News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • Is it possible to get MS-Defcon rating in a script?

    Home Forums Developers, developers, developers DevOps Lounge Is it possible to get MS-Defcon rating in a script?

    Viewing 17 reply threads
    • Author
      Posts
      • #330534
        pf100
        AskWoody Lounger

        I’d like to get the MS-Defcon rating in a script as a variable. Right now as I’m typing this the rating is “2.” Is this possible? I’d give proper credit and not just make it look like something I came up with on the screen that displays the MS-Defcon rating.

        Here‘s the current script if that matters. Thanks.

      • #330758
        Rick Corbett
        AskWoody_MVP

        If I was doing it in AutoHotkey I guess the simplest way would be to parse the AskWoody homepage using IfInString. Although it’s a deprecated command, IMO for a simple task like this it’s just easier to use compared to InStr or RegExMatch.

        Something like this works for me:

        UrlDownloadToFile, https://www.askwoody.com/, %A_Temp%woody.txt ; Save AskWoody homepage to a temporary file
        
        Sleep, 1000  ; Pause for 1 second to allow for any download/file writing delay
        
        FileRead, devcon, %A_Temp%woody.txt ; Read the contents of the file into a variable
        
        IfInString, devcon, MS-DEFCON-1.jpg ; Check within variable for which JPG is referenced
        {
        MsgBox, , MS-DEVCON is currently set at 1
        }
        Else IfInString,  devcon, MS-DEFCON-2.jpg
        {
        MsgBox, , MS-DEVCON is currently set at 2
        }
        Else IfInString,  devcon, MS-DEFCON-3.jpg
        {
        MsgBox, , MS-DEVCON is currently set at 3
        }
        Else IfInString,  devcon, MS-DEFCON-4.jpg
        {
        MsgBox, , MS-DEVCON is currently set at 4
        }
        Else IfInString,  devcon, MS-DEFCON-5.jpg
        {
        MsgBox, , MS-DEVCON is currently set at 5
        }
        
        FileDelete, %A_Temp%woody.txt ; Clean up afterwards
        
        Exit

        … which currently gives a result of:

        devcon-status

        Obviously, you’ll just grab the result instead of using it in a message box but it was just to show it’s possible.

        (f you want a nicer looking script just shout and I’ll attach as a .TXT file for you to rename to .AHK. I’ve documented the AHK code – everything after a semi-colon [;] is a comment – to make it as clear as possible what’s happening.)

        I haven’t added any errorchecking but UrlDownloadToFile can be used with it… check the documentation, especially the bit about avoiding caching by adding a query string to the end of the URL.

        Hope this helps get you started. I’m not very good at scripting so, any queries, use AutoHotkey‘s Ask For Help forum.

        1 user thanked author for this post.
      • #335380
        pf100
        AskWoody Lounger

        Thanks @Rick Corbett, but I’m trying to not set off any antivirii (it’s a batch file). I’ll just provide a link to

        MS-DEFCON System

        and leave it at that I suppose. Thanks for the info though.

      • #340348
        RetiredGeek
        AskWoody MVP

        PF100,

        Here’s a PowerShell script that will do the deed. At least if I parsed the HTML correctly and the pattern is standard!

        Function Show-Msg {
          Param ( [Parameter(Mandatory=$True, 
                   HelpMessage="Message box content.")]
                    [string]$Msg ,
                  [Parameter(Mandatory=$False,
                   HelpMessage="Message box title.")]
                    [string]$Title = "Information"
                )          
        [Windows.Forms.MessageBox]::Show("$Msg", "$Title", 
             [Windows.Forms.MessageBoxButtons]::OK , 
             [Windows.Forms.MessageBoxIcon]::Information) 
        
        }  #End Function Show-Msg
        
        #------------------ Main Program -----------------
        
        Add-Type -AssemblyName System.Windows.Forms
        Clear-Host
        
        $IWRArgs = @{URI = "https://www.askwoody.com/"
                     UseBasicParsing = $True 
                    }
        $WebResponse = Invoke-WebRequest @IWRArgs
        
        ForEach ($Image in $WebResponse.Images) {
          $x = $Image.OuterHTML.ToString()
          If ($x -like "*MS-DEFCON-*") {
            $y = $x.split('/')
            $z = $y[8].split('.')
            $SMArgs = @{Msg   = "MS-DefCon = $($z[0].SubString(10,1))"
                        Title = "AskWoody MS-DEFCON Setting"}
            Show-Msg @SMArgs
          }
        }

        MSDEFCON

        May the Forces of good computing be with you!

        RG

        PowerShell & VBA Rule!
        Computer Specs

        2 users thanked author for this post.
        • #340356
          Rick Corbett
          AskWoody_MVP

          Brilliant! I can more or less follow the flow… 🙂

          (Apologies in advance MODs but I think the following may be of interest to others rather than me bothering RG with a PM.)

          How on earth do you get your code indented so nicely, RG? I’m struggling big time with this.

          Just half an hour ago I found out I couldn’t even attach a zipped script ‘cos ZIP files are not allowed.

          1 user thanked author for this post.
      • #340373
        RetiredGeek
        AskWoody MVP

        Rick, using the text tab enter pre /pre tags then paste between them from notepad++ or other plain text editor. Note unlike WSL here you use <> vs [] brackets.

        May the Forces of good computing be with you!

        RG

        PowerShell & VBA Rule!
        Computer Specs

        1 user thanked author for this post.
      • #340376
        pf100
        AskWoody Lounger

        RetiredGeek That’s an excellent script to get the MS-Defcon rating. Thank you. I can echo those commands to a ps1 file from a cmd script and run it that way.

        Since I’m powershell impaired, how best to edit that ps1 to not have a message box and write the “$($z[0].SubString(10,1))” part to a text file I can read with the batch script? Thanks in advance.

      • #340824
        RetiredGeek
        AskWoody MVP

        PF100,

        Ok, here it is:

        Powershell Code: {Get-AskWoody-MSDEFCON.ps1}

        Clear-Host
        
        $IWRArgs = @{URI = "https://www.askwoody.com/"
                     UseBasicParsing = $True 
                    }
        $WebResponse = Invoke-WebRequest @IWRArgs
        
        ForEach ($Image in $WebResponse.Images) {
          $x = $Image.OuterHTML.ToString()
          If ($x -like "*MS-DEFCON-*") {
            $y = $x.split('/')
            $z = $y[8].split('.')
            [Environment]::SetEnvironmentVariable("MSDEFCON", 
                           "$($z[0].SubString(10,1))", "user")
          } #End If
        }   #End ForEach
        

        How to call from .cmd file:

        Echo Off
        CLS
        PowerShell.exe -noninteractive -command "G:BEKDocsScriptsGET-AskWoody-MSDEFCON.ps1"
        Echo MS-DefCon = %MSDEFCON%
        Rem --- Clear Variable ---
        Set MSDEFCON=
        Pause
        

        Sample run:
        GET-MSDEFCON-Results

        Of course you’ll adjust drive/path info per your system. 😎

        P.S. I almost forgot to mention that for some reason this will NOT work if you double click on the batch file in File Explorer but it works just fine if you open cmd.exe and run the batch file from there. Most likely some kind of scope issue maybe someone else could enlighten us both.

        May the Forces of good computing be with you!

        RG

        PowerShell & VBA Rule!
        Computer Specs

        2 users thanked author for this post.
      • #340851
        pf100
        AskWoody Lounger

        RetiredGeek

        This works beautifully and will be in the next release of my script with credit to you and askwoody. Thank you.

        I added this line at the top of the ps1 file to not show the Invoke-WebRequest progress:
        $progressPreference = ‘silentlyContinue’

        I modified the cmd file to this:
        PowerShell.exe -NoProfile -ExecutionPolicy Bypass -command “%~dp0Get-AskWoody-MSDEFCON.ps1”

      • #340870
        Rick Corbett
        AskWoody_MVP

        PF100, Ok, here it is: Powershell Code: {Get-AskWoody-MSDEFCON.ps1}

        Nice one, RG. 🙂

        (And thanks for the formatting advice… worked perfectly.)

      • #348270
        pf100
        AskWoody Lounger

        I posted the code I ended up using here, then when I edited it the forum says I already posted it, but it’s not showing up here!
        So, here’s the code on pastebin instead:
        https://pastebin.com/XJDFfsSr

        And here’s the result:

        Also, someone asked me:
        “I’d like to see a graph of the AskWoody MS-DEFCON rating trend since it was implemented. Do you think it’s ever been “5” All clear?”
        Does anyone have an answer to that?

        One more thing – is

        Master Patch List


        the best link to give people? Seems like it is to me, but is there any other link you guys might think is more suitable, or is the patch master list the most informative yet easiest to read page about patches as related to MS-DEFCON?
        Thanks.

      • #1510677
        pf100
        AskWoody Lounger

        Save this as “MS-DEFCON.cmd” and run it and be amazed. Thank you @RetiredGeek.

        Script won’t paste correctly here, so I put it on pastebin here.

        1 user thanked author for this post.
      • #1642528
        anonymous
        Guest

        I’ve build this ps1 for nagios/opsview.

        Thanks to this great site!

        ###################################################
        
        ### AskWoody's MS-DEFCON nagios check script :) ###
        
        ###                                             ###
        
        ### Andreas Hartgers | 2019-05-16               ###
        
        ###################################################
        
        # 2: MS-DEFCON 1: Current Microsoft patches are causing havoc. Don’t patch.
        
        # 2: MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.
        
        # 1: MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.
        
        # 1: MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.
        
        # 0: MS-DEFCON 5: All’s clear. Patch while it’s safe.
        
        # Status code '0' means that the Service Check is running successfully and without errors, thus 'OK':
        
        # Status code '1' means that the Service Check is in a warning state, as shown below:
        
        # Status code '2' means that the Service Check is in a critical state, as shown below:
        
        # Status code '3' means that the Service Check in an 'UNKNOWN' state. This may indicate that the Service Check is mis-configured or that there is an issue with the monitored Host:
        
        clear
        
        $Args = @{URI = "https://www.askwoody.com/"
        
        UseBasicParsing = $True
        
        }
        
        $WebResponse = Invoke-WebRequest @Args
        
        $msdefcon = ((($WebResponse.Images | ?{$_.class -eq "defcon-img"}).src -split "/")[-1] -split "\.")[0] -replace "ms-defcon-",""
        
        switch ($msdefcon){
        
        5{$output="AskWoody's MS-DEFCON 5: All’s clear. Patch while it’s safe.";$exitcode=0}
        
        4{$output="AskWoody's MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.";$exitcode=1}
        
        3{$output="AskWoody's MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.";$exitcode=1}
        
        2{$output="AskWoody's MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.";$exitcode=2}
        
        1{$output="AskWoody's MS-DEFCON 1: Current Microsoft patches are causing havoc. Don’t patch.";$exitcode=2}
        
        else{$output="ERROR";$exitcode=3}
        
        }
        
        $output = $output+"|'ms-defcon'="+$msdefcon
        
        write-host $output
        
        exit $exitcode
        

        Edit added <pre> tags

      • #2042064
        RetiredGeek
        AskWoody MVP

        Hey Y’all,

        Here’s version 3 of my Get-MSDEFCON.ps1 program that now includes the textual description as well as the number rating. It also includes some revised code to parse the HTML. HTH 😎

        May the Forces of good computing be with you!

        RG

        PowerShell & VBA Rule!
        Computer Specs

        1 user thanked author for this post.
        • #2042145
          RetiredGeek
          AskWoody MVP

          Sorry, forgot to post the screen shot.

          DEFCON

          May the Forces of good computing be with you!

          RG

          PowerShell & VBA Rule!
          Computer Specs

          1 user thanked author for this post.
      • #2323878
        RetiredGeek
        AskWoody MVP

        Hey y’all,

        I’ve been in the process of moving and have finally obtained some semblance of order to the new abode. I had put off fixing a bug in this program (actually in PowerShell’s Invoke-WebRequest). Well I finally found a way to get around the problem of PowerShell not returning the Images by finding another way to parse the HTML of the site to return the MS-DefCon number.

        Update: Forgot to delete temp file. Fixed and new code below.

        Get-MSdefCon.zip: Get-MSDefCon-1
        .zip MD5 Hash: 0002B8B82B5116EDA88C348A0D5066A2
        .ps1 MD5 Hash: 50EAAA44593871F8E9B4BD074AD0999B

        HTH 😎

         

        May the Forces of good computing be with you!

        RG

        PowerShell & VBA Rule!
        Computer Specs

        • This reply was modified 5 months, 3 weeks ago by RetiredGeek.
        • This reply was modified 5 months, 3 weeks ago by RetiredGeek. Reason: Updated Code
        • This reply was modified 5 months, 3 weeks ago by RetiredGeek.
      • #2323882
        RetiredGeek
        AskWoody MVP

        Note to the Web Developers:

        When I posted this it converted the Get-MSDefCon.Zip to the attachment number!
        I had to edit the post to fix the problem.

        May the Forces of good computing be with you!

        RG

        PowerShell & VBA Rule!
        Computer Specs

      • #2324577
        wavy
        AskWoody Plus

        I get this now RG

        PS C:\WINDOWS\system32> C:\Users\ralph\Documents\WindowsPowerShell\Get-MSDefCon.ps1
        File C:\Users\ralph\Documents\WindowsPowerShell\Get-MSDefCon.ps1 cannot be
        loaded. The file C:\Users\ralph\Documents\WindowsPowerShell\Get-MSDefCon.ps1
        is not digitally signed. You cannot run this script on the current system. For
        more information about running scripts and setting execution policy, see
        about_Execution_Policies at https:/go.microsoft.com/fwlink/?LinkID=135170.
        + CategoryInfo : SecurityError: (:) [], ParentContainsErrorRecord
        Exception
        + FullyQualifiedErrorId : UnauthorizedAccess

        🍻

        Just because you don't know where you are going doesn't mean any road will get you there.
      • #2324742
        Paul T
        AskWoody MVP

        Try this:

        Right click on the PS1 file.
        Properties.
        Unblock.
        OK.

        cheers, Paul

        1 user thanked author for this post.
      • #2324885
        wavy
        AskWoody Plus

        Mmm I had not seen blocking in files down loaded in Pale Moon before, maybe a WPS thing ? or did I somehow switch to Edge for some weird reason?

        🙄

        🍻

        Just because you don't know where you are going doesn't mean any road will get you there.
    Viewing 17 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, no politics or religion.

    Reply To: Is it possible to get MS-Defcon rating in a script?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.