From 6edf79dc84aaf27a060bf0c85342fba24ad61aba Mon Sep 17 00:00:00 2001 From: johaoRosasRosillo Date: Thu, 1 Sep 2022 19:51:18 -0400 Subject: [PATCH 1/5] added a file with options to the taskscheduler --- .../actions/factoryreset/bin/FactoryReset.xml | Bin 0 -> 3310 bytes lib/agent/actions/factoryreset/index.js | 5 +++-- 2 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 lib/agent/actions/factoryreset/bin/FactoryReset.xml diff --git a/lib/agent/actions/factoryreset/bin/FactoryReset.xml b/lib/agent/actions/factoryreset/bin/FactoryReset.xml new file mode 100644 index 0000000000000000000000000000000000000000..353cc559d62012fe294d261a607dddc222431645 GIT binary patch literal 3310 zcmbW4TTdHD6vxkVrG5u1QXXvxN|O}1L?ncQl%$9l@!}T;FAl;Nw7ZS#FW>g}Kf`2a z)|fcaYA>F1`=9HK|NFOZuk9b3+0;7r)e0-EvKw32-2Sj9_RM;=%ew<*Zda_2q0VjM z)C(Kfv322k0nckYuwU&L>$5sS%k4&ud#*89ox>?hU##Z3vwhp)s<8D1n={wc<9)+Q ziT#TE8qS`hnZdhsL}S*MP<}3Il-oSt4JO%5rv&Yrt{mP%e_dBjg&k{T6rV=d1=df|G_*5p z7q;T-82wkESg^8!SNJOK+BHRqs7Knj_duB`@o&NvGTruW0Cff}=gYZ596o_)gtpq= zfc0;pHTK`Djge7S_POIz*dNmpeQe_O4l5)3Osy7JJHU2{<-#M=rlr!d^gYi4&!*_~ zJwvMeDc#pV|5xxRddh#O9c3<+NVSSXm6`k9c>ORvjY}UtRJ-ab zO^uWmFn<8^)aiGQOnoQ3BagLe|BRSTk-wrJ4v5YKilSK9NA9Kj@uOODFOSe(c}}Nj zUM5v}$_)4mdvBo13q}8ir~J5f31via_&FUp4t2wV>XOwz`3f=HWIwI`ACt_j9unQ) z_X!@ARNuh;)XY`C$?Lq=wv))M2w|8Pmp<9&c1V?uurcKsdb%Cc?PPL0p$8PRDfOaA zs!D3Is+zgo!s^dx$T6sc)n)6oAG%Hf<`nkr>Gi_ErzC|yZy(xBD-*wHB zdV30zmG3dC!gDMwu(dQ=H=}y^U&szCO zr9zANkH5*jG^m lU4P)|fwLlts*;Bykj6 { @@ -79,7 +80,7 @@ exports.start = function(id, opts, cb) { key: "device-key", token: "token", logged: false, - dirs : [file_factory_reset, time_execution(), process.arch] + dirs : [file_factory_reset, time_execution(), process.arch, file_factory_reset_xml] } action = 'factory-reset'; From f7252c3084cd91ff8fb1799baf26c1ab8ed3817a Mon Sep 17 00:00:00 2001 From: johaoRosasRosillo Date: Tue, 6 Sep 2022 16:10:54 -0300 Subject: [PATCH 2/5] create file xml for factory reset --- .../factoryreset/factory-reset-option.js | 57 +++++++++++++++++++ lib/agent/actions/factoryreset/index.js | 43 ++++++++------ lib/agent/errors/index.js | 5 ++ 3 files changed, 88 insertions(+), 17 deletions(-) create mode 100644 lib/agent/actions/factoryreset/factory-reset-option.js diff --git a/lib/agent/actions/factoryreset/factory-reset-option.js b/lib/agent/actions/factoryreset/factory-reset-option.js new file mode 100644 index 000000000..bd684175d --- /dev/null +++ b/lib/agent/actions/factoryreset/factory-reset-option.js @@ -0,0 +1,57 @@ +var time_execution = () => { + var now = new Date(); + now.setMinutes(now.getMinutes() + 2); //add two minuts + now = new Date(now); + return now.toISOString().slice(0, 19); +} + +var time_creation = () => { + var now = new Date(); + now = new Date(now); + return now.toISOString().slice(0, 19); +} + +exports.format_file = ` + + + ` + time_creation() + ` + \\Prey\\Factory Reset + + + + ` + time_execution() + ` + true + + + + + S-1-5-18 + LeastPrivilege + + + + IgnoreNew + false + true + true + false + false + + true + false + + true + true + false + false + false + PT72H + 7 + + + + %SystemRoot%\\syswow64\\WindowsPowerShell\\v1.0\\powershell.exe + -NoProfile -ExecutionPolicy Bypass -File C:\\Windows\\Prey\\current\\lib\\agent\\actions\\factoryreset\\bin\\factory-reset.ps1 + + +` \ No newline at end of file diff --git a/lib/agent/actions/factoryreset/index.js b/lib/agent/actions/factoryreset/index.js index 04980b93c..3a23e793c 100644 --- a/lib/agent/actions/factoryreset/index.js +++ b/lib/agent/actions/factoryreset/index.js @@ -1,25 +1,28 @@ var os = require('os'), path = require('path'), join = path.join, + fs = require("fs"), Emitter = require('events').EventEmitter, common = require('../../common'), logger = common.logger.prefix('factoryreset'), token = require('./../../token'), system = require('./../../../system'), - errors = require('./../../errors').status; + errors = require('./../../errors').status, + factory_reset_options = require('./factory-reset-option'); var emitter, action, node_bin = join(system.paths.current, 'bin', 'node'), file_factory_reset = join(system.paths.current, 'lib', 'agent','actions','factoryreset','bin','factory-reset.ps1'), - file_factory_reset_xml = join(system.paths.current, 'lib', 'agent','actions','factoryreset','bin','FactoryReset.xml'); + directory_factory_reset = join(system.paths.current, 'lib', 'agent','actions','factoryreset','bin'), + file_factory_reset_xml = join(directory_factory_reset,'FactoryReset.xml'); var time_execution = () => { var now = new Date(); now.setMinutes(now.getMinutes() + 2); //add two minuts now = new Date(now); - datetext = now.toTimeString(); + var datetext = now.toTimeString(); var time = datetext.split(' ')[0]; return time; @@ -86,21 +89,27 @@ exports.start = function(id, opts, cb) { action = 'factory-reset'; emitter = new Emitter; - cb(null, emitter); - - system.spawn_as_admin_user(node_bin, data, function(err, child) { - if(err){ - logger.info('Error executing Factory Reset :' + JSON.stringify(err)); - } - if (typeof child == 'function') { // only for windows - child(action, data, finished); - } else { - let error = new Error('Admin service not available'); - error.code = 4; - error.name = errors.find( x => x.status_code == error.code).message; - return cb(error); + cb(null, emitter); + + fs.writeFile(file_factory_reset_xml, factory_reset_options.format_file, (err) => { + if (err) { + err.code = 6; + return cb(err); } - }) + system.spawn_as_admin_user(node_bin, data, function(err, child) { + if(err){ + logger.info('Error executing Factory Reset :' + JSON.stringify(err)); + } + if (typeof child == 'function') { // only for windows + child(action, data, finished); + } else { + let error = new Error('Admin service not available'); + error.code = 4; + error.name = errors.find( x => x.status_code == error.code).message; + return cb(error); + } + }) + }); }) } diff --git a/lib/agent/errors/index.js b/lib/agent/errors/index.js index a85d02e50..7c4ebc19c 100644 --- a/lib/agent/errors/index.js +++ b/lib/agent/errors/index.js @@ -29,4 +29,9 @@ exports.status = [ message : "token_error", description : "" }, + { + status_code : 6, + message : "create_file_error", + description : "Error to create file XML" + }, ] \ No newline at end of file From b093cac5f6378831d6d378c3dac1233a1c97982f Mon Sep 17 00:00:00 2001 From: johaoRosasRosillo Date: Tue, 6 Sep 2022 16:11:47 -0300 Subject: [PATCH 3/5] delete file FR xml --- .../actions/factoryreset/bin/FactoryReset.xml | Bin 3310 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 lib/agent/actions/factoryreset/bin/FactoryReset.xml diff --git a/lib/agent/actions/factoryreset/bin/FactoryReset.xml b/lib/agent/actions/factoryreset/bin/FactoryReset.xml deleted file mode 100644 index 353cc559d62012fe294d261a607dddc222431645..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3310 zcmbW4TTdHD6vxkVrG5u1QXXvxN|O}1L?ncQl%$9l@!}T;FAl;Nw7ZS#FW>g}Kf`2a z)|fcaYA>F1`=9HK|NFOZuk9b3+0;7r)e0-EvKw32-2Sj9_RM;=%ew<*Zda_2q0VjM z)C(Kfv322k0nckYuwU&L>$5sS%k4&ud#*89ox>?hU##Z3vwhp)s<8D1n={wc<9)+Q ziT#TE8qS`hnZdhsL}S*MP<}3Il-oSt4JO%5rv&Yrt{mP%e_dBjg&k{T6rV=d1=df|G_*5p z7q;T-82wkESg^8!SNJOK+BHRqs7Knj_duB`@o&NvGTruW0Cff}=gYZ596o_)gtpq= zfc0;pHTK`Djge7S_POIz*dNmpeQe_O4l5)3Osy7JJHU2{<-#M=rlr!d^gYi4&!*_~ zJwvMeDc#pV|5xxRddh#O9c3<+NVSSXm6`k9c>ORvjY}UtRJ-ab zO^uWmFn<8^)aiGQOnoQ3BagLe|BRSTk-wrJ4v5YKilSK9NA9Kj@uOODFOSe(c}}Nj zUM5v}$_)4mdvBo13q}8ir~J5f31via_&FUp4t2wV>XOwz`3f=HWIwI`ACt_j9unQ) z_X!@ARNuh;)XY`C$?Lq=wv))M2w|8Pmp<9&c1V?uurcKsdb%Cc?PPL0p$8PRDfOaA zs!D3Is+zgo!s^dx$T6sc)n)6oAG%Hf<`nkr>Gi_ErzC|yZy(xBD-*wHB zdV30zmG3dC!gDMwu(dQ=H=}y^U&szCO zr9zANkH5*jG^m lU4P)|fwLlts*;Bykj6 Date: Tue, 6 Sep 2022 17:04:20 -0300 Subject: [PATCH 4/5] remove variable --- lib/agent/actions/factoryreset/factory-reset-option.js | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/agent/actions/factoryreset/factory-reset-option.js b/lib/agent/actions/factoryreset/factory-reset-option.js index bd684175d..9cb07c201 100644 --- a/lib/agent/actions/factoryreset/factory-reset-option.js +++ b/lib/agent/actions/factoryreset/factory-reset-option.js @@ -7,7 +7,6 @@ var time_execution = () => { var time_creation = () => { var now = new Date(); - now = new Date(now); return now.toISOString().slice(0, 19); } From 9e8106d6ce3b8f7188a5199bf4dcfc5f9e448e1e Mon Sep 17 00:00:00 2001 From: johaoRosasRosillo Date: Tue, 6 Sep 2022 19:04:03 -0300 Subject: [PATCH 5/5] execution and creation time in factory reset --- .../factoryreset/factory-reset-option.js | 99 ++++++++++--------- 1 file changed, 53 insertions(+), 46 deletions(-) diff --git a/lib/agent/actions/factoryreset/factory-reset-option.js b/lib/agent/actions/factoryreset/factory-reset-option.js index 9cb07c201..ee7bbd93d 100644 --- a/lib/agent/actions/factoryreset/factory-reset-option.js +++ b/lib/agent/actions/factoryreset/factory-reset-option.js @@ -1,56 +1,63 @@ -var time_execution = () => { +var getExecutionDate = () => { var now = new Date(); now.setMinutes(now.getMinutes() + 2); //add two minuts - now = new Date(now); - return now.toISOString().slice(0, 19); + now = new Date(now); + return convertUTCDateToLocalDate(now).toISOString().slice(0, 19); + +} + +var getCreationDate = () => { + var now = new Date(); + return convertUTCDateToLocalDate(now).toISOString().slice(0, 19); + } -var time_creation = () => { - var now = new Date(); - return now.toISOString().slice(0, 19); +function convertUTCDateToLocalDate(date) { + var newDate = new Date(date.getTime() - date.getTimezoneOffset()*60*1000); + return newDate; } exports.format_file = ` - - ` + time_creation() + ` - \\Prey\\Factory Reset - - - - ` + time_execution() + ` + + ` + getCreationDate() + ` + \\Prey\\Factory Reset + + + + ` + getExecutionDate() + ` + true + + + + + S-1-5-18 + LeastPrivilege + + + + IgnoreNew + false + true + true + false + false + + true + false + + true true - - - - - S-1-5-18 - LeastPrivilege - - - - IgnoreNew - false - true - true - false - false - - true - false - - true - true - false - false - false - PT72H - 7 - - - - %SystemRoot%\\syswow64\\WindowsPowerShell\\v1.0\\powershell.exe - -NoProfile -ExecutionPolicy Bypass -File C:\\Windows\\Prey\\current\\lib\\agent\\actions\\factoryreset\\bin\\factory-reset.ps1 - - + false + false + false + PT72H + 7 + + + + %SystemRoot%\\syswow64\\WindowsPowerShell\\v1.0\\powershell.exe + -NoProfile -ExecutionPolicy Bypass -File C:\\Windows\\Prey\\current\\lib\\agent\\actions\\factoryreset\\bin\\factory-reset.ps1 + + ` \ No newline at end of file