Permalink
Fetching contributors…
Cannot retrieve contributors at this time
executable file 247 lines (203 sloc) 6.71 KB
#!/bin/bash
###################################################################
# Prey Windows Specific Functions - by Tomas Pollak (bootlog.org)
# URL: http://preyproject.com
# License: GPLv3
####################################################################
run_as_current_user(){
if [ "$(whoami)" == "SYSTEM" ]; then
userrun $1
else # username exists
eval $1
fi
}
############################################
# verification stuff
############################################
verify_installation(){
# check prey service on
log " -- Checking if Prey's cron service is running..."
if [ -n `is_process_running "cronsvc.exe"` ]; then
log " -- Cron service up and running. Good."
elif [ -n `is_process_running "cron.exe"` ]; then
log " -- Cron.exe up. You're OK, but you should switch to System mode, otherwise auto-updating won't work!"
else
log " !! Cron service not found! Please make sure no antivirus is blocking cron.exe from running. Optionally reinstall. :)"
fi
# check net framework
log ' -- Checking for installed .NET Framework...'
if [ -n "`is_net_framework_installed`" ]; then
log " -- Required .NET version $required_net_version or newer is installed. All good."
else
log " !! .NET framework version $required_net_version or newer not installed!"
fi
}
# returns 1 if it is
is_net_framework_installed() {
local version=`echo $required_net_version | sed 's/\..\./\./'`
local results=`reg query "HKLM\Software\Microsoft\NET Framework Setup\NDP" | sed -e '1,2d' -e 's/[^0-9.]//g' | grep -v "^$"`
for result in `echo -e "$results"`; do
if [[ "$result" == "$version" || `is_greater_than $result $version` == 1 ]]; then
echo 1
break
fi
done
}
############################################
# core network functions
############################################
# used only in network module. system module gets the MAC from wmic
get_mac_address() {
ifconfig //all | grep MAC | sed 's/^.*: //g'
}
# gets all ip addresses or the one from NIC matching a specific MAC
get_ip_address() {
if [ -n "$1" ]; then
ifconfig //all | grep "$1" -A1 | grep "IP" | sed "s/.*:\([0-9\.]*\) .*/\1/"
else # get all ip addresses
ifconfig //all | grep "IP" | sed "s/.*:\([0-9\.]*\) .*/\1/g"
fi
}
# gets all netmasks or the one matching a specific MAC
get_netmask(){
if [ -n "$1" ]; then
ifconfig //all | grep "$1" -A2 | grep "Mask" | sed "s/.*:\([0-9\.]*\) .*/\1/"
else # get all netmasks
ifconfig //all | grep "Mask" | sed "s/.*:\([0-9\.]*\) .*/\1/g"
fi
}
# gets all netmasks or the one matching a specific MAC
get_gateway_ip() {
if [ -n "$1" ]; then
ifconfig //all | grep "$1" -A3 | grep "Gateway" | sed "s/.*:\([0-9\.]*\) .*/\1/"
else # get all netmasks
ifconfig //all | grep "Gateway" | sed "s/.*:\([0-9\.]*\) .*/\1/g"
fi
}
get_system_proxy(){
# remove everything before the http:
proxycfg | grep "Proxy Server" | sed "s/.*http/http/g"
}
get_wifi_info() {
if [ -n "$winxp" ]; then
wifi_info=`autowcxp.exe -list`
else
if [ "`is_net_framework_installed`" == 1 ]; then
wifi_info=`autowc.exe -list`
else
log " !! .NET framework version $required_net_version or newer not installed!"
fi
fi
}
try_to_connect() {
if [ "`is_net_framework_installed`" == 1 ]; then
autowc.exe -connect 2> /dev/null
else
log " !! .NET framework version $required_net_version or newer not installed!"
fi
}
on_demand_stdin(){
local sleep_interval=2
local last_msg=""
while sleep $sleep_interval; do
[ ! -e "$on_demand_pipefile" ] && break
local new_msg=`tail -1 "$on_demand_pipefile"`
[ "$new_msg" != "$last_msg" ] && echo "$new_msg"
last_msg="$new_msg"
done
}
############################################
# module functions
############################################
# transforms integer into miliseconds, assuming integer is a minute
get_delay_for(){
echo $(($1*60*1000))
}
get_random_minute_delay(){
get_delay_for 60
}
# returns 1 if delay is set to regular one-hour interval
one_hour_interval(){
[ "$current_delay" == "$(get_delay_for 60)" ] && echo 1
}
get_current_delay(){
reg query "$prey_reg_key" //v "Delay" | grep Delay | sed "s/[^0-9]*//"
}
update_execution_delay(){
reg add "$prey_reg_key" //v "Delay" //d "$1" //f > /dev/null
}
############################################
# module functions
############################################
is_module_active(){
cat "$base_path/modules/$1/active" 2> /dev/null
}
############################################
# dummy trigger enabling functions
# not needed as the trigger is bundled with Prey's CronService
############################################
# echoes 1 if it is
is_trigger_loaded(){
echo 1
}
reload_trigger(){
return 0
}
unload_trigger(){
return 0
}
############################################
# updater-specific functions
############################################
reset_permissions(){
log ' -- Resetting permissions...'
if [ -n "$winxp" ]; then
local command="echo y| cacls.exe"
local readonly="//t //c //p Everyone:r //g Administrators:f"
local fullaccess="//t //c //p Everyone:f"
else
local command='Icacls.exe'
local readonly="//T //C //grant Everyone:R"
local fullaccess="//T //C //grant Everyone:F"
fi
# perhaps we should iterate over the diff file and only apply this on the
# modified files, but seems like overkill to me -- Tomas
eval $command \"$base_path/*\" "$readonly" &> /dev/null
eval $command \"$base_path/prey.log\" "$fullaccess" &> /dev/null
# eval $command \"$platform_path\tmp\" "$fullaccess" &> /dev/null
}
# this runs in the context of the new process, already daemonized
pre_update_hook(){
# stop the cron service
TASKKILL //F //IM cronsvc.exe //T &> /dev/null
# we also need to make sure the configurator is not running, so we can
# also update it in case its necessary
local configurator_running=`is_process_running 'prey-config.exe'`
if [ -n "$configurator_running" ]; then
log ' -- Forcing shutdown of Prey Configurator... Sorry!'
TASKKILL //F //IM prey-config.exe //T &> /dev/null
fi
return 0
}
# lets restart prey so it refreshes with the new status
post_update_hook(){
reset_permissions
log ' -- Restarting Prey Cron Service...'
net start CronService
}
############################################
# Device creation parameters
############################################
get_current_hostname(){
reg query "HKLM\System\CurrentControlSet\Control\ComputerName\ComputerName" | grep ComputerName | tail -1 | awk '{print $3}'
}
get_pc_info(){
pc_name=$(get_current_hostname)
local chassis_type=`echo 'systemenclosure get ChassisTypes' | wmic 2> /dev/null | grep '{' | sed 's/[^0-9]//g'`
if [[ $chassis_type == "8" || $chassis_type == "9" || $chassis_type == "10" || $chassis_type == "11" || $chassis_type == "14" ]]; then
pc_type="Laptop"
else
pc_type="Desktop"
fi
rm -f "$base_path/TempWmicBatchFile.bat" 2> /dev/null
}