more Intel AMT ACM work.

This commit is contained in:
Ylian Saint-Hilaire 2019-06-19 17:59:03 -07:00
parent c2cb31f402
commit 2bc14decd2
34 changed files with 4310 additions and 31 deletions

2005
agents/meshcmd.min.js vendored Normal file

File diff suppressed because one or more lines are too long

2233
agents/meshcore.min.js vendored Normal file

File diff suppressed because it is too large Load Diff

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -0,0 +1 @@
function AMTScanner(){var a=require("events").inherits(this);a.createEvent("found");this.dgram=require("dgram");this.buildRmcpPing=function(c){var b=Buffer.from("06000006000011BE80000000","hex");b[9]=c;return b};this.parseRmcpPacket=function(h,b,g,d){if(b==null||b.length<20){return}var f={};if(((b[12]==0)||(b[13]!=0)||(b[14]!=1)||(b[15]!=87))&&(b[21]&32)){f.servertag=b[9];f.minorVersion=b[18]&15;f.majorVersion=(b[18]>>4)&15;f.provisioningState=b[19]&3;var e=(b[16]*256)+b[17];var c=((b[19]&4)!=0)?true:false;f.openPorts=[e];f.address=g.address;if(c==true){f.openPorts=[16992,16993]}if(d!==undefined){d(h,f)}}};this.parseIPv4Range=function(f){if(f==undefined||f==null){return null}var g=f.split("-");if(g.length==2){return{min:this.parseIpv4Addr(g[0]),max:this.parseIpv4Addr(g[1])}}g=f.split("/");if(g.length==2){var c=this.parseIpv4Addr(g[0]),e=parseInt(g[1]),d=0;if(e<=16||e>32){return null}e=32-e;for(var b=0;b<e;b++){d=(d<<1);d++}return{min:c&(4294967295-d),max:(c&(4294967295-d))+d}}g=this.parseIpv4Addr(f);if(g==null){return null}return{min:g,max:g}};this.parseIpv4Addr=function(b){var c=b.split(".");if(c.length==4){return(parseInt(c[0])<<24)+(parseInt(c[1])<<16)+(parseInt(c[2])<<8)+(parseInt(c[3])<<0)}return null};this.IPv4NumToStr=function(b){return((b>>24)&255)+"."+((b>>16)&255)+"."+((b>>8)&255)+"."+(b&255)};this.scan=function(d,g){var c=this.parseIPv4Range(d);var e=this.buildRmcpPing(0);var f=this.dgram.createSocket({type:"udp4"});f.parent=this;f.scanResults=[];f.on("error",function(i){console.log("Error:"+i)});f.on("message",function(i,j){if(j.size>4){this.parent.parseRmcpPacket(this,i,j,function(l,k){l.scanResults.push(k)})}});f.on("listening",function(){for(var j=c.min;j<=c.max;j++){f.send(e,623,f.parent.IPv4NumToStr(j))}});f.bind({address:"0.0.0.0",port:0,exclusive:true});var h=setTimeout(function b(){f.close();f.parent.emit("found",f.scanResults);delete f},g)}}module.exports=AMTScanner;

File diff suppressed because one or more lines are too long

View File

@ -0,0 +1 @@
function CreateWsmanComm(){var a={};a.PendingAjax=[];a.ActiveAjaxCount=0;a.MaxActiveAjaxCount=1;a.FailAllError=0;a.digest=null;a.RequestCount=0;if(arguments.length==1&&typeof(arguments[0]=="object")){a.host=arguments[0].host;a.port=arguments[0].port;a.authToken=arguments[0].authToken;a.tls=arguments[0].tls}else{a.host=arguments[0];a.port=arguments[1];a.user=arguments[2];a.pass=arguments[3];a.tls=arguments[4]}a.PerformAjax=function(d,c,f,e,g,b){if((a.ActiveAjaxCount==0||((a.ActiveAjaxCount<a.MaxActiveAjaxCount)&&(a.challengeParams!=null)))&&a.PendingAjax.length==0){a.PerformAjaxEx(d,c,f,g,b)}else{if(e==1){a.PendingAjax.unshift([d,c,f,g,b])}else{a.PendingAjax.push([d,c,f,g,b])}}};a.PerformNextAjax=function(){if(a.ActiveAjaxCount>=a.MaxActiveAjaxCount||a.PendingAjax.length==0){return}var b=a.PendingAjax.shift();a.PerformAjaxEx(b[0],b[1],b[2],b[3],b[4]);a.PerformNextAjax()};a.PerformAjaxEx=function(d,c,g,h,b){if(a.FailAllError!=0){if(a.FailAllError!=999){a.gotNextMessagesError({status:a.FailAllError},"error",null,[d,c,g])}return}if(!d){d=""}if(globalDebugFlags&1){console.log("SEND: "+d+"\r\n\r\n")}if(a.digest==null){if(a.authToken){a.digest=require("http-digest").create({authToken:a.authToken})}else{a.digest=require("http-digest").create(a.user,a.pass)}a.digest.http=require("http")}var f={protocol:(a.tls==1?"https:":"http:"),method:"POST",host:a.host,path:"/wsman",port:a.port,rejectUnauthorized:false,checkServerIdentity:function(i){console.log("checkServerIdentity",JSON.stringify(i))}};var e=a.digest.request(f);e.on("error",function(i){a.gotNextMessagesError({status:600},"error",null,[d,c,g])});e.on("response",function(i){if(globalDebugFlags&1){console.log("Response: "+i.statusCode)}if(i.statusCode!=200){if(globalDebugFlags&1){console.log("ERR:"+JSON.stringify(i))}a.gotNextMessagesError({status:i.statusCode},"error",null,[d,c,g])}else{i.acc="";i.on("data",function(j){this.acc+=j});i.on("end",function(){a.gotNextMessages(i.acc,"success",{status:i.statusCode},[d,c,g])})}});e.end(d);a.ActiveAjaxCount++;return e};a.pendingAjaxCall=[];a.gotNextMessages=function(c,e,d,b){a.ActiveAjaxCount--;if(a.FailAllError==999){return}if(globalDebugFlags&1){console.log("RECV: "+c+"\r\n\r\n")}if(a.FailAllError!=0){b[1](null,a.FailAllError,b[2]);return}if(d.status!=200){b[1](null,d.status,b[2]);return}b[1](c,200,b[2]);a.PerformNextAjax()};a.gotNextMessagesError=function(d,e,c,b){a.ActiveAjaxCount--;if(a.FailAllError==999){return}if(a.FailAllError!=0){b[1](null,a.FailAllError,b[2]);return}if(a.FailAllError!=999){b[1]({Header:{HttpError:d.status}},d.status,b[2])}a.PerformNextAjax()};a.CancelAllQueries=function(b){while(a.PendingAjax.length>0){var c=a.PendingAjax.shift();c[1](null,b,c[2])}};return a}module.exports=CreateWsmanComm;

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

1
agents/modules_meshcmd_min/amt.min.js vendored Normal file

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -471,22 +471,22 @@ function AmtManager(agent, db, isdebug) {
}
}
}
if (trustedFqdn == null) return; // No trusted DNS suffix.
//debug('TrustedFqdn: ' + trustedFqdn);
if (trustedFqdn == null) return; // No trusted DNS suffix.
// Check if we have a ACM policy match
var hashMatch = false;
var hashMatch = null;
for (var i in amtpolicy.match) { var m = amtpolicy.match[i]; if (m.cn == trustedFqdn) { for (var j in trustedHashes) { if ((trustedHashes[j] == m.sha256) || (trustedHashes[j] == m.sha1)) { hashMatch = trustedHashes[j]; } } } }
if (hashMatch == null) return; // No certificate / FQDN match
debug('Policy: ' + JSON.stringify(amtpolicy));
debug('HashMatch: ' + hashMatch);
//debug('Policy: ' + JSON.stringify(amtpolicy));
//debug('HashMatch: ' + hashMatch);
// Fetch Intel AMT realm and activation nonce and get ready to ACM activation...
if (osamtstack != null) {
debug('Trying to get Intel AMT activation information (1)...');
//debug('Trying to get Intel AMT activation information (1)...');
osamtstack.BatchEnum(null, ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService'], activeToACM2, { fqdn: trustedFqdn, hash: hashMatch });
} else {
debug('ACM Activation: Trying to get local account info...');
//debug('ACM Activation: Trying to get local account info...');
amtMei.getLocalSystemAccount(function (x) {
if ((x != null) && x.user && x.pass) {
//debug('Intel AMT local account info: User=' + x.user + ', Pass=' + x.pass + '.');
@ -495,17 +495,17 @@ function AmtManager(agent, db, isdebug) {
var amt = require('amt');
oswsstack = new wsman(transport, '127.0.0.1', 16992, x.user, x.pass, false);
osamtstack = new amt(oswsstack);
debug('Trying to get Intel AMT activation information (2)...');
//debug('Trying to get Intel AMT activation information (2)...');
osamtstack.BatchEnum(null, ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService'], activeToACM2, { fqdn: trustedFqdn, hash: hashMatch });
} else {
debug('Unable to get $$OsAdmin password.');
//debug('Unable to get $$OsAdmin password.');
}
});
}
}
function activeToACM2(stack, name, responses, status, tag) {
debug('activeToACM2 status=' + status);
//debug('activeToACM2 status=' + status);
if (status != 200) return;
var fwNonce = responses['IPS_HostBasedSetupService'].response['ConfigurationNonce'];
var digestRealm = responses['AMT_GeneralSettings'].response['DigestRealm'];
@ -514,27 +514,29 @@ function AmtManager(agent, db, isdebug) {
// Called when the server responds with a ACM activation signature.
obj.setAcmResponse = function (acmdata) {
debug('setAcmResponse=' + JSON.stringify(acmdata));
//debug('setAcmResponse=' + JSON.stringify(acmdata));
acmdata.index = 0;
//performAcmActivation(acmdata);
performAcmActivation(acmdata);
}
// Recursive function to inject the provisioning certificates into AMT in the proper order and completes ACM activation
function performAcmActivation(acmdata) {
var leaf = (acmdata.index == 0), root = (acmdata.index == (acmdata.certChain.length - 1));
if (acmdata.index < acmdata.certChain.length) {
if (acmdata.certChain[acmdata.index] != null) {
debug('Calling AddNextCertInChain(' + acmdata.index + ')');
osamtstack.IPS_HostBasedSetupService_AddNextCertInChain(acmdata.certChain[acmdata.index], leaf, root, function (stack, name, responses, status) {
//debug('performAcmActivation(' + JSON.stringify(acmdata) + ')');
var leaf = (acmdata.index == 0), root = (acmdata.index == (acmdata.certs.length - 1));
if ((acmdata.index < acmdata.certs.length) && (acmdata.certs[acmdata.index] != null)) {
//debug('Calling AddNextCertInChain(' + acmdata.index + ', ' + acmdata.certs[acmdata.index] + ')');
osamtstack.IPS_HostBasedSetupService_AddNextCertInChain(acmdata.certs[acmdata.index], leaf, root, function (stack, name, responses, status) {
if (status !== 200) { debug('AddNextCertInChain status=' + status); return; }
else if (responses['Body']['ReturnValue'] !== 0) { debug('AddNextCertInChain error=' + responses['Body']['ReturnValue']); return; }
else { acmdata.index++; performAcmActivation(acmdata); }
});
}
} else {
debug('Calling AdminSetup()');
//debug('Calling AdminSetup()');
osamtstack.IPS_HostBasedSetupService_AdminSetup(2, acmdata.password, acmdata.nonce, 2, acmdata.signature,
function (stack, name, responses, status) { debug('DONE: ' + status); }
function (stack, name, responses, status) {
debug('AdminSetup Status: ' + status);
if (status == 200) { debug('AdminSetup ReturnValue: ' + responses['Body']['ReturnValue']); }
}
);
}
}

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -0,0 +1 @@
function AMTScanner(){var a=require("events").inherits(this);a.createEvent("found");this.dgram=require("dgram");this.buildRmcpPing=function(c){var b=Buffer.from("06000006000011BE80000000","hex");b[9]=c;return b};this.parseRmcpPacket=function(h,b,g,d){if(b==null||b.length<20){return}var f={};if(((b[12]==0)||(b[13]!=0)||(b[14]!=1)||(b[15]!=87))&&(b[21]&32)){f.servertag=b[9];f.minorVersion=b[18]&15;f.majorVersion=(b[18]>>4)&15;f.provisioningState=b[19]&3;var e=(b[16]*256)+b[17];var c=((b[19]&4)!=0)?true:false;f.openPorts=[e];f.address=g.address;if(c==true){f.openPorts=[16992,16993]}if(d!==undefined){d(h,f)}}};this.parseIPv4Range=function(f){if(f==undefined||f==null){return null}var g=f.split("-");if(g.length==2){return{min:this.parseIpv4Addr(g[0]),max:this.parseIpv4Addr(g[1])}}g=f.split("/");if(g.length==2){var c=this.parseIpv4Addr(g[0]),e=parseInt(g[1]),d=0;if(e<=16||e>32){return null}e=32-e;for(var b=0;b<e;b++){d=(d<<1);d++}return{min:c&(4294967295-d),max:(c&(4294967295-d))+d}}g=this.parseIpv4Addr(f);if(g==null){return null}return{min:g,max:g}};this.parseIpv4Addr=function(b){var c=b.split(".");if(c.length==4){return(parseInt(c[0])<<24)+(parseInt(c[1])<<16)+(parseInt(c[2])<<8)+(parseInt(c[3])<<0)}return null};this.IPv4NumToStr=function(b){return((b>>24)&255)+"."+((b>>16)&255)+"."+((b>>8)&255)+"."+(b&255)};this.scan=function(d,g){var c=this.parseIPv4Range(d);var e=this.buildRmcpPing(0);var f=this.dgram.createSocket({type:"udp4"});f.parent=this;f.scanResults=[];f.on("error",function(i){console.log("Error:"+i)});f.on("message",function(i,j){if(j.size>4){this.parent.parseRmcpPacket(this,i,j,function(l,k){l.scanResults.push(k)})}});f.on("listening",function(){for(var j=c.min;j<=c.max;j++){f.send(e,623,f.parent.IPv4NumToStr(j))}});f.bind({address:"0.0.0.0",port:0,exclusive:true});var h=setTimeout(function b(){f.close();f.parent.emit("found",f.scanResults);delete f},g)}}module.exports=AMTScanner;

View File

@ -0,0 +1 @@
function CreateWsmanComm(){var a={};a.PendingAjax=[];a.ActiveAjaxCount=0;a.MaxActiveAjaxCount=1;a.FailAllError=0;a.digest=null;a.RequestCount=0;if(arguments.length==1&&typeof(arguments[0]=="object")){a.host=arguments[0].host;a.port=arguments[0].port;a.authToken=arguments[0].authToken;a.tls=arguments[0].tls}else{a.host=arguments[0];a.port=arguments[1];a.user=arguments[2];a.pass=arguments[3];a.tls=arguments[4]}a.PerformAjax=function(d,c,f,e,g,b){if((a.ActiveAjaxCount==0||((a.ActiveAjaxCount<a.MaxActiveAjaxCount)&&(a.challengeParams!=null)))&&a.PendingAjax.length==0){a.PerformAjaxEx(d,c,f,g,b)}else{if(e==1){a.PendingAjax.unshift([d,c,f,g,b])}else{a.PendingAjax.push([d,c,f,g,b])}}};a.PerformNextAjax=function(){if(a.ActiveAjaxCount>=a.MaxActiveAjaxCount||a.PendingAjax.length==0){return}var b=a.PendingAjax.shift();a.PerformAjaxEx(b[0],b[1],b[2],b[3],b[4]);a.PerformNextAjax()};a.PerformAjaxEx=function(d,c,g,h,b){if(a.FailAllError!=0){if(a.FailAllError!=999){a.gotNextMessagesError({status:a.FailAllError},"error",null,[d,c,g])}return}if(!d){d=""}if(a.digest==null){if(a.authToken){a.digest=require("http-digest").create({authToken:a.authToken})}else{a.digest=require("http-digest").create(a.user,a.pass)}a.digest.http=require("http")}var f={protocol:(a.tls==1?"https:":"http:"),method:"POST",host:a.host,path:"/wsman",port:a.port,rejectUnauthorized:false,checkServerIdentity:function(i){console.log("checkServerIdentity",JSON.stringify(i))}};var e=a.digest.request(f);e.on("error",function(i){a.gotNextMessagesError({status:600},"error",null,[d,c,g])});e.on("response",function(i){if(i.statusCode!=200){a.gotNextMessagesError({status:i.statusCode},"error",null,[d,c,g])}else{i.acc="";i.on("data",function(j){this.acc+=j});i.on("end",function(){a.gotNextMessages(i.acc,"success",{status:i.statusCode},[d,c,g])})}});e.end(d);a.ActiveAjaxCount++;return e};a.pendingAjaxCall=[];a.gotNextMessages=function(c,e,d,b){a.ActiveAjaxCount--;if(a.FailAllError==999){return}if(a.FailAllError!=0){b[1](null,a.FailAllError,b[2]);return}if(d.status!=200){b[1](null,d.status,b[2]);return}b[1](c,200,b[2]);a.PerformNextAjax()};a.gotNextMessagesError=function(d,e,c,b){a.ActiveAjaxCount--;if(a.FailAllError==999){return}if(a.FailAllError!=0){b[1](null,a.FailAllError,b[2]);return}if(a.FailAllError!=999){b[1]({Header:{HttpError:d.status}},d.status,b[2])}a.PerformNextAjax()};a.CancelAllQueries=function(b){while(a.PendingAjax.length>0){var c=a.PendingAjax.shift();c[1](null,b,c[2])}};return a}module.exports=CreateWsmanComm;

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -0,0 +1 @@
try{Object.defineProperty(Array.prototype,"peek",{value:function(){return(this.length>0?this[this.length-1]:undefined)}})}catch(e){}function dbus(a,b){this._ObjectID="linux-dbus";require("events").EventEmitter.call(this,true).createEvent("signal");Object.defineProperty(this,"uid",{value:b});this._child=require("child_process").execFile("/bin/sh",["sh"],{type:require("child_process").SpawnTypes.TERM,uid:b==null?-1:b});this._child.stdin.write("dbus-monitor --session \"type='signal', interface='"+a+'\'" | ( while read X; do echo "$X"; done )\n');this._child.stdout.dbus=this;this._child.stdout.on("data",function(c){if(!this.ready){this.ready=true;return}var f=[];var g=c.toString().split("\r\n");for(var d in g){if(g[d]==""){this.dbus.preParseRecords(f);f=[]}else{f.push(g[d])}}});this.preParseRecords=function(d){var f=[];for(var c in d){if(d[c].startsWith("signal ")){if(f.length>0){this.parseRecords(f)}f=[]}f.push(d[c])}if(f.length>0){this.parseRecords(f)}};this.parseRecords=function(d){if(d[0].startsWith("signal ")){var g={};var h=d[0].split(" ");h.shift();for(var c in h){var f=h[c].split("=");if(f.length==2){g[f[0]]=f[1]}}d.shift();g.data=d;this.parseSignal(g)}};this.parseSignal=function(f){var c=f.data;f.data=[];for(var d=0;d<c.length;++d){if(c[d].startsWith("array ")){f.data.push([]);for(d=d+1;d<c.length;++d){this.parseSignal2(c[d],f.data.peek())}}else{this.parseSignal2(c[d],f.data)}}this.emit("signal",f)};this.parseSignal2=function(c,d){if(c.startsWith("string ")){d.push(JSON.parse(c.slice(7)))}else{if(c.startsWith("boolean ")){d.push(JSON.parse(c.slice(8)))}}}}module.exports=dbus;

File diff suppressed because one or more lines are too long

View File

@ -0,0 +1 @@
function powerMonitor(){this._ObjectID="power-monitor";require("events").EventEmitter.call(this,true).createEvent("changed").createEvent("sx").createEvent("batteryLevel").createEvent("acdc").createEvent("display");this._i=setImmediate(function(a){require("user-sessions");delete a._i},this)}module.exports=new powerMonitor();

File diff suppressed because one or more lines are too long

View File

@ -0,0 +1 @@
function _Scan(){var f=this.Marshal.CreatePointer();this.Native.WlanEnumInterfaces(this.Handle,0,f);var a=f.Deref().Deref(0,4).toBuffer().readUInt32LE(0);var d=f.Deref().Deref(8,532);var c=d.Deref(16,512).AnsiString;var e;switch(d.Deref(528,4).toBuffer().readUInt32LE(0)){case 0:e="NOT READY";break;case 1:e="CONNECTED";break;case 2:e="AD-HOC";break;case 3:e="DISCONNECTING";break;case 4:e="DISCONNECTED";break;case 5:e="ASSOCIATING";break;case 6:e="DISCOVERING";break;case 7:e="AUTHENTICATING";break;default:e="UNKNOWN";break}var b=d.Deref(0,16);if(this.Native.WlanScan(this.Handle,b,0,0,0).Val==0){return(true)}else{return(false)}}function AccessPoint(d,a,c,b){this.ssid=d;this.bssid=a;this.rssi=c;this.lq=b}AccessPoint.prototype.toString=function(){return(this.ssid+" ["+this.bssid+"]: "+this.lq)};function OnNotify(g){var h=g.Deref(0,4).toBuffer().readUInt32LE(0);var f=g.Deref(4,4).toBuffer().readUInt32LE(0);var c=g.Deref(8,16);if((h&8)&&(f==7)){var a=this.Parent.Marshal.CreatePointer();var k=this.Parent.Native.GetBSSList(this.Parent.Handle,c,0,3,0,0,a).Val;if(k==0){var n=a.Deref().Deref(0,4).toBuffer().readUInt32LE(0);var j=a.Deref().Deref(4,4).toBuffer().readUInt32LE(0);for(i=0;i<j;++i){var d=a.Deref().Deref(8+(360*i),360);var m=d.Deref(4,32).String.trim();var b=d.Deref(40,6).HexString2;var l=d.Deref(56,4).toBuffer().readUInt32LE(0);var e=d.Deref(60,4).toBuffer().readUInt32LE(0);this.Parent.emit("Scan",new AccessPoint(m,b,l,e))}}}}function Wireless(){var a=require("events").inherits(this);this.Marshal=require("_GenericMarshal");this.Native=this.Marshal.CreateNativeProxy("wlanapi.dll");this.Native.CreateMethod("WlanOpenHandle");this.Native.CreateMethod("WlanGetNetworkBssList","GetBSSList");this.Native.CreateMethod("WlanRegisterNotification");this.Native.CreateMethod("WlanEnumInterfaces");this.Native.CreateMethod("WlanScan");this.Native.CreateMethod("WlanQueryInterface");var c=this.Marshal.CreatePointer();var b=this.Marshal.CreatePointer();this.Native.WlanOpenHandle(2,0,c,b);this.Handle=b.Deref();this._NOTIFY_PROXY_OBJECT=this.Marshal.CreateCallbackProxy(OnNotify,2);this._NOTIFY_PROXY_OBJECT.Parent=this;var d=this.Marshal.CreatePointer();var e=this.Native.WlanRegisterNotification(this.Handle,65535,0,this._NOTIFY_PROXY_OBJECT.Callback,this._NOTIFY_PROXY_OBJECT.State,0,d);a.createEvent("Scan");a.addMethod("Scan",_Scan);this.GetConnectedNetwork=function(){var n=this.Marshal.CreatePointer();console.log("Success = "+this.Native.WlanEnumInterfaces(this.Handle,0,n).Val);var h=n.Deref().Deref(0,4).toBuffer().readUInt32LE(0);var m=n.Deref().Deref(8,532);var l=m.Deref(16,512).AnsiString;var o=m.Deref(528,4).toBuffer().readUInt32LE(0);if(m.Deref(528,4).toBuffer().readUInt32LE(0)==1){var j=this.Marshal.CreatePointer();var q=this.Marshal.CreatePointer();var s=this.Marshal.CreatePointer();var k=m.Deref(0,16);var r=this.Native.WlanQueryInterface(this.Handle,k,7,0,j,q,s).Val;if(r==0){var f=q.Deref().Deref(524,32).String;var g=q.Deref().Deref(560,6).HexString;var p=q.Deref().Deref(576,4).toBuffer().readUInt32LE(0);return(new AccessPoint(f,g,0,p))}}throw ("GetConnectedNetworks: FAILED (not associated to a network)")};return(this)}module.exports=new Wireless();

View File

@ -0,0 +1 @@
var MemoryStream=require("MemoryStream");var WindowsChildScript='var parent = require("ScriptContainer");var Wireless = require("wifi-scanner-windows");Wireless.on("Scan", function (ap) { parent.send(ap); });Wireless.Scan();';function AccessPoint(c,a,b){this.ssid=c;this.bssid=a;this.lq=b}AccessPoint.prototype.toString=function(){return("["+this.bssid+"]: "+this.ssid+" ("+this.lq+")")};function WiFiScanner(){var a=require("events").inherits(this);a.createEvent("accessPoint");this.hasWireless=function(){var d=false;var b=require("os").networkInterfaces();for(var c in b){if(b[c][0].type=="wireless"){d=true;break}}return(d)};this.Scan=function(){if(process.platform=="win32"){this.master=require("ScriptContainer").Create(15,ContainerPermissions.DEFAULT);this.master.parent=this;this.master.on("data",function(e){this.parent.emit("accessPoint",new AccessPoint(e.ssid,e.bssid,e.lq))});this.master.addModule("wifi-scanner-windows",getJSModule("wifi-scanner-windows"));this.master.ExecuteString(WindowsChildScript)}else{if(process.platform=="linux"){var c=require("os").networkInterfaces();var d=null;for(var b in c){if(c[b][0].type=="wireless"){d=b;break}}if(d!=null){this.child=require("child_process").execFile("/sbin/iwlist",["iwlist",d,"scan"]);this.child.parent=this;this.child.ms=new MemoryStream();this.child.ms.parent=this.child;this.child.stdout.on("data",function(e){this.parent.ms.write(e)});this.child.on("exit",function(){this.ms.end()});this.child.ms.on("end",function(){var l=this.buffer.toString();tokens=l.split(" - Address: ");for(var h in tokens){if(h==0){continue}var i=tokens[h].split("\n");var e=i[0];var f;var g;for(var j in i){j=i[j].trim();j=j.trim();if(j.startsWith("ESSID:")){g=j.slice(7,j.length-1);if(g=="<hidden>"){g=""}}if(j.startsWith("Signal level=")){f=j.slice(13,j.length-4)}else{if(j.startsWith("Quality=")){f=j.slice(8,10);var k=j.slice(11,13)}}}this.parent.parent.emit("accessPoint",new AccessPoint(g,e,f))}})}}}}}module.exports=WiFiScanner;

View File

@ -0,0 +1 @@
var TrayIconFlags={NIF_MESSAGE:1,NIF_ICON:2,NIF_TIP:4,NIF_STATE:8,NIF_INFO:16,NIF_GUID:32,NIF_REALTIME:64,NIF_SHOWTIP:128,NIM_ADD:0,NIM_MODIFY:1,NIM_DELETE:2,NIM_SETFOCUS:3,NIM_SETVERSION:4};var NOTIFYICON_VERSION_4=4;var MessageTypes={WM_APP:32768,WM_USER:1024};function WindowsConsole(){if(process.platform=="win32"){this._ObjectID="win-console";this._Marshal=require("_GenericMarshal");this._kernel32=this._Marshal.CreateNativeProxy("kernel32.dll");this._user32=this._Marshal.CreateNativeProxy("user32.dll");this._kernel32.CreateMethod("GetConsoleWindow");this._kernel32.CreateMethod("GetCurrentThread");this._user32.CreateMethod("ShowWindow");this._user32.CreateMethod("LoadImageA");this._user32.CreateMethod({method:"GetMessageA",threadDispatch:1});this._shell32=this._Marshal.CreateNativeProxy("Shell32.dll");this._shell32.CreateMethod("Shell_NotifyIconA");this._handle=this._kernel32.GetConsoleWindow();this.minimize=function(){this._user32.ShowWindow(this._handle,6)};this.restore=function(){this._user32.ShowWindow(this._handle,9)};this.hide=function(){this._user32.ShowWindow(this._handle,0)};this.show=function(){this._user32.ShowWindow(this._handle,5)};this._loadicon=function(c){var b=this._user32.LoadImageA(0,this._Marshal.CreateVariable(c),1,0,0,16|32768|64);return(b)};this.SetTrayIcon=function a(h){var b=this._Marshal.CreateVariable(this._Marshal.PointerSize==4?508:528);b.toBuffer().writeUInt32LE(b._size,0);var n=TrayIconFlags.NIF_TIP|TrayIconFlags.NIF_MESSAGE;h.filter=MessageTypes.WM_APP+1;b.Deref(this._Marshal.PointerSize==4?16:24,4).toBuffer().writeUInt32LE(h.filter);if(!h.noBalloon){n|=TrayIconFlags.NIF_INFO}if(h.icon){n|=TrayIconFlags.NIF_ICON;var c=b.Deref(this._Marshal.PointerSize==4?20:32,this._Marshal.PointerSize);h.icon.pointerBuffer().copy(c.toBuffer())}b.Deref(this._Marshal.PointerSize*2,4).toBuffer().writeUInt32LE(1);b.Deref(this._Marshal.PointerSize==4?12:20,4).toBuffer().writeUInt32LE(n);b.Deref(this._Marshal.PointerSize==4?416:432,4).toBuffer().writeUInt32LE(NOTIFYICON_VERSION_4);var m=b.Deref(this._Marshal.PointerSize==4?24:40,128);var k=b.Deref(this._Marshal.PointerSize==4?160:176,256);var l=b.Deref(this._Marshal.PointerSize==4?420:436,64);if(h.szTip){Buffer.from(h.szTip).copy(m.toBuffer())}if(h.szInfo){Buffer.from(h.szInfo).copy(k.toBuffer())}if(h.szInfoTitle){Buffer.from(h.szInfoTitle).copy(l.toBuffer())}var d=require("win-message-pump");retVal={_ObjectID:"WindowsConsole.TrayIcon",MessagePump:new d(h)};var j=require("events").inherits(retVal);j.createEvent("ToastClicked");j.createEvent("IconHover");j.createEvent("ToastDismissed");retVal.Options=h;retVal.MessagePump.TrayIcon=retVal;retVal.MessagePump.NotifyData=b;retVal.MessagePump.WindowsConsole=this;retVal.MessagePump.on("exit",function e(o){console.log("Pump Exited");if(this.TrayIcon){this.TrayIcon.remove()}});retVal.MessagePump.on("hwnd",function f(o){h.hwnd=o;o.pointerBuffer().copy(this.NotifyData.Deref(this.WindowsConsole._Marshal.PointerSize,this.WindowsConsole._Marshal.PointerSize).toBuffer());if(this.WindowsConsole._shell32.Shell_NotifyIconA(TrayIconFlags.NIM_ADD,this.NotifyData).Val==0){}});retVal.MessagePump.on("message",function g(p){if(p.message==this.TrayIcon.Options.filter){var o=false;if(p.wparam==1&&p.lparam==1029){this.TrayIcon.emit("ToastClicked");o=true}if(p.wparam==1&&p.lparam==512){this.TrayIcon.emit("IconHover");o=true}if(this.TrayIcon.Options.balloonOnly&&p.wparam==1&&(p.lparam==1028||p.lparam==1029)){this.TrayIcon.emit("ToastDismissed");this.TrayIcon.remove();o=true}}});retVal.remove=function i(){this.MessagePump.WindowsConsole._shell32.Shell_NotifyIconA(TrayIconFlags.NIM_DELETE,this.MessagePump.NotifyData);this.MessagePump.stop();delete this.MessagePump.TrayIcon;delete this.MessagePump};return(retVal)}}}module.exports=new WindowsConsole();

File diff suppressed because one or more lines are too long

View File

@ -30,34 +30,43 @@ module.exports.CertificateOperations = function (parent) {
// Sign a Intel AMT ACM activation request
obj.signAcmRequest = function (domain, request, user, pass) {
console.log('signAcmRequest', request);
if ((domain == null) || (domain.amtacmactivation == null) || (domain.amtacmactivation.certs == null) || (request == null) || (request.nonce == null) || (request.realm == null) || (request.fqdn == null) || (request.hash == null)) return null;
if (parent.common.validateString(request.nonce, 16, 256) == false) return null;
if (parent.common.validateString(request.realm, 16, 256) == false) return null;
if (parent.common.validateString(request.fqdn, 4, 256) == false) return null;
if (parent.common.validateString(request.hash, 16, 256) == false) return null;
console.log('a1');
// Look for the signing certificate
var signkey = null, certChain = null, hashAlgo = null;
var signkey = null, certChain = null, hashAlgo = null, certIndex = null;
for (var i in domain.amtacmactivation.certs) {
const certEntry = domain.amtacmactivation.certs[i];
if ((certEntry.sha256 == request.hash) && ((certEntry.cn == '*') || (certEntry.cn == request.fqdn))) { hashAlgo = 'sha256'; signkey = certEntry.key; certChain = certEntry.certs; break; }
if ((certEntry.sha1 == request.hash) && ((certEntry.cn == '*') || (certEntry.cn == request.fqdn))) { hashAlgo = 'sha1'; signkey = certEntry.key; certChain = certEntry.certs; break; }
if ((certEntry.sha256 == request.hash) && ((certEntry.cn == '*') || (certEntry.cn == request.fqdn))) { hashAlgo = 'sha256'; signkey = certEntry.key; certChain = certEntry.certs; certIndex = i; break; }
if ((certEntry.sha1 == request.hash) && ((certEntry.cn == '*') || (certEntry.cn == request.fqdn))) { hashAlgo = 'sha1'; signkey = certEntry.key; certChain = certEntry.certs; certIndex = i; break; }
}
console.log('as', signkey);
if (signkey == null) return null; // Did not find a match.
// Create the signature message
var mcNonce = Buffer.from(obj.crypto.randomBytes(20), 0, 20).toString('base64');
console.log('aa');
// If the matching certificate is a root cert, issue a leaf cert that matches the fqdn
if (domain.amtacmactivation.certs[certIndex].cn == '*') return; // TODO: Add support for this mode
console.log('ab');
// Setup both nonces, ready to be signed
const mcNonce = Buffer.from(obj.crypto.randomBytes(32), 'binary');
const fwNonce = Buffer.from(request.nonce, 'base64');
// Sign the request
var signature = null;
try {
var signer = obj.crypto.createSign(hashAlgo);
signer.update(request.nonce + mcNonce);
signer.update(Buffer.concat([fwNonce, mcNonce]));
signature = signer.sign(signkey, 'base64');
} catch (ex) { return null; }
// Return the signature with the computed account password hash
return { 'action': 'acmactivate', 'signature': signature, 'password': obj.crypto.createHash('md5').update(user + ':' + request.realm + ':' + pass).digest('hex'), 'nonce': mcNonce, 'certs': certChain };
return { 'action': 'acmactivate', 'signature': signature, 'password': obj.crypto.createHash('md5').update(user + ':' + request.realm + ':' + pass).digest('hex'), 'nonce': mcNonce.toString('base64'), 'certs': certChain };
}
// Load Intel AMT ACM activation certificates
@ -112,7 +121,7 @@ module.exports.CertificateOperations = function (parent) {
for (var k in r.certs) {
if (((currenthash == null) && (r.certs[k].subject.hash == r.certs[k].issuer.hash)) || ((r.certs[k].issuer.hash == currenthash) && (r.certs[k].subject.hash != r.certs[k].issuer.hash))) {
currenthash = r.certs[k].subject.hash;
orderedCerts.push(Buffer.from(obj.forge.asn1.toDer(obj.pki.certificateToAsn1(r.certs[k])).data, 'binary').toString('base64'));
orderedCerts.unshift(Buffer.from(obj.forge.asn1.toDer(obj.pki.certificateToAsn1(r.certs[k])).data, 'binary').toString('base64'));
orderingError = false;
}
}