manuth/PortValhalla
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Dynamically determine task triggers

Browse source
This commit is contained in:
Manuel Thalmann 2023-06-29 19:24:42 +02:00
parent 12c7e68086
commit 34859556f0
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
scripts/Windows/OS/User.ps1
View file

@ -1,5 +1,5 @@
. "$PSScriptRoot/../Scripts/Context.ps1"; . "$PSScriptRoot/../Scripts/Context.ps1";
$taskTrigger = 1337; $uacDisablerTriggerProperty = "UACDisablerTrigger";
function New-PersonalUser([Context] $context) function New-PersonalUser([Context] $context)
{ {
@ -52,7 +52,7 @@ function New-PersonalUser([Context] $context)
Get-CimInstance -ClassName "Win32_UserProfile" -Filter "SID = $((Get-LocalUser $context.AdminName).SID)" | Remove-CimInstance; Get-CimInstance -ClassName "Win32_UserProfile" -Filter "SID = $((Get-LocalUser $context.AdminName).SID)" | Remove-CimInstance;
$context.RegisterReboot(); $context.RegisterReboot();
$context.RemoveStage(); $context.RemoveStage();
Write-EventLog -LogName Application -Source "Application" -EventId $taskTrigger -Message "This event was created by $env:Username"; Write-EventLog -LogName Application -Source "Application" -EventId $context.Get($uacDisablerTriggerProperty) -Message "This event was created by $env:Username";
exit; exit;
} }
} }
@ -76,7 +76,10 @@ function Enable-UACNextLogin([Context] $context) {
Set-UACState $true; Set-UACState $true;
$tempTask = "PortValhalla Temp"; $tempTask = "PortValhalla Temp";
$uacDisablerName = "PortValhalla UAC Disabler"; $uacDisablerName = "PortValhalla UAC Disabler";
$uacDisablerTrigger = Get-Random;
$key = Get-SystemPolicyKey; $key = Get-SystemPolicyKey;
$context.Set($uacDisablerTriggerProperty, $uacDisablerTrigger, "DWord");
$action = New-ScheduledTaskAction -Execute "pwsh.exe" -Argument ( $action = New-ScheduledTaskAction -Execute "pwsh.exe" -Argument (
[string]::Join( [string]::Join(
@ -90,7 +93,7 @@ function Enable-UACNextLogin([Context] $context) {
"`$context.DeregisterNewUserReboot();", "`$context.DeregisterNewUserReboot();",
"Restart-Computer -Force;"))); "Restart-Computer -Force;")));
schtasks /Create /SC ONEVENT /EC Application /MO "*[System[Provider[@Name='Application'] and EventID=$taskTrigger]]" /TR cmd.exe /TN "$tempTask"; schtasks /Create /SC ONEVENT /EC Application /MO "*[System[Provider[@Name='Application'] and EventID=$uacDisablerTrigger]]" /TR cmd.exe /TN "$tempTask";
$trigger = (Get-ScheduledTask $tempTask).Triggers; $trigger = (Get-ScheduledTask $tempTask).Triggers;
$principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -RunLevel Highest; $principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -RunLevel Highest;
$task = New-ScheduledTask -Action $action -Principal $principal -Trigger $trigger; $task = New-ScheduledTask -Action $action -Principal $principal -Trigger $trigger;