Skip to content

Commit 8b83054

Browse files
jakehildrethjakehildreth
authored
Merge pull request #175 from TrimarcJake/add-ps7-support-to-esc8-detections
PS7 Versions of Detections Never PRed into testing or main. Oops.
2 parents 0773381 + daa17f7 commit 8b83054

File tree

3 files changed

+92
-24
lines changed

3 files changed

+92
-24
lines changed

Invoke-Locksmith.ps1

+28-12
Original file line numberDiff line numberDiff line change
@@ -1975,17 +1975,33 @@ function Set-AdditionalCAProperty {
19751975

19761976
begin {
19771977
$CAEnrollmentEndpoint = @()
1978-
$code = @"
1979-
using System.Net;
1980-
using System.Security.Cryptography.X509Certificates;
1981-
public class TrustAllCertsPolicy : ICertificatePolicy {
1982-
public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) {
1983-
return true;
1984-
}
1985-
}
1978+
if ($PSVersionTable.PSEdition -eq 'Desktop') {
1979+
$code = @"
1980+
using System.Net;
1981+
using System.Security.Cryptography.X509Certificates;
1982+
public class TrustAllCertsPolicy : ICertificatePolicy {
1983+
public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) {
1984+
return true;
1985+
}
1986+
}
19861987
"@
1987-
Add-Type -TypeDefinition $code -Language CSharp
1988-
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
1988+
Add-Type -TypeDefinition $code -Language CSharp
1989+
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
1990+
}
1991+
else {
1992+
Add-Type @"
1993+
using System.Net;
1994+
using System.Security.Cryptography.X509Certificates;
1995+
using System.Net.Security;
1996+
public class TrustAllCertsPolicy {
1997+
public static bool TrustAllCerts(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) {
1998+
return true;
1999+
}
2000+
}
2001+
"@
2002+
# Set the ServerCertificateValidationCallback
2003+
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = [TrustAllCertsPolicy]::TrustAllCerts
2004+
}
19892005
}
19902006

19912007
process {
@@ -2011,7 +2027,7 @@ public class TrustAllCertsPolicy : ICertificatePolicy {
20112027
try {
20122028
$FullURL = "https$URL"
20132029
$Request = [System.Net.WebRequest]::Create($FullURL)
2014-
2030+
20152031
$Request.GetResponse() | Out-Null
20162032
$CAEnrollmentEndpoint += @{
20172033
'URL' = $FullURL
@@ -2048,7 +2064,7 @@ public class TrustAllCertsPolicy : ICertificatePolicy {
20482064
$CAHostFQDN = (Get-ADObject -Filter { (Name -eq $CAHostName) -and (objectclass -eq 'computer') } -Properties DnsHostname -Server $ForestGC).DnsHostname
20492065
}
20502066
$ping = Test-Connection -ComputerName $CAHostFQDN -Quiet -Count 1
2051-
if ($ping) {
2067+
if ($ping) {
20522068
try {
20532069
if ($Credential) {
20542070
$CertutilAudit = Invoke-Command -ComputerName $CAHostname -Credential $Credential -ScriptBlock { param($CAFullName); certutil -config $CAFullName -getreg CA\AuditFilter } -ArgumentList $CAFullName

Private/Set-AdditionalCAProperty.ps1

+27-12
Original file line numberDiff line numberDiff line change
@@ -37,17 +37,32 @@
3737

3838
begin {
3939
$CAEnrollmentEndpoint = @()
40-
$code= @"
41-
using System.Net;
42-
using System.Security.Cryptography.X509Certificates;
43-
public class TrustAllCertsPolicy : ICertificatePolicy {
44-
public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) {
45-
return true;
46-
}
47-
}
40+
if ($PSVersionTable.PSEdition -eq 'Desktop') {
41+
$code= @"
42+
using System.Net;
43+
using System.Security.Cryptography.X509Certificates;
44+
public class TrustAllCertsPolicy : ICertificatePolicy {
45+
public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) {
46+
return true;
47+
}
48+
}
4849
"@
49-
Add-Type -TypeDefinition $code -Language CSharp
50-
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
50+
Add-Type -TypeDefinition $code -Language CSharp
51+
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
52+
} else {
53+
Add-Type @"
54+
using System.Net;
55+
using System.Security.Cryptography.X509Certificates;
56+
using System.Net.Security;
57+
public class TrustAllCertsPolicy {
58+
public static bool TrustAllCerts(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) {
59+
return true;
60+
}
61+
}
62+
"@
63+
# Set the ServerCertificateValidationCallback
64+
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = [TrustAllCertsPolicy]::TrustAllCerts
65+
}
5166
}
5267

5368
process {
@@ -72,7 +87,7 @@ public class TrustAllCertsPolicy : ICertificatePolicy {
7287
try {
7388
$FullURL = "https$URL"
7489
$Request = [System.Net.WebRequest]::Create($FullURL)
75-
90+
7691
$Request.GetResponse() | Out-Null
7792
$CAEnrollmentEndpoint += @{
7893
'URL' = $FullURL
@@ -106,7 +121,7 @@ public class TrustAllCertsPolicy : ICertificatePolicy {
106121
$CAHostFQDN = (Get-ADObject -Filter { (Name -eq $CAHostName) -and (objectclass -eq 'computer') } -Properties DnsHostname -Server $ForestGC).DnsHostname
107122
}
108123
$ping = Test-Connection -ComputerName $CAHostFQDN -Quiet -Count 1
109-
if ($ping) {
124+
if ($ping) {
110125
try {
111126
if ($Credential) {
112127
$CertutilAudit = Invoke-Command -ComputerName $CAHostname -Credential $Credential -ScriptBlock { param($CAFullName); certutil -config $CAFullName -getreg CA\AuditFilter } -ArgumentList $CAFullName

Private/Show-LocksmithLogo.ps1

+37
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
function Show-LocksmithLogo {
2+
Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%'
3+
Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%'
4+
Write-Host '%%%%%%%%%%%%%%%%%#+==============#%%%%%%%%%%%%%%%%%'
5+
Write-Host '%%%%%%%%%%%%%%#=====================#%%%%%%%%%%%%%%'
6+
Write-Host '%%%%%%%%%%%%#=========================#%%%%%%%%%%%%'
7+
Write-Host '%%%%%%%%%%%=============================%%%%%%%%%%%'
8+
Write-Host '%%%%%%%%%#==============+++==============#%%%%%%%%%'
9+
Write-Host '%%%%%%%%#===========#%%%%%%%%%#===========#%%%%%%%%'
10+
Write-Host '%%%%%%%%==========%%%%%%%%%%%%%%%==========%%%%%%%%'
11+
Write-Host '%%%%%%%*=========%%%%%%%%%%%%%%%%%=========*%%%%%%%'
12+
Write-Host '%%%%%%%+========*%%%%%%%%%%%%%%%%%#=========%%%%%%%'
13+
Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
14+
Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
15+
Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
16+
Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
17+
Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%'
18+
Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%'
19+
Write-Host '#=================================================#'
20+
Write-Host '#=================================================#'
21+
Write-Host '#=================+%%%============================#'
22+
Write-Host '#==================%%%%*==========================#'
23+
Write-Host '#===================*%%%%+========================#'
24+
Write-Host '#=====================#%%%%=======================#'
25+
Write-Host '#======================+%%%%#=====================#'
26+
Write-Host '#========================*%%%%*===================#'
27+
Write-Host '#========================+%%%%%===================#'
28+
Write-Host '#======================#%%%%%+====================#'
29+
Write-Host '#===================+%%%%%%=======================#'
30+
Write-Host '#=================#%%%%%+=========================#'
31+
Write-Host '#==============+%%%%%#============================#'
32+
Write-Host '#============*%%%%%+====+%%%%%%%%%%===============#'
33+
Write-Host '#=============%%*========+********+===============#'
34+
Write-Host '#=================================================#'
35+
Write-Host '#=================================================#'
36+
Write-Host '#=================================================#'
37+
}

0 commit comments

Comments
 (0)