403Webshell
Server IP : 123.56.80.60  /  Your IP : 216.73.216.33
Web Server : Apache/2.4.54 (Win32) OpenSSL/1.1.1s PHP/7.4.33 mod_fcgid/2.3.10-dev
System : Windows NT iZhx3sob14hnz7Z 10.0 build 14393 (Windows Server 2016) i586
User : SYSTEM ( 0)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  C:/Windows/diagnostics/system/Video/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : C:/Windows/diagnostics/system/Video/RC_viddrv_unsigned.ps1
# Copyright © 2009, Microsoft Corporation. All rights reserved.
#*=================================================================================
# Parameters
#*=================================================================================
#PARAM ($drivers)

#*=================================================================================
# Load Utilities
#*=================================================================================
. ./utils_SetupEnv.ps1



#*=================================================================================
#Initialize 
#*=================================================================================

#*=================================================================================
#Run detection logic
#*=================================================================================
#set-stateOFRootCause "viddrv_unsigned"
#pop-msg "unsigned rootcause"
$global:unsignedflag = $false
$iid = "signed"
$debugmode = $false
$drivers = gwmi win32_VideoController |select DeviceID,Name,DriverVersion #|ft -a
foreach($driver in $drivers)
{
	#pop-msg ($driver.name)
	if(($driver.name) -ilike "*Microsoft Basic render*")
	{
		continue
	}
	else
	{
		$out = gwmi Win32_PnPSignedDriver | Where-Object -FilterScript {$_.DeviceName -eq $driver.Name}
		#pop-msg $out.IsSigned
		if($out.getType().IsArray)
		{
			$out = $out[0]
		}
		#if driver is unsigned
		if(($out.IsSigned) -eq $false)
		{
			#check for debug mode (intermediate check) before detecting the root cause
			$global:unsignedflag = $true
			$results = bcdedit
			foreach ($result in $results)
			{
				if($result -ilike "*DISABLE_INTEGRITY_CHECKS*")#debug mode check
				{
					$iid = [string]::Format("{0} {1} debug mode unsigned", $driver.Name,$driver.DriverVersion)
					$debugmode = $true
					#$global:unsignedflag = $true
					break
				}	
			}
			if($debugmode -eq $true)
			{
				update-diagrootcause -id "RC_UnsignedVideoDriver" -iid $iid -detected $true -Parameter @{"DName"= $driver.Name; "DVersion"=$driver.DriverVersion}
				break
			}
			else #unsigned but not debug mode --> consider it signed (should not detect the root cause)
			{
				$iid = [string]::Format("{0} {1} normal mode unsigned", $driver.Name,$driver.DriverVersion)
				update-diagrootcause -id "RC_UnsignedVideoDriver" -iid $iid -detected $false -Parameter @{"DName"= $driver.Name; "DVersion"=$driver.DriverVersion}
				#break
			}
			<#if($global:unsignedflag -eq $true)
			{
				break
			}#>
		}
		
	}
}
if($global:unsignedflag -eq $false)
{
	#pop-msg "no problem: your card is signed"
	update-diagrootcause -id "RC_UnsignedVideoDriver" -iid "signed" -detected $false
}

Youez - 2016 - github.com/yon3zu
LinuXploit