Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Built a dll for .net 3.5 and powershell 2.0 support. Fixed some code that was implicitly handled by .net 4.0 that has to be explicitly handled by 3.5. I just commented out the code instead of replacing the lines that needed to be changed.
- Loading branch information
Showing
19 changed files
with
451 additions
and
0 deletions.
There are no files selected for viewing
20 changes: 20 additions & 0 deletions
20
PoshSec.PowerShell.Commands 3.5/PoshSec.PowerShell.Commands.sln
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,20 @@ | |||
|
|||
Microsoft Visual Studio Solution File, Format Version 9.00 | |||
# Visual Studio 2005 | |||
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "PoshSec.PowerShell.Commands", "PoshSec.PowerShell.Commands\PoshSec.PowerShell.Commands.csproj", "{87598CD5-263C-41D0-A6E0-AD4851607CCE}" | |||
EndProject | |||
Global | |||
GlobalSection(SolutionConfigurationPlatforms) = preSolution | |||
Debug|Any CPU = Debug|Any CPU | |||
Release|Any CPU = Release|Any CPU | |||
EndGlobalSection | |||
GlobalSection(ProjectConfigurationPlatforms) = postSolution | |||
{87598CD5-263C-41D0-A6E0-AD4851607CCE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU | |||
{87598CD5-263C-41D0-A6E0-AD4851607CCE}.Debug|Any CPU.Build.0 = Debug|Any CPU | |||
{87598CD5-263C-41D0-A6E0-AD4851607CCE}.Release|Any CPU.ActiveCfg = Release|Any CPU | |||
{87598CD5-263C-41D0-A6E0-AD4851607CCE}.Release|Any CPU.Build.0 = Release|Any CPU | |||
EndGlobalSection | |||
GlobalSection(SolutionProperties) = preSolution | |||
HideSolutionNode = FALSE | |||
EndGlobalSection | |||
EndGlobal |
Binary file not shown.
65 changes: 65 additions & 0 deletions
65
...ec.PowerShell.Commands 3.5/PoshSec.PowerShell.Commands/PoshSec.PowerShell.Commands.csproj
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,65 @@ | |||
<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |||
<PropertyGroup> | |||
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> | |||
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> | |||
<ProductVersion>8.0.50727</ProductVersion> | |||
<SchemaVersion>2.0</SchemaVersion> | |||
<ProjectGuid>{87598CD5-263C-41D0-A6E0-AD4851607CCE}</ProjectGuid> | |||
<OutputType>Library</OutputType> | |||
<AppDesignerFolder>Properties</AppDesignerFolder> | |||
<RootNamespace>PoshSec.PowerShell.Commands</RootNamespace> | |||
<AssemblyName>PoshSec.PowerShell.Commands</AssemblyName> | |||
</PropertyGroup> | |||
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> | |||
<DebugSymbols>true</DebugSymbols> | |||
<DebugType>full</DebugType> | |||
<Optimize>false</Optimize> | |||
<OutputPath>bin\Debug\</OutputPath> | |||
<DefineConstants>DEBUG;TRACE</DefineConstants> | |||
<ErrorReport>prompt</ErrorReport> | |||
<WarningLevel>4</WarningLevel> | |||
<PlatformTarget>x86</PlatformTarget> | |||
</PropertyGroup> | |||
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> | |||
<DebugType>pdbonly</DebugType> | |||
<Optimize>true</Optimize> | |||
<OutputPath>bin\Release\</OutputPath> | |||
<DefineConstants>TRACE</DefineConstants> | |||
<ErrorReport>prompt</ErrorReport> | |||
<WarningLevel>4</WarningLevel> | |||
<PlatformTarget>x86</PlatformTarget> | |||
</PropertyGroup> | |||
<ItemGroup> | |||
<Reference Include="System" /> | |||
<Reference Include="System.Data" /> | |||
<Reference Include="System.Drawing" /> | |||
<Reference Include="System.Management" /> | |||
<Reference Include="System.Management.Automation" /> | |||
<Reference Include="System.Windows.Forms" /> | |||
<Reference Include="System.Xml" /> | |||
<Reference Include="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=MSIL" /> | |||
</ItemGroup> | |||
<ItemGroup> | |||
<Compile Include="PowerShell\Commands\GetDateISO8601.cs" /> | |||
<Compile Include="PowerShell\Commands\GetSecFileIntegrity.cs" /> | |||
<Compile Include="PowerShell\Commands\PoshSecHelloCommand.cs" /> | |||
<Compile Include="PowerShell\Nouns.cs" /> | |||
<Compile Include="Properties\AssemblyInfo.cs" /> | |||
<Service Include="{94E38DFF-614B-4cbd-B67C-F211BB35CE8B}" /> | |||
</ItemGroup> | |||
<ItemGroup> | |||
<None Include="Scripts\Get-SecSoftwareInstalled.ps1" /> | |||
<None Include="Scripts\Get-SecSoftwareIntegrity.ps1" /> | |||
</ItemGroup> | |||
<ItemGroup> | |||
<Folder Include="PowerShell\Automation\" /> | |||
</ItemGroup> | |||
<Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> | |||
<!-- To modify your build process, add your task inside one of the targets below and uncomment it. | |||
Other similar extension points exist, see Microsoft.Common.targets. | |||
<Target Name="BeforeBuild"> | |||
</Target> | |||
<Target Name="AfterBuild"> | |||
</Target> | |||
--> | |||
</Project> |
75 changes: 75 additions & 0 deletions
75
...PowerShell.Commands 3.5/PoshSec.PowerShell.Commands/PowerShell/Commands/GetDateISO8601.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,75 @@ | |||
// <copyright file="PoshSecHelloCommand.cs" company="PoshSec (https://github.com/PoshSec/)"> | |||
// Copyright © 2013 and distributed under the BSD license. | |||
// </copyright> | |||
|
|||
namespace PoshSec.PowerShell.Commands | |||
{ | |||
using System; | |||
using System.Management.Automation; | |||
using Microsoft.PowerShell.Commands; | |||
|
|||
/// <summary> | |||
/// Get a string with a prefix, the current date/time in ISO 8601 format, and a suffix. | |||
/// ISO 8601 Data elements and interchange formats – Information interchange – Representation of dates and time | |||
/// </summary> | |||
[System.Management.Automation.Cmdlet( | |||
System.Management.Automation.VerbsCommon.Get, | |||
PoshSec.PowerShell.Nouns.DateISO8601)] | |||
public class GetDateISO8601 : System.Management.Automation.PSCmdlet | |||
{ | |||
/// <summary> | |||
/// Gets or sets a value indicating the beginning of the string. | |||
/// </summary> | |||
[Parameter(Mandatory = true)] | |||
//public string Prefix { get; set; } | |||
public string Prefix; | |||
|
|||
/// <summary> | |||
/// Gets or sets a value indicating the ending of the string. | |||
/// </summary> | |||
[Parameter(Mandatory = true)] | |||
//public string Suffix { get; set; } | |||
public string Suffix; | |||
|
|||
/// <summary> | |||
/// Gets or sets the value indicating whether to include seconds. | |||
/// </summary> | |||
[Parameter(Mandatory = false)] | |||
//public System.Management.Automation.SwitchParameter Seconds { get; set; } | |||
public System.Management.Automation.SwitchParameter Seconds; | |||
|
|||
/// <summary> | |||
/// Gets or sets the value indicating whether to include milliseconds. | |||
/// </summary> | |||
[Parameter(Mandatory = false)] | |||
//public System.Management.Automation.SwitchParameter Milliseconds { get; set; } | |||
public System.Management.Automation.SwitchParameter Milliseconds; | |||
|
|||
/// <summary> | |||
/// Provides a record-by-record processing functionality for the cmdlet. | |||
/// </summary> | |||
protected override void ProcessRecord() | |||
{ | |||
DateTime now = DateTime.Now; | |||
|
|||
string year = now.Year.ToString("0000"); | |||
string month = now.Month.ToString("00"); | |||
string day = now.Day.ToString("00"); | |||
string hour = now.Hour.ToString("00"); | |||
string minute = now.Minute.ToString("00"); | |||
string second = now.Second.ToString("00"); | |||
string millisecond = now.Millisecond.ToString("000"); | |||
|
|||
string result = string.Format("{0}-{1}-{2}-{3}-{4}-{5}", this.Prefix, year, month, day, hour, minute); | |||
|
|||
if (this.Seconds) | |||
{ | |||
result = string.Concat(result, "-", second); | |||
if (this.Milliseconds) result = string.Concat(result, "-", millisecond); | |||
} | |||
|
|||
result = string.Concat(result, this.Suffix); | |||
this.WriteObject(result); | |||
} | |||
} | |||
} |
114 changes: 114 additions & 0 deletions
114
...Shell.Commands 3.5/PoshSec.PowerShell.Commands/PowerShell/Commands/GetSecFileIntegrity.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,114 @@ | |||
// <copyright file="GetPoshFileIntegrity.cs" company="PoshSec (https://github.com/PoshSec/)"> | |||
// Copyright © 2013 and distributed under the BSD license. | |||
// </copyright> | |||
|
|||
namespace PoshSec.PowerShell.Commands | |||
{ | |||
using System; | |||
using System.Collections.Generic; | |||
using System.IO; | |||
using System.Management.Automation; | |||
using System.Security.Cryptography; | |||
using Microsoft.PowerShell.Commands; | |||
using Microsoft.Win32; | |||
|
|||
/// <summary> | |||
/// Get a string with a prefix, the current date/time in ISO 8601 format, and a suffix. | |||
/// ISO 8601 Data elements and interchange formats – Information interchange – Representation of dates and time | |||
/// </summary> | |||
[System.Management.Automation.Cmdlet( | |||
System.Management.Automation.VerbsCommon.Get, | |||
PoshSec.PowerShell.Nouns.SecFileIntegrity)] | |||
public class GetSecFileIntegrity : System.Management.Automation.PSCmdlet | |||
{ | |||
/// <summary> | |||
/// Provides a record-by-record processing functionality for the cmdlet. | |||
/// </summary> | |||
protected override void ProcessRecord() | |||
{ | |||
string registryKeyName = @"SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths"; | |||
// RegistryKey baseKey = RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Default); | |||
RegistryKey baseKey = Registry.LocalMachine; | |||
RegistryKey subKey = baseKey.OpenSubKey(registryKeyName); | |||
|
|||
SHA1 sha = new SHA1CryptoServiceProvider(); | |||
|
|||
foreach (string app in subKey.GetSubKeyNames()) | |||
{ | |||
PoshSecFileIntegrity fileIntegrity = new PoshSecFileIntegrity(); | |||
|
|||
RegistryKey fileKey = subKey.OpenSubKey(app); | |||
fileIntegrity.RegistryPath = fileKey.Name; | |||
|
|||
// Enumerate the value names, find the default (string.Empty), get the path, and exit | |||
foreach (string name in fileKey.GetValueNames()) | |||
{ | |||
if (name == string.Empty) | |||
{ | |||
string value = fileKey.GetValue(name).ToString(); | |||
value = value.Trim(); | |||
value = value.Trim('"'); | |||
value = value.Trim(); | |||
|
|||
fileIntegrity.FilePath = value; | |||
fileIntegrity.Exists = File.Exists(fileIntegrity.FilePath); | |||
break; | |||
} | |||
} | |||
|
|||
// If the file exists, read the bytes and get the hash | |||
if (fileIntegrity.Exists) | |||
{ | |||
BinaryReader fileStream = new BinaryReader(File.Open(fileIntegrity.FilePath, FileMode.Open, FileAccess.Read, FileShare.ReadWrite)); | |||
byte[] fileBytes = fileStream.ReadBytes((int)fileStream.BaseStream.Length); | |||
byte[] fileHash = sha.ComputeHash(fileBytes); | |||
fileIntegrity.Sha1Hash = Convert.ToBase64String(fileHash); | |||
} | |||
|
|||
// Send the file integrity object onto the pipeline. For baselining, consume with Export-Clixml. | |||
this.WriteObject(fileIntegrity); | |||
} | |||
} | |||
|
|||
/// <summary> | |||
/// PowerShell Security project File Integrity checker. | |||
/// </summary> | |||
private class PoshSecFileIntegrity | |||
{ | |||
/// <summary> | |||
/// Initializes a new instance of the <see cref="PoshSecFileIntegrity"/> class. | |||
/// </summary> | |||
public PoshSecFileIntegrity() | |||
{ | |||
this.Exists = false; | |||
this.FilePath = string.Empty; | |||
this.RegistryPath = string.Empty; | |||
this.Sha1Hash = string.Empty; | |||
} | |||
|
|||
/// <summary> | |||
/// Gets or sets a value indicating whether the file exists on the file system. | |||
/// </summary> | |||
//public bool Exists { get; set; } | |||
public bool Exists; | |||
|
|||
/// <summary> | |||
/// Gets or sets a value indicating the file system path. | |||
/// </summary> | |||
//public string FilePath { get; set; } | |||
public string FilePath; | |||
|
|||
/// <summary> | |||
/// Gets or sets a value indicating the registry path. | |||
/// </summary> | |||
//public string RegistryPath { get; set; } | |||
public string RegistryPath; | |||
|
|||
/// <summary> | |||
/// Gets or sets a value containing the SHA hash in Base64 encoding. | |||
/// </summary> | |||
//public string Sha1Hash { get; set; } | |||
public string Sha1Hash; | |||
} | |||
} | |||
} |
35 changes: 35 additions & 0 deletions
35
...Shell.Commands 3.5/PoshSec.PowerShell.Commands/PowerShell/Commands/PoshSecHelloCommand.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,35 @@ | |||
// <copyright file="PoshSecHelloCommand.cs" company="PoshSec (https://github.com/PoshSec/)"> | |||
// Copyright © 2013 and distributed under the BSD license. | |||
// </copyright> | |||
|
|||
namespace PoshSec.PowerShell.Commands | |||
{ | |||
using System; | |||
using System.Management.Automation; | |||
using Microsoft.PowerShell.Commands; | |||
|
|||
/// <summary> | |||
/// Sample Hello World cmdlet. | |||
/// </summary> | |||
[System.Management.Automation.Cmdlet( | |||
System.Management.Automation.VerbsCommon.Get, | |||
PoshSec.PowerShell.Nouns.PoshSecHello)] | |||
public class PoshSecHelloCommand : System.Management.Automation.PSCmdlet | |||
{ | |||
/// <summary> | |||
/// Gets or sets the person's name. | |||
/// </summary> | |||
[Parameter(Position = 0, Mandatory = true)] | |||
//public string Name { get; set; } | |||
public string Name; | |||
|
|||
/// <summary> | |||
/// Provides a record-by-record processing functionality for the cmdlet. | |||
/// </summary> | |||
protected override void ProcessRecord() | |||
{ | |||
string result = string.Format("Hello world. Hello {0}.", this.Name); | |||
this.WriteObject(result); | |||
} | |||
} | |||
} |
19 changes: 19 additions & 0 deletions
19
PoshSec.PowerShell.Commands 3.5/PoshSec.PowerShell.Commands/PowerShell/Nouns.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,19 @@ | |||
// <copyright file="Nouns.cs" company="PoshSec (https://github.com/PoshSec/)"> | |||
// Copyright © 2013 and distributed under the BSD license. | |||
// </copyright> | |||
|
|||
namespace PoshSec.PowerShell | |||
{ | |||
using System; | |||
|
|||
/// <summary> | |||
/// Defines the common noun names that can be used to name PoshSec cmdlets. | |||
/// </summary> | |||
[System.Diagnostics.CodeAnalysis.SuppressMessage("StyleCop.CSharp.DocumentationRules", "SA1600:ElementsMustBeDocumented", Scope = "module", Justification = "Reviewed. The element names are self-explanatory.")] | |||
internal static class Nouns | |||
{ | |||
public const string PoshSecHello = "PoshSecHello"; | |||
public const string DateISO8601 = "DateISO8601"; | |||
public const string SecFileIntegrity = "SecFileIntegrity"; | |||
} | |||
} |
35 changes: 35 additions & 0 deletions
35
PoshSec.PowerShell.Commands 3.5/PoshSec.PowerShell.Commands/Properties/AssemblyInfo.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,35 @@ | |||
using System.Reflection; | |||
using System.Runtime.CompilerServices; | |||
using System.Runtime.InteropServices; | |||
|
|||
// General Information about an assembly is controlled through the following | |||
// set of attributes. Change these attribute values to modify the information | |||
// associated with an assembly. | |||
[assembly: AssemblyTitle("PoshSec")] | |||
[assembly: AssemblyDescription("PoshSec -- PowerShell Security Module")] | |||
[assembly: AssemblyConfiguration("")] | |||
[assembly: AssemblyCompany("")] | |||
[assembly: AssemblyProduct("")] | |||
[assembly: AssemblyCopyright("Copyright © 2013")] | |||
[assembly: AssemblyTrademark("")] | |||
[assembly: AssemblyCulture("")] | |||
|
|||
// Setting ComVisible to false makes the types in this assembly not visible | |||
// to COM components. If you need to access a type in this assembly from | |||
// COM, set the ComVisible attribute to true on that type. | |||
[assembly: ComVisible(false)] | |||
|
|||
// The following GUID is for the ID of the typelib if this project is exposed to COM | |||
[assembly: Guid("4d6b9b02-3c79-4387-97ea-f8c26e352245")] | |||
|
|||
// Version information for an assembly consists of the following four values: | |||
// | |||
// Major Version | |||
// Minor Version | |||
// Build Number | |||
// Revision | |||
// | |||
// You can specify all the values or you can default the Revision and Build Numbers | |||
// by using the '*' as shown below: | |||
[assembly: AssemblyVersion("0.1.0.0")] | |||
[assembly: AssemblyFileVersion("0.1.0.0")] |
Oops, something went wrong.