• Is it possible to get MS-Defcon rating in a script?

    Home » Forums » Developers, developers, developers » DevOps Lounge » Is it possible to get MS-Defcon rating in a script?

    Author
    Topic
    #330534

    I’d like to get the MS-Defcon rating in a script as a variable. Right now as I’m typing this the rating is “2.” Is this possible? I’d give proper credit and not just make it look like something I came up with on the screen that displays the MS-Defcon rating.

    Here‘s the current script if that matters. Thanks.

    Viewing 16 reply threads
    Author
    Replies
    • #330758

      If I was doing it in AutoHotkey I guess the simplest way would be to parse the AskWoody homepage using IfInString. Although it’s a deprecated command, IMO for a simple task like this it’s just easier to use compared to InStr or RegExMatch.

      Something like this works for me:

      UrlDownloadToFile, https://www.askwoody.com/, %A_Temp%woody.txt ; Save AskWoody homepage to a temporary file
      
      Sleep, 1000  ; Pause for 1 second to allow for any download/file writing delay
      
      FileRead, devcon, %A_Temp%woody.txt ; Read the contents of the file into a variable
      
      IfInString, devcon, MS-DEFCON-1.jpg ; Check within variable for which JPG is referenced
      {
      MsgBox, , MS-DEVCON is currently set at 1
      }
      Else IfInString,  devcon, MS-DEFCON-2.jpg
      {
      MsgBox, , MS-DEVCON is currently set at 2
      }
      Else IfInString,  devcon, MS-DEFCON-3.jpg
      {
      MsgBox, , MS-DEVCON is currently set at 3
      }
      Else IfInString,  devcon, MS-DEFCON-4.jpg
      {
      MsgBox, , MS-DEVCON is currently set at 4
      }
      Else IfInString,  devcon, MS-DEFCON-5.jpg
      {
      MsgBox, , MS-DEVCON is currently set at 5
      }
      
      FileDelete, %A_Temp%woody.txt ; Clean up afterwards
      
      Exit

      … which currently gives a result of:

      devcon-status

      Obviously, you’ll just grab the result instead of using it in a message box but it was just to show it’s possible.

      (f you want a nicer looking script just shout and I’ll attach as a .TXT file for you to rename to .AHK. I’ve documented the AHK code – everything after a semi-colon [;] is a comment – to make it as clear as possible what’s happening.)

      I haven’t added any errorchecking but UrlDownloadToFile can be used with it… check the documentation, especially the bit about avoiding caching by adding a query string to the end of the URL.

      Hope this helps get you started. I’m not very good at scripting so, any queries, use AutoHotkey‘s Ask For Help forum.

      1 user thanked author for this post.
    • #335380

      Thanks @Rick Corbett, but I’m trying to not set off any antivirii (it’s a batch file). I’ll just provide a link to

      https://www.askwoody.com/ms-defcon-system/

      and leave it at that I suppose. Thanks for the info though.

    • #340348

      PF100,

      Here’s a PowerShell script that will do the deed. At least if I parsed the HTML correctly and the pattern is standard!

      Function Show-Msg {
        Param ( [Parameter(Mandatory=$True, 
                 HelpMessage="Message box content.")]
                  [string]$Msg ,
                [Parameter(Mandatory=$False,
                 HelpMessage="Message box title.")]
                  [string]$Title = "Information"
              )          
      [Windows.Forms.MessageBox]::Show("$Msg", "$Title", 
           [Windows.Forms.MessageBoxButtons]::OK , 
           [Windows.Forms.MessageBoxIcon]::Information) 
      
      }  #End Function Show-Msg
      
      #------------------ Main Program -----------------
      
      Add-Type -AssemblyName System.Windows.Forms
      Clear-Host
      
      $IWRArgs = @{URI = "https://www.askwoody.com/"
                   UseBasicParsing = $True 
                  }
      $WebResponse = Invoke-WebRequest @IWRArgs
      
      ForEach ($Image in $WebResponse.Images) {
        $x = $Image.OuterHTML.ToString()
        If ($x -like "*MS-DEFCON-*") {
          $y = $x.split('/')
          $z = $y[8].split('.')
          $SMArgs = @{Msg   = "MS-DefCon = $($z[0].SubString(10,1))"
                      Title = "AskWoody MS-DEFCON Setting"}
          Show-Msg @SMArgs
        }
      }

      MSDEFCON

      May the Forces of good computing be with you!

      RG

      PowerShell & VBA Rule!
      Computer Specs

      2 users thanked author for this post.
      • #340356

        Brilliant! I can more or less follow the flow… 🙂

        (Apologies in advance MODs but I think the following may be of interest to others rather than me bothering RG with a PM.)

        How on earth do you get your code indented so nicely, RG? I’m struggling big time with this.

        Just half an hour ago I found out I couldn’t even attach a zipped script ‘cos ZIP files are not allowed.

        1 user thanked author for this post.
    • #340373

      Rick, using the text tab enter pre /pre tags then paste between them from notepad++ or other plain text editor. Note unlike WSL here you use <> vs [] brackets.

      May the Forces of good computing be with you!

      RG

      PowerShell & VBA Rule!
      Computer Specs

      1 user thanked author for this post.
    • #340376

      RetiredGeek That’s an excellent script to get the MS-Defcon rating. Thank you. I can echo those commands to a ps1 file from a cmd script and run it that way.

      Since I’m powershell impaired, how best to edit that ps1 to not have a message box and write the “$($z[0].SubString(10,1))” part to a text file I can read with the batch script? Thanks in advance.

    • #340824

      PF100,

      Ok, here it is:

      Powershell Code: {Get-AskWoody-MSDEFCON.ps1}

      Clear-Host
      
      $IWRArgs = @{URI = "https://www.askwoody.com/"
                   UseBasicParsing = $True 
                  }
      $WebResponse = Invoke-WebRequest @IWRArgs
      
      ForEach ($Image in $WebResponse.Images) {
        $x = $Image.OuterHTML.ToString()
        If ($x -like "*MS-DEFCON-*") {
          $y = $x.split('/')
          $z = $y[8].split('.')
          [Environment]::SetEnvironmentVariable("MSDEFCON", 
                         "$($z[0].SubString(10,1))", "user")
        } #End If
      }   #End ForEach
      

      How to call from .cmd file:

      Echo Off
      CLS
      PowerShell.exe -noninteractive -command "G:BEKDocsScriptsGET-AskWoody-MSDEFCON.ps1"
      Echo MS-DefCon = %MSDEFCON%
      Rem --- Clear Variable ---
      Set MSDEFCON=
      Pause
      

      Sample run:
      GET-MSDEFCON-Results

      Of course you’ll adjust drive/path info per your system. 😎

      P.S. I almost forgot to mention that for some reason this will NOT work if you double click on the batch file in File Explorer but it works just fine if you open cmd.exe and run the batch file from there. Most likely some kind of scope issue maybe someone else could enlighten us both.

      May the Forces of good computing be with you!

      RG

      PowerShell & VBA Rule!
      Computer Specs

      2 users thanked author for this post.
    • #340851

      RetiredGeek

      This works beautifully and will be in the next release of my script with credit to you and askwoody. Thank you.

      I added this line at the top of the ps1 file to not show the Invoke-WebRequest progress:
      $progressPreference = ‘silentlyContinue’

      I modified the cmd file to this:
      PowerShell.exe -NoProfile -ExecutionPolicy Bypass -command “%~dp0Get-AskWoody-MSDEFCON.ps1”

    • #340870

      PF100, Ok, here it is: Powershell Code: {Get-AskWoody-MSDEFCON.ps1}

      Nice one, RG. 🙂

      (And thanks for the formatting advice… worked perfectly.)

    • #348270

      I posted the code I ended up using here, then when I edited it the forum says I already posted it, but it’s not showing up here!
      So, here’s the code on pastebin instead:
      https://pastebin.com/XJDFfsSr

      And here’s the result:

      Also, someone asked me:
      “I’d like to see a graph of the AskWoody MS-DEFCON rating trend since it was implemented. Do you think it’s ever been “5” All clear?”
      Does anyone have an answer to that?

      One more thing – is
      https://www.askwoody.com/patch-list-master/
      the best link to give people? Seems like it is to me, but is there any other link you guys might think is more suitable, or is the patch master list the most informative yet easiest to read page about patches as related to MS-DEFCON?
      Thanks.

    • #1510677

      Save this as “MS-DEFCON.cmd” and run it and be amazed. Thank you @RetiredGeek.

      Script won’t paste correctly here, so I put it on pastebin here.

      1 user thanked author for this post.
    • #1642528

      I’ve build this ps1 for nagios/opsview.

      Thanks to this great site!

      ###################################################
      
      ### AskWoody's MS-DEFCON nagios check script :) ###
      
      ###                                             ###
      
      ### Andreas Hartgers | 2019-05-16               ###
      
      ###################################################
      
      # 2: MS-DEFCON 1: Current Microsoft patches are causing havoc. Don’t patch.
      
      # 2: MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.
      
      # 1: MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.
      
      # 1: MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.
      
      # 0: MS-DEFCON 5: All’s clear. Patch while it’s safe.
      
      # Status code '0' means that the Service Check is running successfully and without errors, thus 'OK':
      
      # Status code '1' means that the Service Check is in a warning state, as shown below:
      
      # Status code '2' means that the Service Check is in a critical state, as shown below:
      
      # Status code '3' means that the Service Check in an 'UNKNOWN' state. This may indicate that the Service Check is mis-configured or that there is an issue with the monitored Host:
      
      clear
      
      $Args = @{URI = "https://www.askwoody.com/"
      
      UseBasicParsing = $True
      
      }
      
      $WebResponse = Invoke-WebRequest @Args
      
      $msdefcon = ((($WebResponse.Images | ?{$_.class -eq "defcon-img"}).src -split "/")[-1] -split "\.")[0] -replace "ms-defcon-",""
      
      switch ($msdefcon){
      
      5{$output="AskWoody's MS-DEFCON 5: All’s clear. Patch while it’s safe.";$exitcode=0}
      
      4{$output="AskWoody's MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.";$exitcode=1}
      
      3{$output="AskWoody's MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.";$exitcode=1}
      
      2{$output="AskWoody's MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.";$exitcode=2}
      
      1{$output="AskWoody's MS-DEFCON 1: Current Microsoft patches are causing havoc. Don’t patch.";$exitcode=2}
      
      else{$output="ERROR";$exitcode=3}
      
      }
      
      $output = $output+"|'ms-defcon'="+$msdefcon
      
      write-host $output
      
      exit $exitcode
      

      Edit added <pre> tags

    • #2042064

      Hey Y’all,

      Here’s version 3 of my Get-MSDEFCON.ps1 program that now includes the textual description as well as the number rating. It also includes some revised code to parse the HTML. HTH 😎

      May the Forces of good computing be with you!

      RG

      PowerShell & VBA Rule!
      Computer Specs

      1 user thanked author for this post.
      • #2042145

        Sorry, forgot to post the screen shot.

        DEFCON

        May the Forces of good computing be with you!

        RG

        PowerShell & VBA Rule!
        Computer Specs

        1 user thanked author for this post.
    • #2323878

      Hey y’all,

      I’ve been in the process of moving and have finally obtained some semblance of order to the new abode. I had put off fixing a bug in this program (actually in PowerShell’s Invoke-WebRequest). Well I finally found a way to get around the problem of PowerShell not returning the Images by finding another way to parse the HTML of the site to return the MS-DefCon number.

      Update: Forgot to delete temp file. Fixed and new code below.

      Get-MSdefCon.zip: Get-MSDefCon-1
      .zip MD5 Hash: 0002B8B82B5116EDA88C348A0D5066A2
      .ps1 MD5 Hash: 50EAAA44593871F8E9B4BD074AD0999B

      HTH 😎

       

      May the Forces of good computing be with you!

      RG

      PowerShell & VBA Rule!
      Computer Specs

      • This reply was modified 1 year, 6 months ago by RetiredGeek.
      • This reply was modified 1 year, 6 months ago by RetiredGeek. Reason: Updated Code
      • This reply was modified 1 year, 6 months ago by RetiredGeek.
    • #2323882

      Note to the Web Developers:

      When I posted this it converted the Get-MSDefCon.Zip to the attachment number!
      I had to edit the post to fix the problem.

      May the Forces of good computing be with you!

      RG

      PowerShell & VBA Rule!
      Computer Specs

    • #2324577

      I get this now RG

      PS C:\WINDOWS\system32> C:\Users\ralph\Documents\WindowsPowerShell\Get-MSDefCon.ps1
      File C:\Users\ralph\Documents\WindowsPowerShell\Get-MSDefCon.ps1 cannot be
      loaded. The file C:\Users\ralph\Documents\WindowsPowerShell\Get-MSDefCon.ps1
      is not digitally signed. You cannot run this script on the current system. For
      more information about running scripts and setting execution policy, see
      about_Execution_Policies at https:/go.microsoft.com/fwlink/?LinkID=135170.
      + CategoryInfo : SecurityError: (:) [], ParentContainsErrorRecord
      Exception
      + FullyQualifiedErrorId : UnauthorizedAccess

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
    • #2324742

      Try this:

      Right click on the PS1 file.
      Properties.
      Unblock.
      OK.

      cheers, Paul

      1 user thanked author for this post.
    • #2324885

      Mmm I had not seen blocking in files down loaded in Pale Moon before, maybe a WPS thing ? or did I somehow switch to Edge for some weird reason?

      🙄

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
    Viewing 16 reply threads
    Reply To: Is it possible to get MS-Defcon rating in a script?

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: