PoshSec Commands for .NET 3.5

Built a dll for .net 3.5 and powershell 2.0 support.
Fixed some code that was implicitly handled by .net 4.0 that has to be
explicitly handled by 3.5.
I just commented out the code instead of replacing the lines that needed
to be changed.

PoshSec.PowerShell.Commands 3.5/PoshSec.PowerShell.Commands.sln

@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual Studio 2005
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "PoshSec.PowerShell.Commands", "PoshSec.PowerShell.Commands\PoshSec.PowerShell.Commands.csproj", "{87598CD5-263C-41D0-A6E0-AD4851607CCE}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{87598CD5-263C-41D0-A6E0-AD4851607CCE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{87598CD5-263C-41D0-A6E0-AD4851607CCE}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{87598CD5-263C-41D0-A6E0-AD4851607CCE}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{87598CD5-263C-41D0-A6E0-AD4851607CCE}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal

PoshSec.PowerShell.Commands 3.5/PoshSec.PowerShell.Commands/PoshSec.PowerShell.Commands.csproj

@@ -0,0 +1,65 @@
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProductVersion>8.0.50727</ProductVersion>
+    <SchemaVersion>2.0</SchemaVersion>
+    <ProjectGuid>{87598CD5-263C-41D0-A6E0-AD4851607CCE}</ProjectGuid>
+    <OutputType>Library</OutputType>
+    <AppDesignerFolder>Properties</AppDesignerFolder>
+    <RootNamespace>PoshSec.PowerShell.Commands</RootNamespace>
+    <AssemblyName>PoshSec.PowerShell.Commands</AssemblyName>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+    <PlatformTarget>x86</PlatformTarget>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+    <PlatformTarget>x86</PlatformTarget>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="System" />
+    <Reference Include="System.Data" />
+    <Reference Include="System.Drawing" />
+    <Reference Include="System.Management" />
+    <Reference Include="System.Management.Automation" />
+    <Reference Include="System.Windows.Forms" />
+    <Reference Include="System.Xml" />
+    <Reference Include="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=MSIL" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="PowerShell\Commands\GetDateISO8601.cs" />
+    <Compile Include="PowerShell\Commands\GetSecFileIntegrity.cs" />
+    <Compile Include="PowerShell\Commands\PoshSecHelloCommand.cs" />
+    <Compile Include="PowerShell\Nouns.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
+    <Service Include="{94E38DFF-614B-4cbd-B67C-F211BB35CE8B}" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="Scripts\Get-SecSoftwareInstalled.ps1" />
+    <None Include="Scripts\Get-SecSoftwareIntegrity.ps1" />
+  </ItemGroup>
+  <ItemGroup>
+    <Folder Include="PowerShell\Automation\" />
+  </ItemGroup>
+  <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
+  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
+       Other similar extension points exist, see Microsoft.Common.targets.
+  <Target Name="BeforeBuild">
+  </Target>
+  <Target Name="AfterBuild">
+  </Target>
+  -->
+</Project>

PoshSec.PowerShell.Commands 3.5/PoshSec.PowerShell.Commands/PowerShell/Commands/GetDateISO8601.cs

@@ -0,0 +1,75 @@
+// <copyright file="PoshSecHelloCommand.cs" company="PoshSec (https://github.com/PoshSec/)">
+//     Copyright © 2013 and distributed under the BSD license.
+// </copyright>
+
+namespace PoshSec.PowerShell.Commands
+{
+    using System;
+    using System.Management.Automation;
+    using Microsoft.PowerShell.Commands;
+
+    /// <summary>
+    /// Get a string with a prefix, the current date/time in ISO 8601 format, and a suffix.
+    /// ISO 8601 Data elements and interchange formats – Information interchange – Representation of dates and time
+    /// </summary>
+    [System.Management.Automation.Cmdlet(
+        System.Management.Automation.VerbsCommon.Get,
+        PoshSec.PowerShell.Nouns.DateISO8601)]
+    public class GetDateISO8601 : System.Management.Automation.PSCmdlet
+    {
+        /// <summary>
+        /// Gets or sets a value indicating the beginning of the string.
+        /// </summary>
+        [Parameter(Mandatory = true)]
+        //public string Prefix { get; set; }
+        public string Prefix;
+
+        /// <summary>
+        /// Gets or sets a value indicating the ending of the string.
+        /// </summary>
+        [Parameter(Mandatory = true)]
+        //public string Suffix { get; set; }
+        public string Suffix;
+
+        /// <summary>
+        /// Gets or sets the value indicating whether to include seconds.
+        /// </summary>
+        [Parameter(Mandatory = false)]
+        //public System.Management.Automation.SwitchParameter Seconds { get; set; }
+        public System.Management.Automation.SwitchParameter Seconds;
+
+        /// <summary>
+        /// Gets or sets the value indicating whether to include milliseconds.
+        /// </summary>
+        [Parameter(Mandatory = false)]
+        //public System.Management.Automation.SwitchParameter Milliseconds { get; set; }
+        public System.Management.Automation.SwitchParameter Milliseconds;
+
+        /// <summary>
+        /// Provides a record-by-record processing functionality for the cmdlet.
+        /// </summary>
+        protected override void ProcessRecord()
+        {
+            DateTime now = DateTime.Now;
+
+            string year = now.Year.ToString("0000");
+            string month = now.Month.ToString("00");
+            string day = now.Day.ToString("00");
+            string hour = now.Hour.ToString("00");
+            string minute = now.Minute.ToString("00");
+            string second = now.Second.ToString("00");
+            string millisecond = now.Millisecond.ToString("000");
+
+            string result = string.Format("{0}-{1}-{2}-{3}-{4}-{5}", this.Prefix, year, month, day, hour, minute);
+
+            if (this.Seconds)
+            {
+                result = string.Concat(result, "-", second);
+                if (this.Milliseconds) result = string.Concat(result, "-", millisecond);
+            }
+
+            result = string.Concat(result, this.Suffix);
+            this.WriteObject(result);
+        }
+    }
+}

PoshSec.PowerShell.Commands 3.5/PoshSec.PowerShell.Commands/PowerShell/Commands/GetSecFileIntegrity.cs

@@ -0,0 +1,114 @@
+// <copyright file="GetPoshFileIntegrity.cs" company="PoshSec (https://github.com/PoshSec/)">
+//     Copyright © 2013 and distributed under the BSD license.
+// </copyright>
+
+namespace PoshSec.PowerShell.Commands
+{
+    using System;
+    using System.Collections.Generic;
+    using System.IO;
+    using System.Management.Automation;
+    using System.Security.Cryptography;
+    using Microsoft.PowerShell.Commands;
+    using Microsoft.Win32;
+
+    /// <summary>
+    /// Get a string with a prefix, the current date/time in ISO 8601 format, and a suffix.
+    /// ISO 8601 Data elements and interchange formats – Information interchange – Representation of dates and time
+    /// </summary>
+    [System.Management.Automation.Cmdlet(
+        System.Management.Automation.VerbsCommon.Get,
+        PoshSec.PowerShell.Nouns.SecFileIntegrity)]
+    public class GetSecFileIntegrity : System.Management.Automation.PSCmdlet
+    {
+        /// <summary>
+        /// Provides a record-by-record processing functionality for the cmdlet.
+        /// </summary>
+        protected override void ProcessRecord()
+        {
+            string registryKeyName = @"SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths";
+            // RegistryKey baseKey = RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Default);
+            RegistryKey baseKey = Registry.LocalMachine;
+            RegistryKey subKey = baseKey.OpenSubKey(registryKeyName);
+
+            SHA1 sha = new SHA1CryptoServiceProvider();
+
+            foreach (string app in subKey.GetSubKeyNames())
+            {
+                PoshSecFileIntegrity fileIntegrity = new PoshSecFileIntegrity();
+
+                RegistryKey fileKey = subKey.OpenSubKey(app);
+                fileIntegrity.RegistryPath = fileKey.Name;
+
+                // Enumerate the value names, find the default (string.Empty), get the path, and exit
+                foreach (string name in fileKey.GetValueNames())
+                {
+                    if (name == string.Empty)
+                    {
+                        string value = fileKey.GetValue(name).ToString();
+                        value = value.Trim();
+                        value = value.Trim('"');
+                        value = value.Trim();
+
+                        fileIntegrity.FilePath = value;
+                        fileIntegrity.Exists = File.Exists(fileIntegrity.FilePath);
+                        break;
+                    }
+                }
+
+                // If the file exists, read the bytes and get the hash
+                if (fileIntegrity.Exists)
+                {
+                    BinaryReader fileStream = new BinaryReader(File.Open(fileIntegrity.FilePath, FileMode.Open, FileAccess.Read, FileShare.ReadWrite));
+                    byte[] fileBytes = fileStream.ReadBytes((int)fileStream.BaseStream.Length);
+                    byte[] fileHash = sha.ComputeHash(fileBytes);
+                    fileIntegrity.Sha1Hash = Convert.ToBase64String(fileHash);
+                }
+
+                // Send the file integrity object onto the pipeline. For baselining, consume with Export-Clixml.
+                this.WriteObject(fileIntegrity);
+            }
+        }
+
+        /// <summary>
+        /// PowerShell Security project File Integrity checker.
+        /// </summary>
+        private class PoshSecFileIntegrity
+        {
+            /// <summary>
+            /// Initializes a new instance of the <see cref="PoshSecFileIntegrity"/> class.
+            /// </summary>
+            public PoshSecFileIntegrity()
+            {
+                this.Exists = false;
+                this.FilePath = string.Empty;
+                this.RegistryPath = string.Empty;
+                this.Sha1Hash = string.Empty;
+            }
+
+            /// <summary>
+            /// Gets or sets a value indicating whether the file exists on the file system.
+            /// </summary>
+            //public bool Exists { get; set; }
+            public bool Exists;
+
+            /// <summary>
+            /// Gets or sets a value indicating the file system path.
+            /// </summary>
+            //public string FilePath { get; set; }
+            public string FilePath;
+
+            /// <summary>
+            /// Gets or sets a value indicating the registry path.
+            /// </summary>
+            //public string RegistryPath { get; set; }
+            public string RegistryPath;
+
+            /// <summary>
+            /// Gets or sets a value containing the SHA hash in Base64 encoding.
+            /// </summary>
+            //public string Sha1Hash { get; set; }
+            public string Sha1Hash;
+        }
+    }
+}

PoshSec.PowerShell.Commands 3.5/PoshSec.PowerShell.Commands/PowerShell/Commands/PoshSecHelloCommand.cs

@@ -0,0 +1,35 @@
+// <copyright file="PoshSecHelloCommand.cs" company="PoshSec (https://github.com/PoshSec/)">
+//     Copyright © 2013 and distributed under the BSD license.
+// </copyright>
+
+namespace PoshSec.PowerShell.Commands
+{
+    using System;
+    using System.Management.Automation;
+    using Microsoft.PowerShell.Commands;
+
+    /// <summary>
+    /// Sample Hello World cmdlet.
+    /// </summary>
+    [System.Management.Automation.Cmdlet(
+        System.Management.Automation.VerbsCommon.Get,
+        PoshSec.PowerShell.Nouns.PoshSecHello)]
+    public class PoshSecHelloCommand : System.Management.Automation.PSCmdlet
+    {
+        /// <summary>
+        /// Gets or sets the person's name.
+        /// </summary>
+        [Parameter(Position = 0, Mandatory = true)]
+        //public string Name { get; set; }
+        public string Name;
+
+        /// <summary>
+        /// Provides a record-by-record processing functionality for the cmdlet.
+        /// </summary>
+        protected override void ProcessRecord()
+        {
+            string result = string.Format("Hello world. Hello {0}.", this.Name);
+            this.WriteObject(result);
+        }
+    }
+}

PoshSec.PowerShell.Commands 3.5/PoshSec.PowerShell.Commands/PowerShell/Nouns.cs

@@ -0,0 +1,19 @@
+// <copyright file="Nouns.cs" company="PoshSec (https://github.com/PoshSec/)">
+//     Copyright © 2013 and distributed under the BSD license.
+// </copyright>
+
+namespace PoshSec.PowerShell
+{
+    using System;
+
+    /// <summary>
+    /// Defines the common noun names that can be used to name PoshSec cmdlets.
+    /// </summary>
+    [System.Diagnostics.CodeAnalysis.SuppressMessage("StyleCop.CSharp.DocumentationRules", "SA1600:ElementsMustBeDocumented", Scope = "module", Justification = "Reviewed. The element names are self-explanatory.")]
+    internal static class Nouns
+    {
+        public const string PoshSecHello = "PoshSecHello";
+        public const string DateISO8601 = "DateISO8601";
+        public const string SecFileIntegrity = "SecFileIntegrity";
+    }
+}

PoshSec.PowerShell.Commands 3.5/PoshSec.PowerShell.Commands/Properties/AssemblyInfo.cs

@@ -0,0 +1,35 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// General Information about an assembly is controlled through the following 
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("PoshSec")]
+[assembly: AssemblyDescription("PoshSec -- PowerShell Security Module")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("")]
+[assembly: AssemblyCopyright("Copyright ©  2013")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// Setting ComVisible to false makes the types in this assembly not visible 
+// to COM components.  If you need to access a type in this assembly from 
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("4d6b9b02-3c79-4387-97ea-f8c26e352245")]
+
+// Version information for an assembly consists of the following four values:
+//
+//      Major Version
+//      Minor Version 
+//      Build Number
+//      Revision
+//
+// You can specify all the values or you can default the Revision and Build Numbers 
+// by using the '*' as shown below:
+[assembly: AssemblyVersion("0.1.0.0")]
+[assembly: AssemblyFileVersion("0.1.0.0")]