mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-11-22 04:33:16 +03:00
7d59210d05
Signed-off-by: si458 <simonsmith5521@gmail.com>
267 lines
10 KiB
JavaScript
267 lines
10 KiB
JavaScript
/*
|
|
Copyright 2019-2020 Intel Corporation
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
var promise = require('promise');
|
|
|
|
function qfe()
|
|
{
|
|
try {
|
|
var tokens = require('win-wmi').query('ROOT\\CIMV2', 'SELECT * FROM Win32_QuickFixEngineering');
|
|
if (tokens[0]){
|
|
for (var index = 0; index < tokens.length; index++) {
|
|
for (var key in tokens[index]) {
|
|
if (key.startsWith('__')) delete tokens[index][key];
|
|
}
|
|
}
|
|
return (tokens);
|
|
} else {
|
|
return ([]);
|
|
}
|
|
} catch (ex) {
|
|
return ([]);
|
|
}
|
|
}
|
|
function av()
|
|
{
|
|
var child = require('child_process').execFile(process.env['windir'] + '\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', ['powershell', '-noprofile', '-nologo', '-command', '-'], {});
|
|
if (child == null) { return ([]); }
|
|
|
|
child.descriptorMetadata = 'process-manager';
|
|
child.stdout.str = ''; child.stdout.on('data', function (c) { this.str += c.toString(); });
|
|
child.stderr.str = ''; child.stderr.on('data', function (c) { this.str += c.toString(); });
|
|
|
|
child.stdin.write('[reflection.Assembly]::LoadWithPartialName("system.core")\r\n');
|
|
child.stdin.write('Get-WmiObject -Namespace "root/SecurityCenter2" -Class AntiVirusProduct | ');
|
|
child.stdin.write('ForEach-Object -Process { ');
|
|
child.stdin.write('$matches = [regex]::Matches($_.pathToSignedProductExe, "%(.*?)%"); ');
|
|
child.stdin.write('$modifiedPath = $_.pathToSignedProductExe; ');
|
|
child.stdin.write('foreach ($match in $matches) { ');
|
|
child.stdin.write('$modifiedPath = $modifiedPath -replace [regex]::Escape($match.Value), [System.Environment]::GetEnvironmentVariable($match.Groups[1].Value, "Process") ');
|
|
child.stdin.write('} ');
|
|
child.stdin.write('$flag = $true; ');
|
|
child.stdin.write('if ($modifiedPath -ne "windowsdefender://"){ ');
|
|
child.stdin.write('if (-not (Test-Path -Path $modifiedPath -PathType Leaf)) { ');
|
|
child.stdin.write('$flag = $false; ');
|
|
child.stdin.write('} ');
|
|
child.stdin.write('} ');
|
|
child.stdin.write('if ($flag -eq $true) { ')
|
|
child.stdin.write('$Bytes = [System.Text.Encoding]::UTF8.GetBytes($_.displayName); ');
|
|
child.stdin.write('$EncodedText =[Convert]::ToBase64String($Bytes); ');
|
|
child.stdin.write('Write-Output ("{0},{1}" -f $_.productState,$EncodedText); ');
|
|
child.stdin.write('} ');
|
|
child.stdin.write('}\r\n ');
|
|
child.stdin.write('exit\r\n');
|
|
child.waitExit();
|
|
|
|
if (child.stdout.str == '') { return ([]); }
|
|
|
|
var lines = child.stdout.str.trim().split('\r\n');
|
|
var result = [];
|
|
for (i = 0; i < lines.length; ++i)
|
|
{
|
|
var keys = lines[i].split(',');
|
|
if(keys.length == 2)
|
|
{
|
|
var status = {};
|
|
status.product = Buffer.from(keys[1], 'base64').toString();
|
|
status.updated = (parseInt(keys[0]) & 0x10) == 0;
|
|
status.enabled = (parseInt(keys[0]) & 0x1000) == 0x1000;
|
|
result.push(status);
|
|
}
|
|
}
|
|
return (result);
|
|
}
|
|
function defrag(options)
|
|
{
|
|
var ret = new promise(function (res, rej) { this._res = res; this._rej = rej; });
|
|
var path = '';
|
|
|
|
switch(require('os').arch())
|
|
{
|
|
case 'x64':
|
|
if (require('_GenericMarshal').PointerSize == 4)
|
|
{
|
|
// 32 Bit App on 64 Bit Windows
|
|
ret._rej('Cannot defrag volume on 64 bit Windows from 32 bit application');
|
|
return (ret);
|
|
}
|
|
else
|
|
{
|
|
// 64 Bit App
|
|
path = process.env['windir'] + '\\System32\\defrag.exe';
|
|
}
|
|
break;
|
|
case 'ia32':
|
|
// 32 Bit App on 32 Bit Windows
|
|
path = process.env['windir'] + '\\System32\\defrag.exe';
|
|
break;
|
|
default:
|
|
ret._rej(require('os').arch() + ' not supported');
|
|
return (ret);
|
|
break;
|
|
}
|
|
|
|
ret.child = require('child_process').execFile(process.env['windir'] + '\\System32\\defrag.exe', ['defrag', options.volume + ' /A']);
|
|
ret.child.promise = ret;
|
|
ret.child.promise.options = options;
|
|
ret.child.stdout.str = ''; ret.child.stdout.on('data', function (c) { this.str += c.toString(); });
|
|
ret.child.stderr.str = ''; ret.child.stderr.on('data', function (c) { this.str += c.toString(); });
|
|
ret.child.on('exit', function (code)
|
|
{
|
|
var lines = this.stdout.str.trim().split('\r\n');
|
|
var obj = { volume: this.promise.options.volume };
|
|
for (var i in lines)
|
|
{
|
|
var token = lines[i].split('=');
|
|
if(token.length == 2)
|
|
{
|
|
switch(token[0].trim().toLowerCase())
|
|
{
|
|
case 'volume size':
|
|
obj['size'] = token[1];
|
|
break;
|
|
case 'free space':
|
|
obj['free'] = token[1];
|
|
break;
|
|
case 'total fragmented space':
|
|
obj['fragmented'] = token[1];
|
|
break;
|
|
case 'largest free space size':
|
|
obj['largestFragment'] = token[1];
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
this.promise._res(obj);
|
|
});
|
|
return (ret);
|
|
}
|
|
function regQuery(H, Path, Key)
|
|
{
|
|
try
|
|
{
|
|
return(require('win-registry').QueryKey(H, Path, Key));
|
|
}
|
|
catch(e)
|
|
{
|
|
return (null);
|
|
}
|
|
}
|
|
function pendingReboot()
|
|
{
|
|
var tmp = null;
|
|
var ret = null;
|
|
var HKEY = require('win-registry').HKEY;
|
|
if(regQuery(HKEY.LocalMachine, 'SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Component Based Servicing', 'RebootPending') !=null)
|
|
{
|
|
ret = 'Component Based Servicing';
|
|
}
|
|
else if(regQuery(HKEY.LocalMachine, 'SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate', 'RebootRequired'))
|
|
{
|
|
ret = 'Windows Update';
|
|
}
|
|
else if ((tmp=regQuery(HKEY.LocalMachine, 'SYSTEM\\CurrentControlSet\\Control\\Session Manager', 'PendingFileRenameOperations'))!=null && tmp != 0 && tmp != '')
|
|
{
|
|
ret = 'File Rename';
|
|
}
|
|
else if (regQuery(HKEY.LocalMachine, 'SYSTEM\\CurrentControlSet\\Control\\ComputerName\\ActiveComputerName', 'ComputerName') != regQuery(HKEY.LocalMachine, 'SYSTEM\\CurrentControlSet\\Control\\ComputerName\\ComputerName', 'ComputerName'))
|
|
{
|
|
ret = 'System Rename';
|
|
}
|
|
return (ret);
|
|
}
|
|
|
|
function installedApps()
|
|
{
|
|
var promise = require('promise');
|
|
var ret = new promise(function (a, r) { this._resolve = a; this._reject = r; });
|
|
|
|
var code = "\
|
|
var reg = require('win-registry');\
|
|
var result = [];\
|
|
var val, tmp;\
|
|
var items = reg.QueryKey(reg.HKEY.LocalMachine, 'SOFTWARE\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Uninstall');\
|
|
for (var key in items.subkeys)\
|
|
{\
|
|
val = {};\
|
|
try\
|
|
{\
|
|
val.name = reg.QueryKey(reg.HKEY.LocalMachine, 'SOFTWARE\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Uninstall\\\\' + items.subkeys[key], 'DisplayName');\
|
|
}\
|
|
catch(e)\
|
|
{\
|
|
continue;\
|
|
}\
|
|
try\
|
|
{\
|
|
val.version = reg.QueryKey(reg.HKEY.LocalMachine, 'SOFTWARE\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Uninstall\\\\' + items.subkeys[key], 'DisplayVersion');\
|
|
if (val.version == '') { delete val.version; }\
|
|
}\
|
|
catch(e)\
|
|
{\
|
|
}\
|
|
try\
|
|
{\
|
|
val.location = reg.QueryKey(reg.HKEY.LocalMachine, 'SOFTWARE\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Uninstall\\\\' + items.subkeys[key], 'InstallLocation');\
|
|
if (val.location == '') { delete val.location; }\
|
|
}\
|
|
catch(e)\
|
|
{\
|
|
}\
|
|
try\
|
|
{\
|
|
val.installdate = reg.QueryKey(reg.HKEY.LocalMachine, 'SOFTWARE\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Uninstall\\\\' + items.subkeys[key], 'InstallDate');\
|
|
if (val.installdate == '') { delete val.installdate; }\
|
|
}\
|
|
catch(e)\
|
|
{\
|
|
}\
|
|
result.push(val);\
|
|
}\
|
|
console.log(JSON.stringify(result,'', 1));process.exit();";
|
|
|
|
ret.child = require('child_process').execFile(process.execPath, [process.execPath.split('\\').pop().split('.exe')[0], '-exec "' + code + '"']);
|
|
ret.child.promise = ret;
|
|
ret.child.stdout.str = ''; ret.child.stdout.on('data', function (c) { this.str += c.toString(); });
|
|
ret.child.on('exit', function (c) { this.promise._resolve(JSON.parse(this.stdout.str.trim())); });
|
|
return (ret);
|
|
}
|
|
|
|
function defender(){
|
|
var promise = require('promise');
|
|
var ret = new promise(function (a, r) { this._resolve = a; this._reject = r; });
|
|
var cmd = '"Get-MpComputerStatus | Select-Object RealTimeProtectionEnabled,IsTamperProtected | ConvertTo-JSON"';
|
|
ret.child = require('child_process').execFile(process.env['windir'] + '\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', ['powershell', '-noprofile', '-nologo', '-command', cmd], {});
|
|
ret.child.promise = ret;
|
|
ret.child.stdout.str = ''; ret.child.stdout.on('data', function (c) { this.str += c.toString(); });
|
|
ret.child.stderr.str = ''; ret.child.stderr.on('data', function (c) { this.str += c.toString(); });
|
|
ret.child.on('exit', function (c) {
|
|
if (this.stdout.str == '') { this.promise._resolve({}); return; }
|
|
var abc = JSON.parse(this.stdout.str.trim())
|
|
this.promise._resolve({ RealTimeProtection: abc.RealTimeProtectionEnabled, TamperProtected: abc.IsTamperProtected });
|
|
});
|
|
return (ret);
|
|
}
|
|
|
|
if (process.platform == 'win32')
|
|
{
|
|
module.exports = { qfe: qfe, av: av, defrag: defrag, pendingReboot: pendingReboot, installedApps: installedApps, defender: defender };
|
|
}
|
|
else
|
|
{
|
|
var not_supported = function () { throw (process.platform + ' not supported'); };
|
|
module.exports = { qfe: not_supported, av: not_supported, defrag: not_supported, pendingReboot: not_supported, installedApps: not_supported, defender: not_supported };
|
|
} |