MyFavMirrors
/
MeshCentral
mirror of https://github.com/Ylianst/MeshCentral.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added Windows Security Center hooks

This commit is contained in:
Bryan Roe 2021-01-21 10:01:09 -08:00
parent fe37dd58aa
commit 14c1a5f860
3 changed files with 238 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
agents/meshcore.js
View File

@ -4147,14 +4147,17 @@ function createMeshCore(agent) {
}
// Called periodically to check if we need to send updates to the server
function sendPeriodicServerUpdate(flags, force) {
function sendPeriodicServerUpdate(flags, force)
{
if (meshServerConnectionState == 0) return; // Not connected to server, do nothing.
if (!flags) { flags = 0xFFFFFFFF; }
// If we have a connected MEI, get Intel ME information
if ((flags & 1) && (amt != null) && (amt.state == 2)) {
if ((flags & 1) && (amt != null) && (amt.state == 2))
{
delete meshCoreObj.intelamt;
amt.getMeiState(9, function (meinfo) {
amt.getMeiState(9, function (meinfo)
{
meshCoreObj.intelamt = meinfo;
meshCoreObj.intelamt.microlms = amt.lmsstate;
meshCoreObjChanged();
@ -4165,17 +4168,40 @@ function createMeshCore(agent) {
if (flags & 2) { sendNetworkUpdateNagle(false); }
// Update anti-virus information
if ((flags & 4) && (process.platform == 'win32')) {
if ((flags & 4) && (process.platform == 'win32'))
{
// Windows Command: "wmic /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct get /FORMAT:CSV"
try { meshCoreObj.av = require('win-info').av(); meshCoreObjChanged(); } catch (e) { av = null; } // Antivirus
//if (process.platform == 'win32') { try { meshCoreObj.pr = require('win-info').pendingReboot(); meshCoreObjChanged(); } catch (e) { meshCoreObj.pr = null; } } // Pending reboot
}
if (process.platform == 'win32')
{
if(require('MeshAgent')._securitycenter == null)
{
try
{
require('MeshAgent')._securitycenter = require('win-securitycenter').status();
meshCoreObj['windowsSecurityCenter'] = require('MeshAgent')._securitycenter;
require('win-securitycenter').on('changed', function ()
{
require('MeshAgent')._securitycenter = require('win-securitycenter').status();
meshCoreObj['windowsSecurityCenter'] = require('MeshAgent')._securitycenter;
require('MeshAgent').SendCommand({ windowsSecurityCenter: require('MeshAgent')._securitycenter });
});
}
catch(e)
{
}
}
}
// Send available data right now
if (force) {
if (force)
{
meshCoreObj = sortObjRec(meshCoreObj);
var x = JSON.stringify(meshCoreObj);
if (x != LastPeriodicServerUpdate) {
if (x != LastPeriodicServerUpdate)
{
LastPeriodicServerUpdate = x;
mesh.SendCommand(meshCoreObj);
}
@ -4186,11 +4212,13 @@ function createMeshCore(agent) {
var LastPeriodicServerUpdate = null;
var PeriodicServerUpdateNagleTimer = null;
function meshCoreObjChanged() { if (PeriodicServerUpdateNagleTimer == null) { PeriodicServerUpdateNagleTimer = setTimeout(meshCoreObjChangedEx, 500); } }
function meshCoreObjChangedEx() {
function meshCoreObjChangedEx()
{
PeriodicServerUpdateNagleTimer = null;
meshCoreObj = sortObjRec(meshCoreObj);
var x = JSON.stringify(meshCoreObj);
if (x != LastPeriodicServerUpdate) {
if (x != LastPeriodicServerUpdate)
{
try { LastPeriodicServerUpdate = x; mesh.SendCommand(meshCoreObj); } catch (ex) { }
}
}

101
agents/modules_meshcmd/win-securitycenter.js Normal file
View File

@ -0,0 +1,101 @@
/*
Copyright 2021 Intel Corporation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
var seccenter = null;
var WSC_SECURITY_PROVIDER_FIREWALL = 0x1;
var WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS = 0x2;
var WSC_SECURITY_PROVIDER_ANTIVIRUS = 0x4;
var WSC_SECURITY_PROVIDER_ANTISPYWARE = 0x8;
var WSC_SECURITY_PROVIDER_HEALTH_GOOD = 0; // Green pillar in English locales
var WSC_SECURITY_PROVIDER_HEALTH_NOTMONITORED = 1; // Yellow pillar in English locales
var WSC_SECURITY_PROVIDER_HEALTH_POOR = 2; // Red pillar in English locales
var WSC_SECURITY_PROVIDER_HEALTH_SNOOZE = 3; // Yellow pillar in English locales
try
{
seccenter = require('_GenericMarshal').CreateNativeProxy('Wscapi.dll');
seccenter.CreateMethod('WscGetSecurityProviderHealth');
seccenter.CreateMethod('WscRegisterForChanges');
seccenter.CreateMethod('WscUnRegisterChanges');
}
catch(e)
{
}
function statusString(val)
{
var ret = 'UNKNOWN';
switch (val)
{
case 0:
ret = 'OK';
break;
case 1:
case 3:
ret = 'WARNING';
break;
case 2:
ret = 'PROBLEM';
break;
default:
ret = 'UNKNOWN';
break;
}
return (ret);
}
function getStatus()
{
var ret = { firewall: 'UNKNOWN', antiVirus: 'UNKNOWN', autoUpdate: 'UNKNOWN' };
if (seccenter != null)
{
var status = require('_GenericMarshal').CreateVariable(4);
if (seccenter.WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_FIREWALL, status).Val == 0) { ret.firewall = statusString(status.toBuffer().readUInt32LE()); }
if (seccenter.WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_ANTIVIRUS, status).Val == 0) { ret.antiVirus = statusString(status.toBuffer().readUInt32LE()); }
if (seccenter.WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS, status).Val == 0) { ret.autoUpdate = statusString(status.toBuffer().readUInt32LE()); }
}
return (ret);
}
if (process.platform == 'win32' && seccenter != null)
{
var j = { status: getStatus };
require('events').EventEmitter.call(j, true)
.createEvent('changed');
j._H = require('_GenericMarshal').CreatePointer();
j._EV = require('_GenericMarshal').GetGenericGlobalCallback(1);
j._EV.parent = j;
j._EV.on('GlobalCallback', function (p)
{
if (!this.ObjectToPtr_Verify(this.parent, p)) { return; } // This event is not for us
this.parent.emit('changed');
});
j.on('~', function ()
{
if (seccenter.WscUnRegisterChanges(this._H).Val == 0) { }
});
if (seccenter.WscRegisterForChanges(0, j._H, j._EV, require('_GenericMarshal').ObjectToPtr(j)).Val == 0)
{
j._H = j._H.Deref();
}
module.exports = j;
}
else
{
throw ('win-securitycenter not supported on this platform');
}

101
agents/modules_meshcore/win-securitycenter.js Normal file
View File

@ -0,0 +1,101 @@
/*
Copyright 2021 Intel Corporation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
var seccenter = null;
var WSC_SECURITY_PROVIDER_FIREWALL = 0x1;
var WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS = 0x2;
var WSC_SECURITY_PROVIDER_ANTIVIRUS = 0x4;
var WSC_SECURITY_PROVIDER_ANTISPYWARE = 0x8;
var WSC_SECURITY_PROVIDER_HEALTH_GOOD = 0; // Green pillar in English locales
var WSC_SECURITY_PROVIDER_HEALTH_NOTMONITORED = 1; // Yellow pillar in English locales
var WSC_SECURITY_PROVIDER_HEALTH_POOR = 2; // Red pillar in English locales
var WSC_SECURITY_PROVIDER_HEALTH_SNOOZE = 3; // Yellow pillar in English locales
try
{
seccenter = require('_GenericMarshal').CreateNativeProxy('Wscapi.dll');
seccenter.CreateMethod('WscGetSecurityProviderHealth');
seccenter.CreateMethod('WscRegisterForChanges');
seccenter.CreateMethod('WscUnRegisterChanges');
}
catch(e)
{
}
function statusString(val)
{
var ret = 'UNKNOWN';
switch (val)
{
case 0:
ret = 'OK';
break;
case 1:
case 3:
ret = 'WARNING';
break;
case 2:
ret = 'PROBLEM';
break;
default:
ret = 'UNKNOWN';
break;
}
return (ret);
}
function getStatus()
{
var ret = { firewall: 'UNKNOWN', antiVirus: 'UNKNOWN', autoUpdate: 'UNKNOWN' };
if (seccenter != null)
{
var status = require('_GenericMarshal').CreateVariable(4);
if (seccenter.WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_FIREWALL, status).Val == 0) { ret.firewall = statusString(status.toBuffer().readUInt32LE()); }
if (seccenter.WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_ANTIVIRUS, status).Val == 0) { ret.antiVirus = statusString(status.toBuffer().readUInt32LE()); }
if (seccenter.WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS, status).Val == 0) { ret.autoUpdate = statusString(status.toBuffer().readUInt32LE()); }
}
return (ret);
}
if (process.platform == 'win32' && seccenter != null)
{
var j = { status: getStatus };
require('events').EventEmitter.call(j, true)
.createEvent('changed');
j._H = require('_GenericMarshal').CreatePointer();
j._EV = require('_GenericMarshal').GetGenericGlobalCallback(1);
j._EV.parent = j;
j._EV.on('GlobalCallback', function (p)
{
if (!this.ObjectToPtr_Verify(this.parent, p)) { return; } // This event is not for us
this.parent.emit('changed');
});
j.on('~', function ()
{
if (seccenter.WscUnRegisterChanges(this._H).Val == 0) { }
});
if (seccenter.WscRegisterForChanges(0, j._H, j._EV, require('_GenericMarshal').ObjectToPtr(j)).Val == 0)
{
j._H = j._H.Deref();
}
module.exports = j;
}
else
{
throw ('win-securitycenter not supported on this platform');
}