From 47e8e57d5ac5fa122b3446d26417296568bd9778 Mon Sep 17 00:00:00 2001 From: Luke Heath Date: Tue, 12 Dec 2023 12:20:41 -0600 Subject: [PATCH] Revert "Add Windows scripts and set scripts table width" (#15590) --- .../hosts/details/cards/Scripts/_styles.scss | 12 --- .../mdm/windows/windows-change-password.ps1 | 52 ------------- .../windows/windows-disable-administrator.ps1 | 8 -- .../windows/windows-enable-administrator.ps1 | 29 ------- scripts/mdm/windows/windows-lock.ps1 | 35 --------- scripts/mdm/windows/windows-unlock.ps1 | 14 ---- scripts/mdm/windows/windows-wipe.ps1 | 76 ------------------- 7 files changed, 226 deletions(-) delete mode 100644 scripts/mdm/windows/windows-change-password.ps1 delete mode 100644 scripts/mdm/windows/windows-disable-administrator.ps1 delete mode 100644 scripts/mdm/windows/windows-enable-administrator.ps1 delete mode 100644 scripts/mdm/windows/windows-lock.ps1 delete mode 100644 scripts/mdm/windows/windows-unlock.ps1 delete mode 100644 scripts/mdm/windows/windows-wipe.ps1 diff --git a/frontend/pages/hosts/details/cards/Scripts/_styles.scss b/frontend/pages/hosts/details/cards/Scripts/_styles.scss index 0bdc86c03c..0c4f9ccfc3 100644 --- a/frontend/pages/hosts/details/cards/Scripts/_styles.scss +++ b/frontend/pages/hosts/details/cards/Scripts/_styles.scss @@ -9,18 +9,6 @@ line-height: 1.5; } - .table-container { - .name__header { - width: 50%; - } - .last_execution__header { - width: 25%; - } - .actions__header { - width: 25%; - } - } - .table-container__header-left { display: block; } diff --git a/scripts/mdm/windows/windows-change-password.ps1 b/scripts/mdm/windows/windows-change-password.ps1 deleted file mode 100644 index 43cca1128e..0000000000 --- a/scripts/mdm/windows/windows-change-password.ps1 +++ /dev/null @@ -1,52 +0,0 @@ -# PowerShell script to log off all users and change their passwords - -# Function to generate a random password -function Generate-Password { - param ( - [int]$length = 12 - ) - $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()_-+=<>?/" - $password = -join ((1..$length) | ForEach-Object { Get-Random -Maximum $chars.length } | ForEach-Object { $chars[$_]} ) - return $password -} - -# Log off all non-administrative users -$loggedOffUsers = @{} -Get-WmiObject -Class Win32_UserProfile | Where-Object { $_.Special -eq $false } | ForEach-Object { - $username = $_.LocalPath.Split('\')[-1] - if ($username -ne "Administrator" -and $username -ne $env:USERNAME -and -not $loggedOffUsers.ContainsKey($username)) { - try { - $userSessions = query user | Where-Object { $_ -match "\b$username\b" } - foreach ($session in $userSessions) { - if ($session -match "\s+(\d+)\s+Disc\s+") { - # Disconnected sessions can't be logged off - continue - } - elseif ($session -match "\s+(\d+)\s+") { - $sessionID = $matches[1] - logoff $sessionID - $loggedOffUsers[$username] = $true - Write-Host "Logged out user: $username" - } - } - } catch { - Write-Host "Could not log off user: $username. Error: $($_.Exception.Message)" - } - } -} - -# Get all local user accounts except built-in accounts like 'Administrator' -$users = Get-LocalUser | Where-Object { $_.Name -notlike "Administrator" -and $_.PrincipalSource -eq "Local" } - -# Change password for each user and output the new password -foreach ($user in $users) { - $newPassword = Generate-Password -length 12 - $securePassword = ConvertTo-SecureString $newPassword -AsPlainText -Force - - try { - Set-LocalUser -Name $user.Name -Password $securePassword - Write-Host "Password for user $($user.Name) changed successfully. New Password: $newPassword" - } catch { - Write-Host "Failed to change password for user $($user.Name)" - } -} diff --git a/scripts/mdm/windows/windows-disable-administrator.ps1 b/scripts/mdm/windows/windows-disable-administrator.ps1 deleted file mode 100644 index de66080e7b..0000000000 --- a/scripts/mdm/windows/windows-disable-administrator.ps1 +++ /dev/null @@ -1,8 +0,0 @@ -# PowerShell script to disable the Administrator account - -# Run this script as an administrator - -# Disable the Administrator account -Disable-LocalUser -Name "Administrator" - -Write-Host "Administrator account has been disabled." diff --git a/scripts/mdm/windows/windows-enable-administrator.ps1 b/scripts/mdm/windows/windows-enable-administrator.ps1 deleted file mode 100644 index 13c48b04fe..0000000000 --- a/scripts/mdm/windows/windows-enable-administrator.ps1 +++ /dev/null @@ -1,29 +0,0 @@ -# PowerShell script to enable the Administrator account and set a random, secure password - -# Run this script as an administrator - -# Function to generate a random password -function Generate-Password { - param ( - [int]$length = 12 - ) - $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()_-+=<>?/" - $password = -join ((1..$length) | ForEach-Object { Get-Random -Maximum $chars.length } | ForEach-Object { $chars[$_]} ) - return $password -} - -# Generate a random password -$password = Generate-Password -length 12 - -# Convert the password to a SecureString -$securePassword = ConvertTo-SecureString $password -AsPlainText -Force - -# Enable the Administrator account -Enable-LocalUser -Name "Administrator" - -# Set the generated password for the Administrator account -Set-LocalUser -Name "Administrator" -Password $securePassword - -# Output the password -Write-Host "Administrator account has been enabled." -Write-Host "Generated Password: $password" diff --git a/scripts/mdm/windows/windows-lock.ps1 b/scripts/mdm/windows/windows-lock.ps1 deleted file mode 100644 index e4d9809fee..0000000000 --- a/scripts/mdm/windows/windows-lock.ps1 +++ /dev/null @@ -1,35 +0,0 @@ -# PowerShell script to log off all non-administrative users and disable their accounts - -# Log off all non-administrative users -$loggedOffUsers = @{} -Get-WmiObject -Class Win32_UserProfile | Where-Object { $_.Special -eq $false } | ForEach-Object { - $username = $_.LocalPath.Split('\')[-1] - if ($username -ne "Administrator" -and $username -ne $env:USERNAME -and -not $loggedOffUsers.ContainsKey($username)) { - try { - $userSessions = query user | Where-Object { $_ -match "\b$username\b" } - foreach ($session in $userSessions) { - if ($session -match "\s+(\d+)\s+Disc\s+") { - # Disconnected sessions can't be logged off - continue - } - elseif ($session -match "\s+(\d+)\s+") { - $sessionID = $matches[1] - logoff $sessionID - $loggedOffUsers[$username] = $true - Write-Host "Logged out user: $username" - } - } - } catch { - Write-Host "Could not log off user: $username. Error: $($_.Exception.Message)" - } - } -} - -# Disable all non-administrative local user accounts -Get-LocalUser | Where-Object { $_.Enabled -eq $true -and $_.Name -ne "Administrator" } | ForEach-Object { - $username = $_.Name - Disable-LocalUser -Name $username - Write-Host "Disabled account for $username" -} - -Write-Host "All non-administrative users have been logged out and their accounts disabled." diff --git a/scripts/mdm/windows/windows-unlock.ps1 b/scripts/mdm/windows/windows-unlock.ps1 deleted file mode 100644 index 6a10c00fb3..0000000000 --- a/scripts/mdm/windows/windows-unlock.ps1 +++ /dev/null @@ -1,14 +0,0 @@ -# PowerShell script to enable all disabled local user accounts - -# Get all local user accounts -$localUsers = Get-LocalUser - -# Enable each disabled user account -foreach ($user in $localUsers) { - if ($user.Enabled -eq $false) { - Enable-LocalUser -Name $user.Name - Write-Host "Enabled user account: $($user.Name)" - } -} - -Write-Host "All disabled user accounts have been enabled." diff --git a/scripts/mdm/windows/windows-wipe.ps1 b/scripts/mdm/windows/windows-wipe.ps1 deleted file mode 100644 index aa27fc52bb..0000000000 --- a/scripts/mdm/windows/windows-wipe.ps1 +++ /dev/null @@ -1,76 +0,0 @@ -# PowerShell script to wipe user data and then make the Windows system inoperable - -# Function to delete user data -function Wipe-UserData { - $userFolders = Get-ChildItem C:\Users -Directory - - foreach ($folder in $userFolders) { - if ($folder.Name -notlike "Public" -and $folder.Name -notlike "Default*" -and $folder.Name -notlike "Administrator") { - $path = $folder.FullName - Write-Host "Wiping user data in $path" - Remove-Item -Path $path -Recurse -Force - } - } -} - -# Function to delete critical system files and directories -function Wipe-SystemFiles { - $criticalPaths = @( - "C:\Program Files", - "C:\Program Files (x86)", - "C:\Windows\System32", - "C:\Windows\SysWOW64" - # Add other critical paths as necessary - ) - - foreach ($path in $criticalPaths) { - if (Test-Path $path) { - try { - Takeown /f $path /r /d y - Icacls $path /grant administrators:F /t - Remove-Item -Path $path -Recurse -Force - Write-Host "Wiped $path" - } catch { - Write-Host "Failed to wipe $path" - } - } - } -} - -# Log off all non-administrative users -$loggedOffUsers = @{} -Get-WmiObject -Class Win32_UserProfile | Where-Object { $_.Special -eq $false } | ForEach-Object { - $username = $_.LocalPath.Split('\')[-1] - if ($username -ne "Administrator" -and $username -ne $env:USERNAME -and -not $loggedOffUsers.ContainsKey($username)) { - try { - $userSessions = query user | Where-Object { $_ -match "\b$username\b" } - foreach ($session in $userSessions) { - if ($session -match "\s+(\d+)\s+Disc\s+") { - # Disconnected sessions can't be logged off - continue - } - elseif ($session -match "\s+(\d+)\s+") { - $sessionID = $matches[1] - logoff $sessionID - $loggedOffUsers[$username] = $true - Write-Host "Logged out user: $username" - } - } - } catch { - Write-Host "Could not log off user: $username. Error: $($_.Exception.Message)" - } - } -} - -# Disable all non-administrative local user accounts -Get-LocalUser | Where-Object { $_.Enabled -eq $true -and $_.Name -ne "Administrator" } | ForEach-Object { - $username = $_.Name - Disable-LocalUser -Name $username - Write-Host "Disabled account for $username" -} - -# Start the wiping process -Wipe-UserData -Wipe-SystemFiles - -Write-Host "Wiping process completed."