BloodHound icon indicating copy to clipboard operation
BloodHound copied to clipboard

Published 20 hours ago verified publisher icon BloodHoundAD

Unsupported OS gives false positives ?

Open 3isenHeiM opened this issue 3 years ago • 1 comments

I'm searching for Unsupported using the pre-built query, and the output mentions several "Windows 10 Enterprise".

Am I missing something ? The regex doesn't include a pattern for Windows 10.

Could it be possible that it checks for the Windows 10 release (eg 21H2 etc...) to mach the unsupported ones ? I doubt since given the rule it does not appear.

image

3isenHeiM avatar Feb 18 '22 13:02 3isenHeiM

This is pretty confusing. I cant replicate this using a regex tester, and the regex string obviously shouldn't match Windows 10. I'll have to dig a bit more into it

rvazarkar avatar Jul 18 '22 20:07 rvazarkar

I've been completely unable to reproduce this on local testing. I have absolutely no idea whats going on here

rvazarkar avatar Aug 01 '22 15:08 rvazarkar

Closing this until I get more info, or can repro

rvazarkar avatar Aug 02 '22 20:08 rvazarkar