public/Save-TNPlugin.ps1
|
function Save-TNPlugin { <# .SYNOPSIS Saves ACAS plugin files from https://patches.csd.disa.mil/CollectionInfo.aspx?id=552 .DESCRIPTION The SecurityCenter feed contains updates to templates used in SecurityCenter. Active plugins are used by the Nessus scanners and passive plugins are used by the Passive Vulnerability Scanner. These files are downloaded from https://patches.csd.disa.mil/CollectionInfo.aspx?id=552. This site is configured to accept only the Department of Defense (DoD) Common Access Card (CAC) or an External Certification Authority (ECA) PKI token. You will need to register on the site if you haven't yet. PoshRSJob is required for this function. Run "Install-Module -Name PoshRSJob -Scope CurrentUser" to install it. .PARAMETER Path Specify a path to save the files .NOTES Going to add force parameter and a file existance check #> [CmdletBinding()] param ( [String]$Path = $PWD, [switch]$EnableException ) begin { $thumbprint = [System.Security.Cryptography.X509Certificates.X509Certificate2[]](Get-ChildItem Cert:\CurrentUser\My | Where-Object FriendlyName -like "*ID Certificate*") | Select-Object -ExpandProperty Thumbprint } process { if (Test-PSFFunctionInterrupt) { return } [string]$FolderName = Get-Date -f MMddyyyy $OutPath = $path + $FolderName Write-PSFMessage -Level Verbose -Message "Prompting for CAC PIN" $acasfiles = Get-TNFiles if (Test-Path -Path $outpath) { Write-PSFMessage -Level Verbose -Message "Output folder exists" } else { $null = New-Item -Path $Path -Name $Foldername -ItemType directory } $filestodownload = $acasfiles | Where-Object { $PSItem.FileName -notlike "*diff*" -and $PSItem.FileName -notlike "*md5*" } | Sort-Object length if ($filestodownload.count -ge 1) { Write-PSFMessage -Level Verbose -Message "Found $($filestodownload.count) files to download" } if ($filestodownload.count -ge 3) { Write-PSFMessage -Level Verbose -Message "More than 2 files found. Limited to 2 at a time. When the next download is started you may be prompted for your PIN again" } #scriptblock for splitting into seperate jobs $ScriptBlock = { $ProgressPreference = 'SilentlyContinue' $thumbprint = [System.Security.Cryptography.X509Certificates.X509Certificate2[]](Get-ChildItem Cert:\CurrentUser\My | Where-Object FriendlyName -like "*ID Certificate*") | Select-Object -ExpandProperty Thumbprint $null = Invoke-WebRequest -CertificateThumbprint $thumbprint -Uri "https://patches.csd.disa.mil/PkiLogin/Default.aspx" -SessionVariable websession $remote = $PSItem.DownloadLink [string]$target = Join-Path -Path $Using:OutPath -ChildPath $PSItem.FileName Invoke-WebRequest -CertificateThumbprint $thumbprint -Uri $remote -OutFile $target -WebSession $websession } foreach ($File in $filestodownload) { $FileLength = [math]::round($File.Length / 1mb) Write-PSFMessage -Level Verbose -Message "Queueing download of $($file.FileName) which was last updated on $($file.PostedDate) and is $($FileLength)MB" } $filestodownload | Start-RSjob -ScriptBlock $ScriptBlock -Throttle 2 | Wait-RSJob -ShowProgress | Receive-RSJob Get-RSJob | Remove-RSJob #make sure file hashes match what is reported on website Write-PSFMessage -Level Verbose -Message "Checking file hashes" $filestocheck = Get-ChildItem -LiteralPath $outpath foreach ($file in $filestocheck) { Write-PSFMessage -Level Verbose -Message "Checking hash on $($file.Name)" $filehash = Get-FileHash -Path $file.FullName foreach ($acasfile in $acasfiles) { if ($file.Name -eq $acasfile.FileName) { if ($acasfile.SHA256 -eq $filehash.Hash) { Write-PSFMessage -Level Verbose -Message "Hash on $($file.Name) was valid" } else { Write-PSFMessage -Level Verbose -Message "Hash on $($file.Name) was not valid" } } } Get-ChildItem -Path $file.FullName } } } |