From b54798d1d291a59549bf71109206d2c48b2222d5 Mon Sep 17 00:00:00 2001
From: mick <mick@threelions.ch>
Date: Thu, 31 Dec 2020 08:40:34 +0100
Subject: [PATCH] Allow method registry for users (HKCU) in HailMary mode

---
 Invoke-HardeningKitty.ps1 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Invoke-HardeningKitty.ps1 b/Invoke-HardeningKitty.ps1
index d786be4..aacaca1 100644
--- a/Invoke-HardeningKitty.ps1
+++ b/Invoke-HardeningKitty.ps1
@@ -1066,7 +1066,7 @@
             #
             If ($Finding.Method -eq 'Registry' -or $Finding.Method -eq 'RegistryList') {
                 
-                If (-not($IsAdmin)) {
+                If (-not($IsAdmin) -and -not($Finding.RegistryPath.StartsWith("HKCU:\"))) {
                     $Message = "ID "+$Finding.ID+", "+$Finding.Name+", Method "+$Finding.Method+" requires admin priviliges. Test skipped."
                     Write-ProtocolEntry -Text $Message -LogLevel "Error"
                     Continue