Month: July 2019

Download a file from the web and launch it

$ProcName = "NoSleep.exe"
$WebFile = "https://eddiejackson.net/apps/$ProcName"

Clear-Host

(New-Object System.Net.WebClient).DownloadFile($WebFile,"$env:APPDATA\$ProcName")
Start-Process ("$env:APPDATA\$ProcName")

Notes

Google Link

Something pretty cool, you could use a Google Drive File ID in the script above, with some minor editing (the below ID works):

https://drive.google.com/uc?export=download&id=0B1ZMU4Jk29FPUUpta0drVW05WnM

GDrive Example

(New-Object System.Net.WebClient).DownloadFile("https://drive.google.com/uc?export=download&id=0B1ZMU4Jk29FPUUpta0drVW05WnM","$env:APPDATA\test.jpg")
Start-Process ("$env:APPDATA\test.jpg")

…running the above, will download and launch the test.jpg image. This means, you could store all your files on a Google Drive, and have users run a “lite” script, which would then download all the necessary resource files from your Google Drive. All permissions and access can be controlled from the Google Drive.

Single liner

powershell.exe -command PowerShell -ExecutionPolicy bypass -noprofile -windowstyle hidden -command (New-Object System.Net.WebClient).DownloadFile('https://eddiejackson.net/apps/NoSleep.exe',"$env:APPDATA\$ProcName");Start-Process ("$env:APPDATA\NoSleep.exe")

Get around the Google Drive Anti-Virus Message

clear-host

$FileName = 'foo.exe'
$FileID = "248ADma5BL7mHsLpsV3ciewy13rlCA8X_"

# set protocol to tls version 1.2
# "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12"

$FolderName = "C:\Download\"
if (Test-Path $FolderName) {

Write-Host "Folder Exists"
}
else
{

New-Item $FolderName -ItemType Directory

}

# Download the virus warning as temp.txt
Invoke-WebRequest -Uri "https://drive.google.com/uc?export=download&id=$FileID" -OutFile "C:\Download\temp.txt"

# Load temp.txt as string
$InputString = Get-Content C:\Download\temp.txt

# Return UUID from string
$match = Select-String "uuid=(.*)" -inputobject $InputString
$retMatch = $match.matches.groups[1].value
$Confirmation_UUID = $retMatch.Substring(0, $retMatch.IndexOf('"'))
$Confirmation_UUID

# Download the real file
Invoke-WebRequest -Uri "https://drive.google.com/uc?export=download&id=$FileID&confirm=t&$Confirmation_UUID" -OutFile "C:\Download\$FileName"

# Clear Session
$Confirmation_UUID = ""
$InputString = ""
$FileName  = ""
$FolderName = ""
$FileID = ""
Remove-Item "C:\Download\temp.txt"

Return all Methods from Net.WebClient

$objWWW = New-Object Net.WebClient
$objWWW | Get-Member

Alternative Download
wget “https://eddiejackson.net/apps/NoSleep.exe” -outfile “NoSleep.exe”

WebClient Class

tags: MrNetTek

This is how you run encoded commands in PowerShell:

#PART1
$Command = "C:\PowerShell\foo_1.exe"
$Encoded = [convert]::ToBase64String([System.Text.encoding]::Unicode.GetBytes($Command))
Write-Host "Command: " $Command

#show encoded command
Write-Host "Encoded command: " $Encoded

#PART2
#run encoded command
cmd /c powershell.exe -encoded "$Encoded"

Output

Notes

Convert.ToBase64String Method

Also see Encoding & Decoding

 

tags: MrNetTek

Something exciting coming from Microsoft…

by Diliprad

On-premises BitLocker management using System Center Configuration Manager

For organizations currently using on-premises management, the best approach still remains getting your Windows devices to a co-managed state, to take advantage of cloud-based BitLocker management with Microsoft Intune. However to support scenarios where cloud is not an option, Microsoft is also introducing BitLocker management through Configuration Manager current branch.

Beginning in June 2019, Configuration Manager will release a product preview for BitLocker management capabilities, followed by general availability later in 2019. Similar to the Intune cloud-based approach, Configuration Manager will support BitLocker for Windows 10 Pro, Windows 10 Enterprise, and Windows 10 Education editions. It will also support Windows 7, Windows 8, and Windows 8.1 during their respective support lifecycles.

 

Configuration Manager (SCCM) will provide the following BitLocker management capabilities:

Provisioning

• Our provisioning solution will ensure that BitLocker will be a seamless experience within the SCCM console while also retaining the breadth of MBAM.

Prepare Trusted Platform Module (TPM)

• Admins can open the TPM management console for TPM versions 1.2 and 2.0. Additionally, SCCM will support TPM+PIN for log in. For those devices without a TPM, we also permit USBs to be used as authenticators on boot.

Setting BitLocker Configuration

• All MBAM configuration specific values that you set will be available through the SCCM console, including: choose drive encryption and cipher strength, configure user exemption policy, fixed data drive encryption settings, and more.

Encryption

• Encryption allows admins to determine the algorithms with which to encrypt the device, the disks that are targeted for encryption, and the baselines users must provide in order to gain access to the disks.

Policy enactment / remediation on device

• Admins can force users to get compliant with new security policies before being able to access the device.

New user can set a pin / password on TPM & non-TPM devices

• Admins can customize their organization’s security profile on a per device basis.

Auto unlock

• Policies to specify whether to unlock only an OS drive, or all attached drives, when a user unlocks the OS drive.

Helpdesk portal with auditing

• A helpdesk portal allows other personas in the organization outside of the SCCM admin to provide help with key recovery, including key rotation and other MBAM-related support cases that may arise.

Key rotation

• Key rotation allows admins to use a single-use key for unlocking a BitLocker encrypted device. Once this key is used, a new key will be generated for the device and stored securely on-premises.

Compliance reporting

• SCCM reporting will include all reports currently found on MBAM in the SCCM console. This includes key details like encryption status per volume, per device, the primary user of the device, compliance status, reasons for non-compliance, etc.

more…

 

tags: MrNetTek

Download

New Pulse Client is available here: https://www.pulsesecure.net/trynow/client-download  mirror

Size

19.6 MB

Silent Install

msiexec /i setup64.msi /qn

msiexec /i setup64.msi SHAREDINSTALL=1 SAVESETTINGS=1 /qn

Silent Uninstall

msiexec /x{89BF84A0-CADC-4C7F-8BF4-21F4A2733746} /qn

msiexec /x{89BF84A0-CADC-4C7F-8BF4-21F4A2733746} SAVESETTINGS=1 /qn

“C:\Program Files (x86)\Pulse Secure\Pulse\PulseUninstall.exe” /silent=1

Registry

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Pulse Secure 9.0]
“DisplayName”=”Pulse Secure 9.0”
“DisplayVersion”=”9.0.1599”
“Publisher”=”Pulse Secure, LLC”
“UninstallString”=”c:\\Program Files (x86)\\Pulse Secure\\Pulse\\PulseUninstall.exe”
“NoRepair”=dword:00000001
“NoModify”=dword:00000001
“DisplayIcon”=”c:\\Program Files (x86)\\Common Files\\Pulse Secure\\JamUI\\Pulse.exe”
“URLInfoAbout”=”http://www.pulsesecure.net/support”

MSI Property Table

There are two properties of relevance here: SHAREDINSTALL and SAVESETTINGS

SHAREDINSTALL = 1  allows multiple users; prevents disconnects

SAVESETTINGS = 1  saves Connections during uninstall

 

Notes

Release Notes

Pulse Secure Admin Guide

 

Settings Location (backup/restore Connections, if needed)

C:\ProgramData\Pulse Secure\ConnectionStore

 

Pulse Helper – must be started to see Connections in Pulse

“C:\Program Files (x86)\Pulse Secure\Pulse\PulseHelper.exe”

 

Other Pulse App GUIDs

{D9687A51-90CB-4691-A458-88517D35A51E}
{1B2D9376-AD97-480C-A3D6-5FBB822294C4}
{EF3E08E0-4B9B-47A4-A318-4C2C816C1C47}
{4320DFAD-6F8C-4FBA-AD0C-5344CD70C9E9}
{D5DE4E9C-D0E8-470B-8F5D-D4F8CA6DF85D}
{B0CFE1C6-6A54-4165-AFC7-62D9259D2EB5}
{BCA8F252-3DA1-4578-B5A0-FC75197FAF0B}
{E936D7F2-D9B3-494E-8433-67A2A496ACF0}
{35A74498-5DA0-4DBC-A91F-C89BEA8090AF}
{557686F0-9C00-456F-AED6-41ABF3DE1A0D}
{20ECE8AB-3378-4A41-83C8-5DA3037F6135}
{9F7F010D-3137-4496-970F-D77A61CE8E92}
{7A39E355-B3CA-4217-A508-05C2FCB7766B}
{6E31DBE8-6F48-4D22-AB10-EA76718532C4}
{7D2309C6-3F67-48B8-B524-522E2756795E}
{D6CAE4C8-27B8-4984-988E-B5A4868070CC}
{BAFD722A-4B9A-4152-B565-5BAFDA00A6BE}

 

tags: Pulse automation, Pulse scripting, MrNetTek

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\UpdateExeVolatile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentSet001\Control\Session Manager\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentSet002\Control\Session Manager\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentSet003\Control\Session Manager\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services\Pending\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired\Mandatory

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\PostRebootReporting

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\DVDRebootSignal

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootInProgress

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ServerManager\CurrentRebootAttempts

 

tags: MrNetTek

The knapsack problem or rucksack problem is a problem in combinatorial optimization: Given a set of items, each with a weight and a value, determine the number of each item to include in a collection so that the total weight is less than or equal to a given limit and the total value is as large as possible.

Here is the problem solved in C# – tested in Visual Studio 2017.

int[] Weights = set of weights
int[] Values = set of Values
int limit = limit using Values

using System;

class Optimization
{

// returns max of two integers
static int Max(int num1, int num2)
{
return (num1 > num2) ? num1 : num2;
}

// returns max values in knapsack
static int Knapsack(int W, int[] weight, int[] value, int n)
{
int i, w;
int[,] TotalValue = new int[n + 1, W + 1];

// bottom up approach
for (i = 0; i <= n; i++)
{
for (w = 0; w <= W; w++)
{
if (i == 0 || w == 0)
TotalValue[i, w] = 0;
else if (weight[i - 1] <= w)
TotalValue[i, w] = Math.Max(value[i - 1]
+ TotalValue[i - 1, w - weight[i - 1]], TotalValue[i - 1, w]);
else
TotalValue[i, w] = TotalValue[i - 1, w];
}
}

return TotalValue[n, W];
}

// entry point
static void Main()
{
int[] Values = new int[] { 50, 80, 110, 230 };
int[] Weights = new int[] { 10, 20, 30, 40 };
int limit = 60;
int n = Weights.Length;

Console.WriteLine("Total value: {0}", Knapsack(limit, Weights, Values, n));
Console.ReadKey();
}
}

Output

The mathematics behind the problem

more about it: PDF

tags: MrNetTek

Download

New Adobe Connect is available from here:

https://helpx.adobe.com/adobe-connect/connect-
downloads-updates.html

 

Size

8.96 MB

Silent Install

setup.msi /qn

Silent Uninstall

msiexec /x{155CFE84-8AD8-41EC-9F0E-5B0041815AD9} /qn

MSI Property Table

 

tags: Adobe Connect automation, MrNetTek

New Skype for Desktop (Windows) is available here:

https://go.skype.com/windows.desktop.download  mirror

 

Size

60.5 MB

Silent Install

setup.exe /VERYSILENT /SP- /NOCANCEL /NORESTART /SUPPRESSMSGBOXES /NOLAUNCH -ms

Silent Uninstall

“C:\Program Files (x86)\Microsoft\Skype for Desktop\unins000.exe” /SILENT

Registry

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Skype_is1]
“Inno Setup: Setup Version”=”5.6.1 (u)”
“Inno Setup: App Path”=”C:\\Program Files (x86)\\Microsoft\\Skype for Desktop”
“InstallLocation”=”C:\\Program Files (x86)\\Microsoft\\Skype for Desktop\\”
“Inno Setup: Icon Group”=”Skype”
“Inno Setup: User”=”Administrator”
“Inno Setup: Language”=”en”
“DisplayName”=”Skype version 8.48”
“DisplayIcon”=”C:\\Program Files (x86)\\Microsoft\\Skype for Desktop\\Skype.exe”
“UninstallString”=”\”C:\\Program Files (x86)\\Microsoft\\Skype for Desktop\\unins000.exe\””
“QuietUninstallString”=”\”C:\\Program Files (x86)\\Microsoft\\Skype for Desktop\\unins000.exe\” /SILENT”
“DisplayVersion”=”8.48”
“Publisher”=”Skype Technologies S.A.”
“URLInfoAbout”=”http://www.skype.com/”
“HelpLink”=”https://support.skype.com/”
“URLUpdateInfo”=”www.skype.com/download-skype/”
“NoModify”=dword:00000001
“NoRepair”=dword:00000001
“InstallDate”=”20190701”
“MajorVersion”=dword:00000008
“MinorVersion”=dword:00000030
“VersionMajor”=dword:00000008
“VersionMinor”=dword:00000030
“EstimatedSize”=dword:00030c7a

 

Notes

Uses asar compression: C:\Program Files (x86)\Microsoft\Skype for Desktop\resources

Disable Skype auto updates

 

tags: MrNetTek