedlogonscount)) { - Beaprint.BadPrint(" cachedlogonscount is " + cachedlogonscount); - } - else - { - Beaprint.BadPrint(" cachedlogonscount is " + cachedlogonscount); + int clc = Int16.Parse(cachedlogonscount); + if (clc > 0) + { + Beaprint.BadPrint(" cachedlogonscount is " + cachedlogonscount); + } + else + { + Beaprint.BadPrint(" cachedlogonscount is " + cachedlogonscount); + } } } + catch (Exception ex) + { + Beaprint.PrintException(ex.Message); + } } static void PrintUserEV()