Upload files to "Vulnerability Scripts/Compromised Host Files"
This commit is contained in:
+47
@@ -0,0 +1,47 @@
|
|||||||
|
<#
|
||||||
|
Author: Gabe Kerntke
|
||||||
|
Date: 04-15-2024
|
||||||
|
|
||||||
|
.Synopsis
|
||||||
|
|
||||||
|
.Modified
|
||||||
|
2024-04-15 (GabeK) - Original script created
|
||||||
|
|
||||||
|
#>
|
||||||
|
|
||||||
|
#Region Variables
|
||||||
|
$URL = "scinstallcheck.mcafee.com"
|
||||||
|
$HostFileTest = Get-Content "C:\Windows\System32\drivers\etc\hosts" | Where-Object { $_ -like "*$URL*" }
|
||||||
|
$HostFilePath = "C:\Windows\System32\drivers\etc\hosts"
|
||||||
|
$HostFile = Get-Content "C:\Windows\System32\drivers\etc\hosts"
|
||||||
|
|
||||||
|
#Region Script Start
|
||||||
|
|
||||||
|
#If the $URL exists in the host file it continues with the fix
|
||||||
|
If ($null -ne $HostFileTest) {
|
||||||
|
#Makes copy of Host file before making changes
|
||||||
|
Copy-Item $HostFilePath -Destination "C:\Windows\System32\drivers\etc\hosts - backup" -Force
|
||||||
|
#Makes the change to the Host file
|
||||||
|
$NewFile = $HostFile -replace "0.0.0.1", "#" -replace "scinstallcheck.mcafee.com", "#"
|
||||||
|
|
||||||
|
Try {
|
||||||
|
#Sees if the changes to the Host file can saved
|
||||||
|
Set-Content -Value $NewFile -Path $HostFilePath -Force -ErrorAction Stop
|
||||||
|
}
|
||||||
|
|
||||||
|
catch {
|
||||||
|
#If error occurs with saving new Host file, revert to backup Host file
|
||||||
|
Copy-Item "C:\Windows\System32\drivers\etc\hosts - backup" -Destination $HostFilePath -Force
|
||||||
|
Write-Host "Failed to modify host file, exiting script"
|
||||||
|
Break
|
||||||
|
}
|
||||||
|
|
||||||
|
Write-Host "Host file has been modified"
|
||||||
|
#Removes backup Host file
|
||||||
|
Remove-Item "C:\Windows\System32\drivers\etc\hosts - backup"
|
||||||
|
}
|
||||||
|
|
||||||
|
Else {
|
||||||
|
Write-Host "$URL does not exist in host file, exiting script."
|
||||||
|
}
|
||||||
|
#Region Script End
|
||||||
Reference in New Issue
Block a user