News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Is it possible to get MS-Defcon rating in a script?

    Home Forums Developers, developers, developers DevOps Lounge Is it possible to get MS-Defcon rating in a script?

    This topic contains 13 replies, has 4 voices, and was last updated by

     woody 2 weeks ago.

    • Author
      Posts
    • #330534 Reply

      pf100
      AskWoody Lounger

      I’d like to get the MS-Defcon rating in a script as a variable. Right now as I’m typing this the rating is “2.” Is this possible? I’d give proper credit and not just make it look like something I came up with on the screen that displays the MS-Defcon rating.

      Here‘s the current script if that matters. Thanks.

    • #330758 Trash | Reply

      Rick Corbett
      AskWoody_MVP

      If I was doing it in AutoHotkey I guess the simplest way would be to parse the AskWoody homepage using IfInString. Although it’s a deprecated command, IMO for a simple task like this it’s just easier to use compared to InStr or RegExMatch.

      Something like this works for me:

      UrlDownloadToFile, https://www.askwoody.com/, %A_Temp%woody.txt ; Save AskWoody homepage to a temporary file
      
      Sleep, 1000  ; Pause for 1 second to allow for any download/file writing delay
      
      FileRead, devcon, %A_Temp%woody.txt ; Read the contents of the file into a variable
      
      IfInString, devcon, MS-DEFCON-1.jpg ; Check within variable for which JPG is referenced
      {
      MsgBox, , MS-DEVCON is currently set at 1
      }
      Else IfInString,  devcon, MS-DEFCON-2.jpg
      {
      MsgBox, , MS-DEVCON is currently set at 2
      }
      Else IfInString,  devcon, MS-DEFCON-3.jpg
      {
      MsgBox, , MS-DEVCON is currently set at 3
      }
      Else IfInString,  devcon, MS-DEFCON-4.jpg
      {
      MsgBox, , MS-DEVCON is currently set at 4
      }
      Else IfInString,  devcon, MS-DEFCON-5.jpg
      {
      MsgBox, , MS-DEVCON is currently set at 5
      }
      
      FileDelete, %A_Temp%woody.txt ; Clean up afterwards
      
      Exit

      … which currently gives a result of:

      devcon-status

      Obviously, you’ll just grab the result instead of using it in a message box but it was just to show it’s possible.

      (f you want a nicer looking script just shout and I’ll attach as a .TXT file for you to rename to .AHK. I’ve documented the AHK code – everything after a semi-colon [;] is a comment – to make it as clear as possible what’s happening.)

      I haven’t added any errorchecking but UrlDownloadToFile can be used with it… check the documentation, especially the bit about avoiding caching by adding a query string to the end of the URL.

      Hope this helps get you started. I’m not very good at scripting so, any queries, use AutoHotkey‘s Ask For Help forum.

      Attachments:
      1 user thanked author for this post.
    • #335380 Trash | Reply

      pf100
      AskWoody Lounger

      Thanks @Rick Corbett, but I’m trying to not set off any antivirii (it’s a batch file). I’ll just provide a link to

      MS-DEFCON System

      and leave it at that I suppose. Thanks for the info though.

    • #340348 Trash | Reply

      RetiredGeek
      AskWoody MVP

      PF100,

      Here’s a PowerShell script that will do the deed. At least if I parsed the HTML correctly and the pattern is standard!

      Function Show-Msg {
        Param ( [Parameter(Mandatory=$True, 
                 HelpMessage="Message box content.")]
                  [string]$Msg ,
                [Parameter(Mandatory=$False,
                 HelpMessage="Message box title.")]
                  [string]$Title = "Information"
              )          
      [Windows.Forms.MessageBox]::Show("$Msg", "$Title", 
           [Windows.Forms.MessageBoxButtons]::OK , 
           [Windows.Forms.MessageBoxIcon]::Information) 
      
      }  #End Function Show-Msg
      
      #------------------ Main Program -----------------
      
      Add-Type -AssemblyName System.Windows.Forms
      Clear-Host
      
      $IWRArgs = @{URI = "https://www.askwoody.com/"
                   UseBasicParsing = $True 
                  }
      $WebResponse = Invoke-WebRequest @IWRArgs
      
      ForEach ($Image in $WebResponse.Images) {
        $x = $Image.OuterHTML.ToString()
        If ($x -like "*MS-DEFCON-*") {
          $y = $x.split('/')
          $z = $y[8].split('.')
          $SMArgs = @{Msg   = "MS-DefCon = $($z[0].SubString(10,1))"
                      Title = "AskWoody MS-DEFCON Setting"}
          Show-Msg @SMArgs
        }
      }

      MSDEFCON

      May the Forces of good computing be with you!

      RG

      PowerShell & VBA Rule!
      Computer Specs

      Attachments:
      2 users thanked author for this post.
      • #340356 Trash | Reply

        Rick Corbett
        AskWoody_MVP

        Brilliant! I can more or less follow the flow… 🙂

        (Apologies in advance MODs but I think the following may be of interest to others rather than me bothering RG with a PM.)

        How on earth do you get your code indented so nicely, RG? I’m struggling big time with this.

        Just half an hour ago I found out I couldn’t even attach a zipped script ‘cos ZIP files are not allowed.

        1 user thanked author for this post.
    • #340373 Trash | Reply

      RetiredGeek
      AskWoody MVP

      Rick, using the text tab enter pre /pre tags then paste between them from notepad++ or other plain text editor. Note unlike WSL here you use <> vs [] brackets.

      May the Forces of good computing be with you!

      RG

      PowerShell & VBA Rule!
      Computer Specs

      1 user thanked author for this post.
    • #340376 Trash | Reply

      pf100
      AskWoody Lounger

      RetiredGeek That’s an excellent script to get the MS-Defcon rating. Thank you. I can echo those commands to a ps1 file from a cmd script and run it that way.

      Since I’m powershell impaired, how best to edit that ps1 to not have a message box and write the “$($z[0].SubString(10,1))” part to a text file I can read with the batch script? Thanks in advance.

    • #340824 Trash | Reply

      RetiredGeek
      AskWoody MVP

      PF100,

      Ok, here it is:

      Powershell Code: {Get-AskWoody-MSDEFCON.ps1}

      Clear-Host
      
      $IWRArgs = @{URI = "https://www.askwoody.com/"
                   UseBasicParsing = $True 
                  }
      $WebResponse = Invoke-WebRequest @IWRArgs
      
      ForEach ($Image in $WebResponse.Images) {
        $x = $Image.OuterHTML.ToString()
        If ($x -like "*MS-DEFCON-*") {
          $y = $x.split('/')
          $z = $y[8].split('.')
          [Environment]::SetEnvironmentVariable("MSDEFCON", 
                         "$($z[0].SubString(10,1))", "user")
        } #End If
      }   #End ForEach
      

      How to call from .cmd file:

      Echo Off
      CLS
      PowerShell.exe -noninteractive -command "G:BEKDocsScriptsGET-AskWoody-MSDEFCON.ps1"
      Echo MS-DefCon = %MSDEFCON%
      Rem --- Clear Variable ---
      Set MSDEFCON=
      Pause
      

      Sample run:
      GET-MSDEFCON-Results

      Of course you’ll adjust drive/path info per your system. 😎

      P.S. I almost forgot to mention that for some reason this will NOT work if you double click on the batch file in File Explorer but it works just fine if you open cmd.exe and run the batch file from there. Most likely some kind of scope issue maybe someone else could enlighten us both.

      May the Forces of good computing be with you!

      RG

      PowerShell & VBA Rule!
      Computer Specs

      Attachments:
      2 users thanked author for this post.
    • #340851 Trash | Reply

      pf100
      AskWoody Lounger

      RetiredGeek

      This works beautifully and will be in the next release of my script with credit to you and askwoody. Thank you.

      I added this line at the top of the ps1 file to not show the Invoke-WebRequest progress:
      $progressPreference = ‘silentlyContinue’

      I modified the cmd file to this:
      PowerShell.exe -NoProfile -ExecutionPolicy Bypass -command “%~dp0Get-AskWoody-MSDEFCON.ps1”

    • #340870 Trash | Reply

      Rick Corbett
      AskWoody_MVP

      PF100, Ok, here it is: Powershell Code: {Get-AskWoody-MSDEFCON.ps1}

      Nice one, RG. 🙂

      (And thanks for the formatting advice… worked perfectly.)

    • #348270 Trash | Reply

      pf100
      AskWoody Lounger

      I posted the code I ended up using here, then when I edited it the forum says I already posted it, but it’s not showing up here!
      So, here’s the code on pastebin instead:
      https://pastebin.com/XJDFfsSr

      And here’s the result:

      Also, someone asked me:
      “I’d like to see a graph of the AskWoody MS-DEFCON rating trend since it was implemented. Do you think it’s ever been “5” All clear?”
      Does anyone have an answer to that?

      One more thing – is

      Master Patch List


      the best link to give people? Seems like it is to me, but is there any other link you guys might think is more suitable, or is the patch master list the most informative yet easiest to read page about patches as related to MS-DEFCON?
      Thanks.

    • #1510677 Trash | Reply

      pf100
      AskWoody Lounger

      Save this as “MS-DEFCON.cmd” and run it and be amazed. Thank you @retiredgeek.

      Script won’t paste correctly here, so I put it on pastebin here.

      1 user thanked author for this post.
    • #1642528 Reply

      anonymous

      I’ve build this ps1 for nagios/opsview.

      Thanks to this great site!

      ###################################################
      
      ### AskWoody's MS-DEFCON nagios check script :) ###
      
      ###                                             ###
      
      ### Andreas Hartgers | 2019-05-16               ###
      
      ###################################################
      
      # 2: MS-DEFCON 1: Current Microsoft patches are causing havoc. Don’t patch.
      
      # 2: MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.
      
      # 1: MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.
      
      # 1: MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.
      
      # 0: MS-DEFCON 5: All’s clear. Patch while it’s safe.
      
      # Status code '0' means that the Service Check is running successfully and without errors, thus 'OK':
      
      # Status code '1' means that the Service Check is in a warning state, as shown below:
      
      # Status code '2' means that the Service Check is in a critical state, as shown below:
      
      # Status code '3' means that the Service Check in an 'UNKNOWN' state. This may indicate that the Service Check is mis-configured or that there is an issue with the monitored Host:
      
      clear
      
      $Args = @{URI = "https://www.askwoody.com/"
      
      UseBasicParsing = $True
      
      }
      
      $WebResponse = Invoke-WebRequest @Args
      
      $msdefcon = ((($WebResponse.Images | ?{$_.class -eq "defcon-img"}).src -split "/")[-1] -split "\.")[0] -replace "ms-defcon-",""
      
      switch ($msdefcon){
      
      5{$output="AskWoody's MS-DEFCON 5: All’s clear. Patch while it’s safe.";$exitcode=0}
      
      4{$output="AskWoody's MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.";$exitcode=1}
      
      3{$output="AskWoody's MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.";$exitcode=1}
      
      2{$output="AskWoody's MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.";$exitcode=2}
      
      1{$output="AskWoody's MS-DEFCON 1: Current Microsoft patches are causing havoc. Don’t patch.";$exitcode=2}
      
      else{$output="ERROR";$exitcode=3}
      
      }
      
      $output = $output+"|'ms-defcon'="+$msdefcon
      
      write-host $output
      
      exit $exitcode
      

      Edit added <pre> tags

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Is it possible to get MS-Defcon rating in a script?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.