From 36741c767f549b4297889c76cd1b74e15ccefb3a Mon Sep 17 00:00:00 2001 From: Simon Smith Date: Mon, 8 Jan 2024 06:22:17 +0000 Subject: [PATCH] add bitlocker recoverykey to sysinfo (#5671) Signed-off-by: si458 --- .../modules_meshcore/computer-identifiers.js | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/agents/modules_meshcore/computer-identifiers.js b/agents/modules_meshcore/computer-identifiers.js index ff3123f759..f722095a0a 100644 --- a/agents/modules_meshcore/computer-identifiers.js +++ b/agents/modules_meshcore/computer-identifiers.js @@ -430,6 +430,26 @@ function windows_volumes() { ret[key].volumeStatus = tokens[1].split('"')[1]; ret[key].protectionStatus = tokens[2].split('"')[1]; + try { + var str = ''; + var foundMarkedLine = false; + var password = ''; + var child = require('child_process').execFile(process.env['windir'] + '\\system32\\cmd.exe', ['/c', 'manage-bde -protectors -get ', tokens[0].split('"')[1], ' -Type recoverypassword'], {}); + child.stdout.on('data', function (chunk) { str += chunk.toString(); }); + child.stderr.on('data', function (chunk) { str += chunk.toString(); }); + child.waitExit(); + var lines = str.split(/\r?\n/); + for (var i = 0; i < lines.length; i++) { + if (lines[i].trim() !== '' && lines[i].includes('Password:') && !lines[i].includes('Numerical Password:')) { + if (i + 1 < lines.length && lines[i + 1].trim() !== '') { + password = lines[i + 1].trim(); + foundMarkedLine = true; + } + if (foundMarkedLine) break; + } + } + ret[key].recoveryPassword = (foundMarkedLine ? password : ''); + } catch(ex) { } } } this.promise._res(ret);