id: unencrypted-file-sharing-enabled

info:
  name: Unencrypted File Sharing Enabled
  author: princechaddha
  severity: medium
  description: Checks if file sharing is enabled without encryption.
  impact: |
    Unencrypted file sharing exposes sensitive data to interception, leading to potential data breaches.
  remediation: |
    Enable encryption for file sharing to ensure the confidentiality and integrity of shared files.
  tags: windows,file-sharing,encryption,code,windows-audit

self-contained: true

code:
  - pre-condition: |
      IsWindows();
    engine:
      - powershell
      - powershell.exe
    args:
      - -ExecutionPolicy
      - Bypass
    pattern: "*.ps1"
    source: |
      (Get-SmbServerConfiguration).EncryptData

    matchers:
      - type: word
        words:
          - "False"
# digest: 4a0a0047304502207b08bd8e3e302c5c2d8b88d9a3261f48c16068e07ca051d48ce5a5ccb3252814022100ae790a3ff45aead896d20fb3d7c18c8b1b1180c100738410afca381386e335a0:922c64590222798bb761d5b6d8e72950