Updates + countries blocklists

scripts_staging/Checks/Certificates expiry.ps1

@@ -28,16 +28,27 @@
     04.09.2024 SAN Problems corrections
     30.09.2024 SAN changed outputs layouts
     11.12.24 SAN added errorThresholdDays to help change the status when close to expiry, moved threshold to env
+    07.01.25 SAN Bugfix in env var
 
 .TODO
     Make the output messages more readable
     move all flags and var to env
 
+
 #>
 
 # Get values from environment variables, defaulting if unset
-$warnThresholdDays = [int](if ($env:WARN_THRESHOLD_DAYS) { $env:WARN_THRESHOLD_DAYS } else { 20 })
-$errorThresholdDays = [int](if ($env:ERROR_THRESHOLD_DAYS) { $env:ERROR_THRESHOLD_DAYS } else { 5 })
+if ($env:WARN_THRESHOLD_DAYS -ne $null) {
+    $warnThresholdDays = [int]$env:WARN_THRESHOLD_DAYS
+} else {
+    $warnThresholdDays = 20
+}
+
+if ($env:ERROR_THRESHOLD_DAYS -ne $null) {
+    $errorThresholdDays = [int]$env:ERROR_THRESHOLD_DAYS
+} else {
+    $errorThresholdDays = 5
+}
 
 # Configuration Variables
 $certificateStores = @("Cert:\LocalMachine\My", "Cert:\LocalMachine\WebHosting", "Cert:\LocalMachine\Remote Desktop")

scripts_staging/Checks/Windows Services.ps1

@@ -23,21 +23,22 @@
 .CHANGELOG
     28.10.24 SAN - Removed ignored output without the debug flag.
     28.10.24 SAN - cleanup documentation.
+    21.01.25 SAN - Code cleanup
 
-#>
 
+#>
 
 
-# Define a generic list of services names to be ignored by the check
-$ignoredPartialDisplayNames = @(
+# Define a generic list of service names to be ignored by default
+$ignoredByDefault = @(
     "Software Protection",
     "Remote Registry",
     "State Repository Service",
     "Service Google Update",
     "Clipboard User Service",
     "Service Brave Update",
     "Google Update Service",
-    "Windows Modules Installer", # not sure about this one if we should monitor it or not
+    "Windows Modules Installer", # Unsure if this one should be monitored
     "Downloaded Maps Manager",
     "Windows Biometric Service",
     "RemoteRegistry",
@@ -51,61 +52,60 @@ $ignoredPartialDisplayNames = @(
     "sppsvc",
     "SharePoint Migration Service",
     "dbupdate",
-    "TrustedInstaller", # this one is strange it was failing on a lot of devices but no idea if it should or could be fixed
+    "TrustedInstaller", # Frequently failing; unclear if actionable
     "MSExchangeNotificationsBroker",
     "tiledatamodelsvc",
     "BITS",
     "CDPSvc",
     "AGSService",
-    "ShellHWDetection" # this one is strange it was failing on a lot of devices but no idea if it should or could be fixed
-
+    "ShellHWDetection" # Frequently failing; unclear if actionable
 )
 
-# Check if "IgnoredServices" environment variable exists and add those services to the ignore list
-$envIgnoredServices = [Environment]::GetEnvironmentVariable('IgnoredServices')
-if (-not [string]::IsNullOrEmpty($envIgnoredServices)) {
-    $additionalIgnoredServices = $envIgnoredServices -split ','
-    $ignoredPartialDisplayNames += $additionalIgnoredServices
+# Check if the "IgnoredServices" environment variable exists and add those services to the ignore list
+$addonsToIgnoredList = [Environment]::GetEnvironmentVariable('IgnoredServices')
+if (-not [string]::IsNullOrEmpty($addonsToIgnoredList)) {
+    $additionalServices = $addonsToIgnoredList -split ','
+    $ignoredByDefault += $additionalServices
 }
 
-# Convert ignored partial display names to a regular expression pattern
-$ignoredPattern = ($ignoredPartialDisplayNames | ForEach-Object { [regex]::Escape($_) }) -join '|'
+# Convert ignored services to a regular expression pattern
+$ignoredPattern = ($ignoredByDefault | ForEach-Object { [regex]::Escape($_) }) -join '|'
 
-# Get services with automatic start type or Automatic (Delayed Start) that are not running
+# Get services with Automatic start type or Automatic (Delayed Start) that are not running
 $servicesToCheck = Get-Service | Where-Object { ($_.StartType -eq 'Automatic' -or $_.StartType -eq 'Automatic (Delayed Start)') -and $_.Status -ne 'Running' }
 
 # Initialize arrays to store services that need attention and services that were stopped but ignored
-$servicesToStart = @()
+$servicesNeedingAttention = @()
 $ignoredStoppedServices = @()
 
 # Check the status of each service
 foreach ($service in $servicesToCheck) {
     # Check if the display name or service name matches the ignored pattern
     if ($service.DisplayName -notmatch $ignoredPattern -and $service.ServiceName -notmatch $ignoredPattern) {
         # Add the service to the list of services to start
-        $servicesToStart += $service
+        $servicesNeedingAttention += $service
     } else {
         # Add the service to the list of ignored stopped services
         $ignoredStoppedServices += $service
     }
 }
 
-# Check if enabledebug environment variable is set to true
+# Check if the "enabledebug" environment variable is set to true
 $enableDebugValue = [System.Environment]::GetEnvironmentVariable("enabledebugscript")
 $debugEnabled = $enableDebugValue -ne $null -and [System.Boolean]::Parse($enableDebugValue)
 
-
 if ($debugEnabled) {
-    Write-Host "Debug enabled"
+    Write-Host "Debug mode is enabled."
 }
+
 # Display the results
-if ($servicesToStart.Count -eq 0) {
+if ($servicesNeedingAttention.Count -eq 0) {
     if (-not $debugEnabled) {
         Write-Host "All required services are running."
     }
 
     if ($ignoredStoppedServices.Count -ne 0 -and $debugEnabled) {
-        Write-Host "The following services were stopped but ignored:"
+        Write-Host "The following services were stopped but are ignored:"
         foreach ($service in $ignoredStoppedServices) {
             Write-Host "$($service.DisplayName) ($($service.ServiceName))"
         }
@@ -115,10 +115,9 @@ if ($servicesToStart.Count -eq 0) {
 
 } else {
     Write-Host "The following services need attention:"
-    foreach ($service in $servicesToStart) {
+    foreach ($service in $servicesNeedingAttention) {
         Write-Host "$($service.DisplayName) ($($service.ServiceName))"
     }
 
     Exit 1
-
 }

scripts_staging/Checks/is Remote TCP port open.ps1

@@ -0,0 +1,59 @@
+<#
+.SYNOPSIS
+    Checks if a TCP port is open on a remote machine based on the environment variables "TCP_HOST" and "TCP_PORT".
+
+.DESCRIPTION
+    This script checks if a TCP port on a remote host is open using `Test-NetConnection`.
+    If unavailable, it falls back to `System.Net.Sockets.TcpClient`.
+
+    If the port is closed or invalid, the script exits with status 1.
+
+.EXAMPLE
+    TCP_HOST=example.com
+    TCP_PORT=443
+
+.NOTES
+    Author: SAN
+    Date: 07.02.2025
+    #public
+#>
+
+# Get environment variables
+$hostName = [System.Environment]::GetEnvironmentVariable("TCP_HOST")
+$portStr = [System.Environment]::GetEnvironmentVariable("TCP_PORT")
+
+# Validate inputs
+if (-not $hostName) {
+    Write-Output "Error: Environment variable 'TCP_HOST' is not set."
+    exit 1
+}
+
+$port = 0
+if (-not $portStr -or -not [int]::TryParse($portStr, [ref]$port) -or $port -lt 1) {
+    Write-Output "Error: Environment variable 'TCP_PORT' is not set or invalid."
+    exit 1
+}
+
+# Use Test-NetConnection if available
+if (Get-Command Test-NetConnection -ErrorAction SilentlyContinue) {
+    $tcpConnection = Test-NetConnection -ComputerName $hostName -Port $port
+    if ($tcpConnection.TcpTestSucceeded) {
+        Write-Output "OK: Port $port on $hostName is open."
+        exit 0
+    } else {
+        Write-Output "KO: Port $port on $hostName is not open."
+        exit 1
+    }
+} else {
+    # Fallback to TcpClient if Test-NetConnection is unavailable
+    try {
+        $tcpClient = New-Object System.Net.Sockets.TcpClient
+        $tcpClient.Connect($hostName, $port)
+        Write-Output "OK: Port $port on $hostName is open."
+        $tcpClient.Close()
+        exit 0
+    } catch {
+        Write-Output "KO: Port $port on $hostName is not open."
+        exit 1
+    }
+}

scripts_staging/Checks/is TCP port open.ps1

@@ -0,0 +1,87 @@
+<#
+.SYNOPSIS
+    Checks if a TCP port is open on the local machine based on the environment variable "TCP_PORT".
+
+.DESCRIPTION
+    This script checks if the TCP port defined by the environment variable "TCP_PORT" is open using the `Test-NetConnection` cmdlet. 
+    If `Test-NetConnection` is not available, it falls back to using the `System.Net.Sockets.TcpClient` class to perform the check.
+    Additionally, it will display the executable and process information that is holding the port open.
+    If the application is linked to a service, the service name and status will be displayed.
+    The script will exit with a status code of 1 if the port is closed or if the environment variable is not set.
+
+.EXEMPLE
+    TCP_PORT=3435
+
+.NOTES
+    Author: SAN
+    Date: 01.10.2024
+    #public
+
+.CHANGELOG
+
+#>
+
+$portStr = [System.Environment]::GetEnvironmentVariable("TCP_PORT")
+
+# Initialize the port variable
+$port = 0
+
+# Check if the environment variable is set and valid
+if (-not $portStr -or -not [int]::TryParse($portStr, [ref]$port) -or $port -lt 1) {
+    Write-Output "Error: Environment variable 'TCP_PORT' is not set or is invalid."
+    exit 1
+}
+
+$address = "localhost"
+
+Write-Output "Checking connectivity to $address on port $port..."
+
+# Try Test-NetConnection if available
+if (Get-Command Test-NetConnection -ErrorAction SilentlyContinue) {
+    $tcpConnection = Test-NetConnection -ComputerName $address -Port $port
+    if ($tcpConnection.TcpTestSucceeded) {
+        Write-Output "Success: Port $port on $address is open."
+    } else {
+        Write-Output "Failure: Port $port on $address is not open."
+        Write-Output "Details: TCP connection test failed."
+        exit 1
+    }
+} else {
+    # Fallback using TcpClient
+    try {
+        $tcpClient = New-Object System.Net.Sockets.TcpClient
+        $tcpClient.Connect($address, $port)
+        Write-Output "Success: Port $port on $address is open."
+        $tcpClient.Close()
+    } catch {
+        Write-Output "Failure: Port $port on $address is not open."
+        Write-Output "Details: TCP connection test threw an exception."
+        exit 1
+    }
+}
+
+# Find the process holding the port open for incoming connections only
+$netstatOutput = netstat -ano | Select-String ":$port\s" | ForEach-Object { $_.Line } | Where-Object { $_ -match 'LISTENING' -and $_ -match '0.0.0.0|127.0.0.1' }
+if ($netstatOutput) {
+    $portPID = $netstatOutput -replace '^.*\s+(\d+)$', '$1'
+    $process = Get-Process -Id $portPID -ErrorAction SilentlyContinue
+
+    if ($process) {
+        Write-Output "The port $port is being used by the process '$($process.ProcessName)' (PID: $portPID)."
+        Write-Output "Executable Path: $($process.Path)"
+
+        # Check if the process is linked to a service
+        $service = Get-WmiObject Win32_Service | Where-Object { $_.ProcessId -eq $portPID }
+        if ($service) {
+            Write-Output "This process is linked to the service: '$($service.Name)'"
+            Write-Output "Service Display Name: $($service.DisplayName)"
+            Write-Output "Service Status: $($service.State)"
+        } else {
+            Write-Output "This process is not linked to any service."
+        }
+    } else {
+        Write-Output "Unable to retrieve the process details for PID $portPID."
+    }
+} else {
+    Write-Output "No process is currently using port $port for incoming connections."
+}

scripts_staging/Fixes/Bluescreen report.ps1

@@ -20,6 +20,7 @@
 
 .CHANGELOG
     18.12.24 SAN Added site & client name to the uploaded file, added boot time to the report, moved dmp check
+    08.01.25 SAN Remove error code in case of missing folder it is causing issues in case of false positive on failure runs
 
 #>
 # Step 1: Retrieve Nextcloud WebDAV URL, Token, Client Name, and Site Name from environment variables
@@ -45,11 +46,11 @@ $hostname = (Get-WmiObject -Class Win32_ComputerSystem).Name
 
 # Check if the Minidump directory exists and contains any .dmp
 if (-not (Test-Path $minidumpPath)) {
-    Write-Host "Minidump folder not found!"
-    exit 1
+    Write-Error "Minidump folder not found!"
+    exit
 } elseif (-not (Get-ChildItem -Path $minidumpPath -Filter "*.dmp")) {
-    Write-Host "No dump files found in Minidump folder!"
-    exit 1
+    Write-Error "No dump files found in Minidump folder!"
+    exit
 }
 
 # Sanitize Client Name and Site Name to keep only a-z, 0-9, and spaces, then replace spaces with dashes