Commit d068a7df authored by Gabriel Moreau's avatar Gabriel Moreau
Browse files

More simple and robust file. Configure pass for Network Agent uninstall. Limit...

More simple and robust file. Configure pass for Network Agent uninstall. Limit variable. If key file, password are encrypted.
parent bfa43880
......@@ -39,12 +39,12 @@ $Global:SWMB_Custom = @{
NTP_ManualPeerList = "0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org, 3.pool.ntp.org"
# Target Release
ProductVersion = "Windows 10"
ProductVersion = "Windows 10"
TargetReleaseVersionInfo = "21H2"
# Kaspersky Endpoint Security
KesLogin = "KLAdmin"
KesPassword = ""
KesSecureString = ""
KesKeyFile = ""
# Kaspersky Endpoint Security and Network Agent
KesLogin = "KLAdmin"
KesPassword = ""
KesAgentPass = ""
KesKeyFile = ""
}
......@@ -72,12 +72,12 @@ Function TweakUninstallKasperskyEndpoint { # RESINFO
Function _String2Hex {
Param (
[Parameter(Mandatory = $true)] [string]$Text
[string]$Text
)
$CharArray=$Text.ToCharArray()
ForEach ($Char in $CharArray) {
$TextHex = $TextHex + " " + [System.String]::Format("{0:x2}", [System.Convert]::ToUInt32($Char))
$TextHex = $TextHex + [System.String]::Format("{0:x2}", [System.Convert]::ToUInt32($Char))
}
Return $TextHex
}
......@@ -88,27 +88,27 @@ Function TweakUninstallKasperskyEndpoint { # RESINFO
$KesEndpoint = Get-WmiObject win32_product | Where { $_.Name -like "*Kaspersky Endpoint Security*" }
If ($KesEndpoint.IdentifyingNumber) {
Write-Host "Uninstalling Kaspersky version $($KesEndpoint.Version) with GUID => $($KesEndpoint.IdentifyingNumber)"
$PlainPassword=''
If ($($Global:SWMB_Custom.KesPassword)) {
# Batch - password defined in clear text
$PlainPassword = $($Global:SWMB_Custom.KesPassword)
} ElseIf (($($Global:SWMB_Custom.KesSecureString)) -And (Test-Path -LiteralPath "$($Global:SWMB_Custom.KesKeyFile)")) {
$EndpointPlainPassword=''
If (($($Global:SWMB_Custom.KesPassword)) -And (Test-Path -LiteralPath "$($Global:SWMB_Custom.KesKeyFile)")) {
# Batch - encrypted (blurred) password
$CryptPassword = $($Global:SWMB_Custom.KesSecureString) | ConvertTo-SecureString -Key (Get-Content $($Global:SWMB_Custom.KesKeyFile))
$Credential = New-Object System.Management.Automation.PsCredential($($Global:SWMB_Custom.KesLogin),$CryptPassword)
$PlainPassword = $Credential.GetNetworkCredential().Password
$EndpointCryptPassword = $($Global:SWMB_Custom.KesPassword) | ConvertTo-SecureString -Key (Get-Content $($Global:SWMB_Custom.KesKeyFile))
$EndpointCredential = New-Object System.Management.Automation.PsCredential($($Global:SWMB_Custom.KesLogin),$EndpointCryptPassword)
$EndpointPlainPassword = $EndpointCredential.GetNetworkCredential().Password
} ElseIf ($($Global:SWMB_Custom.KesPassword)) {
# Batch - password defined in clear text
$EndpointPlainPassword = $($Global:SWMB_Custom.KesPassword)
}
# Uninstall
$MSIArguments = @(
$MSIEndpointArguments = @(
"/x"
$KesEndpoint.IdentifyingNumber
"KLLOGIN=$($($Global:SWMB_Custom.KesLogin))"
"KLPASSWD=$PlainPassword"
"KLPASSWD=$EndpointPlainPassword"
"/norestart"
"/qn"
)
Start-Process "msiexec.exe" -ArgumentList $MSIArguments -Wait -NoNewWindow
Start-Process "msiexec.exe" -ArgumentList $MSIEndpointArguments -Wait -NoNewWindow
Write-Host "Uninstall finish"
} Else {
Write-Host "Kaspersky Endpoint is not installed on this computer"
......@@ -118,7 +118,26 @@ Function TweakUninstallKasperskyEndpoint { # RESINFO
$KesAgent = Get-WmiObject win32_product | Where { $_.Name -like "*Agent*Kaspersky Security Center*" }
If ($KesAgent.IdentifyingNumber) {
Write-Output "Suppress Agent Kaspersky Security Center $($KesAgent.Version) with GUID => $($KesAgent.IdentifyingNumber)"
Start-Process "msiexec.exe" -ArgumentList "/x $($KesAgent.IdentifyingNumber) /qn" -Wait -NoNewWindow
$AgentPlainPassword=''
If (($($Global:SWMB_Custom.KesAgentPass)) -And (Test-Path -LiteralPath "$($Global:SWMB_Custom.KesKeyFile)")) {
# Batch - encrypted (blurred) password
$AgentCryptPassword = $($Global:SWMB_Custom.KesAgentPass) | ConvertTo-SecureString -Key (Get-Content $($Global:SWMB_Custom.KesKeyFile))
$AgentCredential = New-Object System.Management.Automation.PsCredential($($Global:SWMB_Custom.KesLogin),$AgentCryptPassword)
$AgentPlainPassword = $Credential.GetNetworkCredential().Password
} ElseIf ($($Global:SWMB_Custom.KesAgentPass)) {
# Batch - password defined in clear text
$AgentPlainPassword = $($Global:SWMB_Custom.KesPassword)
}
$AgentHexPassword = (_String2Hex -Text $AgentPlainPassword)
# Uninstall
$MSIAgentArguments = @(
"/x"
$KesAgent.IdentifyingNumber
"KLUNINSTPASSWD=$AgentHexPassword"
"/qn"
)
Start-Process "msiexec.exe" -ArgumentList $MSIAgentArguments -Wait -NoNewWindow
}
Else {
Write-Host "Kaspersky Agent Security Center is not installed on this computer "
......
......@@ -33,7 +33,8 @@ It will ask you to run the command
.\set-password-encrypted.ps1
```
because the Zip archive does not contain the files with the key
and the settings module to give the kaspersky password.
and the settings module to give the Kaspersky Endpoint password
and the uninstall Network Agent password.
Then we restart the uninstallation with again
```ps1
.\install.bat
......@@ -66,27 +67,32 @@ So it is possible to push this package on your WAPT package server
## Configuration module
Therefore, you need a password to ensure this operation.
This password is local to each site.
You will have to configure / customize your SWMB installation
before you can uninstall kaspersky Endpoint.
You may therefore need several passwords to ensure this uninstallation operation.
These passwords are local to each site.
You will need to configure/customize your SWMB installation
before you can uninstall Kaspersky Endpoint and the Network Agent.
This includes the creation of a parameter module
`Custom-VarOverload.psm1` which can be saved in the current folder
or in any other folder...
```ps1
# Kaspersky Endpoint Security
$Global:SWMB_Custom.KesLogin = "KLAdmin"
$Global:SWMB_Custom.KesLogin = "KLAdmin"
# If clear password
$Global:SWMB_Custom.KesPassword = ""
$Global:SWMB_Custom.KesPassword = ""
$Global:SWMB_Custom.KesAgentPass = ""
# Or if encrypted blurred password
$Global:SWMB_Custom.KesSecureString = ""
$Global:SWMB_Custom.KesKeyFile = ""
$Global:SWMB_Custom.KesKeyFile = ""
$Global:SWMB_Custom.KesPassword = ""
$Global:SWMB_Custom.KesAgentPass = ""
```
You can choose to put the password to modify Kasperky in clear text
You can choose to put the password to modify Kasperky Endpoint in clear text
or to scramble it via a symmetric encryption process.
Idem with the Network Agent.
If the key file exists, then the parameter is automatically assumed
to be encrypted for both passwords.
For safety, you can put this data in a configuration file `Custom-VarAutodel.psm1`.
The advantage with this is that it is destroyed after use.
......
......@@ -3,15 +3,15 @@ Do {
$KeyFile = Read-Host -Prompt "Key File"
} Until (Test-Path -LiteralPath "$KeyFile")
$EncryptedEndpointPass = Read-Host -Prompt "Encrypted blurred Endpoint Password"
$EncryptedAgentPass = Read-Host -Prompt "Encrypted blurred Agent Password"
$EndpointEncryptedPass = Read-Host -Prompt "Encrypted blurred Endpoint Password"
$AgentEncryptedPass = Read-Host -Prompt "Encrypted blurred Agent Password"
$EndpointPassword = $EncryptedEndpointPass | ConvertTo-SecureString -Key (Get-Content $KeyFile)
$EndpointPassword = $EndpointEncryptedPass | ConvertTo-SecureString -Key (Get-Content $KeyFile)
$EndpointCredential = New-Object System.Management.Automation.PsCredential('AsYouWant',$EndpointPassword)
$EndpointPlainPassword = $EndpointCredential.GetNetworkCredential().Password
Write-Output "Endpoint Password in clear text: $EndpointPlainPassword"
$AgentPassword = $EncryptedAgentPass | ConvertTo-SecureString -Key (Get-Content $KeyFile)
$AgentPassword = $AgentEncryptedPass | ConvertTo-SecureString -Key (Get-Content $KeyFile)
$AgentCredential = New-Object System.Management.Automation.PsCredential('AsYouWant',$AgentPassword)
$AgentPlainPassword = $AgentCredential.GetNetworkCredential().Password
Write-Output "Agent Password in clear text: $AgentPlainPassword"
$KesKeyFile = Read-Host -Prompt "Key File (please put .key extension)"
$KesPassword = Read-Host -AsSecureString -Prompt "Kaspersky Endpoint Password to secure"
$KesAgentPassword = Read-Host -AsSecureString -Prompt "Kaspersky Network Agent Password to secure"
$KesKeyFile = Read-Host -Prompt "Key File (please put .key extension, empty if pass in clear text)"
$KesEndpointPassword = Read-Host -AsSecureString -Prompt "Kaspersky Endpoint Password to secure"
$KesAgentPassword = Read-Host -AsSecureString -Prompt "Kaspersky Network Agent Password to secure"
if ($KesKeyFile) {
$Key = New-Object Byte[] 32 # create key AES 256-bit key (32 bytes)
[Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($Key)
$Key | Out-File $KesKeyFile
$KesSecureString = ConvertFrom-SecureString -SecureString $KesPassword -Key $Key
$KesAgentSecureString = ConvertFrom-SecureString -SecureString $KesAgentPassword -Key $Key
If ($KesKeyFile) {
If (Test-Path -LiteralPath "$KesKeyFile") {
# Use the same last key
$Key = (Get-Content $KesKeyFile)
} Else {
# Create a new key
$Key = New-Object Byte[] 32 # create key AES 256-bit key (32 bytes)
[Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($Key)
$Key | Out-File $KesKeyFile
}
If ($KesEndpointPassword.Length -ne 0) {$KesEndpointSecureString = ConvertFrom-SecureString -SecureString $KesEndpointPassword -Key $Key}
If ($KesAgentPassword.Length -ne 0) {$KesAgentSecureString = ConvertFrom-SecureString -SecureString $KesAgentPassword -Key $Key}
} Else {
# Default values if no key file
$KesEndpointSecureString = ConvertFrom-SecureString -SecureString $KesEndpointPassword -AsPlainText
$KesAgentSecureString = ConvertFrom-SecureString -SecureString $KesAgentPassword -AsPlainText
}
Write-Output ""
Write-Output "# Lines to add in your configuration file Custom-VarOverload.psm1"
Write-Output "# or in the auto delete one Custom-VarAutodel.psm1"
Write-Output ""
Write-Output "`$Global:SWMB_Custom.KesSecureString = '$KesSecureString'"
Write-Output "`$Global:SWMB_Custom.KesAgentSecureString = '$KesAgentSecureString'"
Write-Output "`$Global:SWMB_Custom.KesKeyFile = '$KesKeyFile'"
Write-Output "# Configuration for Kaspersky Endpoint and Network Agent"
Write-Output "`$Global:SWMB_Custom.KesPassword = '$KesEndpointSecureString'"
Write-Output "`$Global:SWMB_Custom.KesAgentPass = '$KesAgentSecureString'"
Write-Output "`$Global:SWMB_Custom.KesKeyFile = '$KesKeyFile'"
Write-Output ""
If (!(Test-Path -LiteralPath ".\Custom-VarAutodel.psm1")) {
$Query = Read-Host -Prompt "Do you want to create an auto-delete configuration file (Custom-VarAutodel) in the current folder [Y|n]"
If ($Query.ToLower() -ne "n") {
Write-Output "
# Configuration for Kaspersky Endpoint
`$Global:SWMB_Custom.KesSecureString = '$KesSecureString'
`$Global:SWMB_Custom.KesAgentSecureString = '$KesAgentSecureString'
`$Global:SWMB_Custom.KesKeyFile = '$KesKeyFile'
# Configuration for Kaspersky Endpoint and Network Agent
`$Global:SWMB_Custom.KesPassword = '$KesEndpointSecureString'
`$Global:SWMB_Custom.KesAgentPass = '$KesAgentSecureString'
`$Global:SWMB_Custom.KesKeyFile = '$KesKeyFile'
" | Out-File -FilePath ".\Custom-VarAutodel.psm1" -NoClobber
}
} ElseIf (Test-Path -LiteralPath ".\Custom-VarOverload.psm1") {
$Query = Read-Host -Prompt "Do you want to append theses parameters in your current configuration file (Custom-VarOverload) [Y|n]"
If ($Query.ToLower() -ne "n") {
Write-Output "
# Configuration for Kaspersky Endpoint
`$Global:SWMB_Custom.KesSecureString = '$KesSecureString'
`$Global:SWMB_Custom.KesAgentSecureString = '$KesAgentSecureString
`$Global:SWMB_Custom.KesKeyFile = '$KesKeyFile'
# Configuration for Kaspersky Endpointand Network Agent
`$Global:SWMB_Custom.KesPassword = '$KesEndpointSecureString'
`$Global:SWMB_Custom.KesAgentPass = '$KesAgentSecureString
`$Global:SWMB_Custom.KesKeyFile = '$KesKeyFile'
" | Out-File -FilePath ".\Custom-VarOverload.psm1" -Append
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment