Merge pull request #250 from Yamato-Security/fix-reg-destroy

fix: optimize registry path checks in WELA.ps1
2026-03-25 22:12:43 +01:00 · 2026-02-13 09:31:26 +09:00
parent 4fffc34407 f8d259e895
commit 8576dc77f1
3 changed files with 25 additions and 6 deletions
--- a/CHANGELOG-Japanese.md
+++ b/CHANGELOG-Japanese.md
@@ -1,5 +1,11 @@
 # CHANGELOG

+## 2.1.0 [2026/02/13] - Winter Release
+
+**バグ修正:**
+
+- 設定によりドメインコントローラのNetlogonが破損する可能性があった。 (#243) (@fukusuket) (この件を報告してくれた@feiglein74に感謝!)
+
 ## 2.0.0 [2025/11/16] - CODE BLUE リリース

 **新機能:**
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # CHANGELOG

+## 2.1.0 [2026/02/13] - Winter Release
+
+**Bug Fixes:**
+
+- Configuration might break Netlogon on Domain Controllers. (#243) (@fukusuket) (Thanks to @feiglein74 for reporting this!)
+
 ## 2.0.0 [2025/11/16] - CODE BLUE Release

 **New Features:**
--- a/WELA.ps1
+++ b/WELA.ps1
@@ -5522,7 +5522,8 @@ function Set-RegistryConfig {
    foreach ($reg in $RegPaths) {
        try {
            $currentValue = "Not Set"
-            if (Test-Path $reg.Path) {
+            $pathExists = Test-Path $reg.Path
+            if ($pathExists) {
                $prop = Get-ItemProperty -Path $reg.Path -Name $reg.Name -ErrorAction SilentlyContinue
                if ($prop) {
                    $currentValue = $prop.$($reg.Name)
@@ -5540,7 +5541,9 @@ function Set-RegistryConfig {
                $response = Read-Host "Your current setting is $currentValue. Do you want to change it to $( $reg.Value )? (Y/n)"
            }
            if ($response -eq "" -or $response -eq "Y" -or $response -eq "y") {
-                New-Item -Path $reg.Path -Force | Out-Null
+                if (-not $pathExists) {
+                    New-Item -Path $reg.Path -Force | Out-Null
+                }
                Set-ItemProperty -Path $reg.Path -Name $reg.Name -Value $reg.Value -Type DWord
                Write-Host "[OK] Set $($reg.Name)" -ForegroundColor Green
            } else {
@@ -5714,7 +5717,8 @@ function ConfigureAuditSettings {
    try {
        $moduleLoggingPath = "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\PowerShell\ModuleLogging\ModuleNames"
        $currentValue = "Not Set"
-        if (Test-Path $moduleLoggingPath) {
+        $pathExists = Test-Path $moduleLoggingPath
+        if ($pathExists) {
            $prop = Get-ItemProperty -Path $moduleLoggingPath -Name "*" -ErrorAction SilentlyContinue
            if ($prop) {
                $currentValue = $prop."*"
@@ -5736,7 +5740,10 @@ function ConfigureAuditSettings {
            }
            if ($response -eq "" -or $response -eq "Y" -or $response -eq "y")
            {
-                New-Item -Path $moduleLoggingPath -Force | Out-Null
+                if (-not $pathExists)
+                {
+                    New-Item -Path $moduleLoggingPath -Force | Out-Null
+                }
                Set-ItemProperty -Path $moduleLoggingPath -Name "*" -Value "*" -Type String
                Write-Host "[OK] Module logging enabled for all modules" -ForegroundColor Green
            }
@@ -5982,7 +5989,7 @@ Usage:
 [Console]::OutputEncoding = [System.Text.Encoding]::UTF8
 Write-Host $logo -ForegroundColor Green
 Write-Host ""
-Write-Host "WELA v2.0.0 - CODE BLUE Release"
+Write-Host "WELA v2.1.0 - Winter Release"
 Write-Host ""

 switch ($Cmd.ToLower()) {
@@ -6063,4 +6070,4 @@ switch ($Cmd.ToLower()) {
        Write-Host "Invalid command. Use 'help' to see available commands."
        Write-Host $usage
    }
-}
+}