guest-account-enabled: Guest Account Enabled

日期: 2025-08-01 | 影响软件: guest-account-enabled | POC: 已公开

漏洞描述

Checks if the Guest account is enabled.

PoC代码[已公开]

id: guest-account-enabled

info:
  name: Guest Account Enabled
  author: princechaddha
  severity: high
  description: Checks if the Guest account is enabled.
  impact: |
    Enabling the Guest account can allow unauthorized users to access the system with minimal restrictions.
  remediation: |
    Disable the Guest account to reduce the risk of unauthorized access.
  tags: windows,user,account,guest,code,windows-audit

self-contained: true

code:
  - pre-condition: |
      IsWindows();
    engine:
      - powershell
      - powershell.exe
    args:
      - -ExecutionPolicy
      - Bypass
    pattern: "*.ps1"
    source: |
      (Get-WmiObject -Class Win32_UserAccount -Filter "Name='Guest' and LocalAccount=True").Disabled

    matchers:
      - type: word
        words:
          - "False"
# digest: 4b0a0048304602210093e2da47777fb5bacd1e11ee44e508fcd2e0b8527889c159c7cd3c4a64e2f167022100a23bb59c3525976e99ead643adab4f61fd978ed1c0e9544981b2ed12aa8f3734:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./code/windows/audit/guest-account-enabled.yaml