2Shirt/WizardKit
2Shirt/WizardKit
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases 26 Packages Wiki Activity Actions

Refactor Bitlocker export sections

Browse source 
Addresses issue #45
This commit is contained in:
2Shirt 2023-09-23 21:29:47 -07:00
parent 146b3304aa
commit c3edfae2b1
Signed by: 2Shirt
GPG key ID: 152FAC923B0E132C
2 changed files with 95 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

79
scripts/export_bitlocker.ps1 Normal file
View file

@ -0,0 +1,79 @@
# Export Bitlocker info
# Init
$REPORT = ""
$SKIPPED_PROPERTIES = @(
"CapacityGB",
"MountPoint",
"KeyProtector"
)
# Functions
function Convert-BytesToString ($bytes) {
If ($bytes -gt 1PB) {
return ("{0:0.#} PB" -f ($bytes / 1PB) )
} ElseIf ($bytes -gt 1TB) {
return ("{0:0.#} TB" -f ($bytes / 1TB) )
} ElseIf ($bytes -gt 1GB) {
return ("{0:0.#} GB" -f ($bytes / 1GB) )
} ElseIf ($bytes -gt 1MB) {
return ("{0:0.#} MB" -f ($bytes / 1MB) )
} ElseIf ($bytes -gt 1KB) {
return ("{0:0.#} KB" -f ($bytes / 1KB) )
} Else {
return ("{0} B" -f $bytes)
}
}
# Build report
$system_drive = $env:SystemDrive
if ($system_drive -eq "X:") {
# Assuming we're running in WinPE
$system_drive = "C:"
}
Get-BitlockerVolume -MountPoint $system_drive | ForEach-Object {
$bitlocker_volume = $_
$REPORT += ("`n`nDrive {0}`n---`n" -f $bitlocker_volume.MountPoint)
# Size info
$volume = Get-Volume -DriveLetter $bitlocker_volume.MountPoint[0]
$total = Convert-BytesToString ($volume.Size)
$used = Convert-BytesToString ($volume.Size - $volume.SizeRemaining)
if ($volume.Size -gt 0) {
$REPORT += ("Size: {0} ({1} used)`n" -f $total, $used)
} else {
$REPORT += "Size: Unknown`n"
}
# Volume info
$bitlocker_volume |
Get-Member -MemberType Property |
Where-Object {! $SKIPPED_PROPERTIES.Contains($_.Name)} |
ForEach-Object {
$name = $_.Name
if ($bitlocker_volume.$name -ne $null) {
$REPORT += ("{0}: {1}`n" -f $name, $bitlocker_volume.$name)
}
}
# Key info
$bitlocker_volume.KeyProtector |
ForEach-Object {
$key = $_
$REPORT += "Key Slot:`n"
$key |
Get-Member -MemberType Property |
ForEach-Object {
$name = $_.Name
if ($key.$name -ne $null -and $key.$name -ne "") {
$REPORT += ("... {0}: {1}`n" -f $name, $key.$name)
}
}
}
}
# Show report
Write-Host $REPORT.Trim()
# vim: sts=2 sw=2 ts=2

48
scripts/wk/os/win.py
View file

@ -28,7 +28,7 @@ from wk.cfg.windows_builds import (
) )
from wk.exe import get_json_from_command, run_program, wait_for_procs from wk.exe import get_json_from_command, run_program, wait_for_procs
from wk.kit.tools import find_kit_dir from wk.kit.tools import find_kit_dir
from wk.osticket import osTicket, pad_with_dots from wk.osticket import osTicket
from wk.std import ( from wk.std import (
GenericError, GenericError,
GenericWarning, GenericWarning,
@ -217,50 +217,34 @@ def defender_is_disabled():
def export_bitlocker_info() -> None: def export_bitlocker_info() -> None:
"""Get Bitlocker info and save to either the base directory of the kit or osTicket.""" """Get Bitlocker info and save to either the base directory of the kit or osTicket."""
commands = [ script_path = find_kit_dir('Scripts').joinpath('export_bitlocker.ps1')
['manage-bde', '-status', SYSTEMDRIVE], cmd = ['PowerShell', '-ExecutionPolicy', 'Bypass', '-File', script_path]
['manage-bde', '-protectors', '-get', SYSTEMDRIVE],
]
file_name = '' file_name = ''
output = [] output = []
output_raw = []
output_str = ''
# WinPE check # Include OS info
if os.environ.get('SYSTEMDRIVE', 'C:').upper() == 'X:': if os.environ.get('SYSTEMDRIVE', 'C:').upper() == 'X:':
# Assuming this is true
output.append('[Check run under Win10XPE]') output.append('[Check run under Win10XPE]')
else:
output.append(get_os_name())
output.append('')
# Get info # Get Bitlocker info
for cmd in commands: proc = run_program(cmd, check=False)
proc = run_program(cmd, check=False) if proc.returncode or not proc.stdout.strip():
if proc.stdout: output.append('Error: Failed to export Bitlocker info\n')
output_raw.extend(proc.stdout.splitlines()[3:]) output.extend(proc.stdout.splitlines())
for line in output_raw:
if line.startswith(' ') and ':' in line:
parts = line.split(':')
if len(parts) < 2:
# Not a key/value pair
output.append(f'.. {line}')
continue
key = parts.pop(0)
key = f'.. {key.strip()+":":<22}'
key = pad_with_dots(key, pad_right=True)
value = ' '.join(parts)
value = value.strip()
output.append(f'{key} {value}')
else:
output.append(line)
output_str = '\n'.join(output)
# Show info # Show info
print('\n'.join(output_raw), '\n\n') print('\n'.join(output), '\n\n')
# Save to osTicket # Save to osTicket
ost = osTicket() ost = osTicket()
ost.init() ost.init()
ost.select_ticket() ost.select_ticket()
if not ost.disabled: if not ost.disabled:
ost.post_response(output_str) ost.post_response('\n'.join(output))
result = 'OK' result = 'OK'
if ost.disabled or ost.errors: if ost.disabled or ost.errors:
result = 'Unknown' result = 'Unknown'
@ -278,7 +262,7 @@ def export_bitlocker_info() -> None:
file_name = ui.input_text(prompt_msg='Enter filename: ', allow_empty=False) file_name = ui.input_text(prompt_msg='Enter filename: ', allow_empty=False)
file_path = pathlib.Path(f'../../../Bitlocker_{file_name}.txt').resolve() file_path = pathlib.Path(f'../../../Bitlocker_{file_name}.txt').resolve()
with open(file_path, 'a', encoding='utf-8') as _f: with open(file_path, 'a', encoding='utf-8') as _f:
_f.write('\n'.join(output_raw)) _f.write('\n'.join(output))
# Done # Done
ui.pause('\nPress Enter to exit...') ui.pause('\nPress Enter to exit...')