Write a air gapped wsus powershell script that consists of 3 menu options
1) identify a newly inserted USB drive and use its mapped drive letter within this PowerShell script for the other menu options
2) WSUS Export, this will export the files remotely from C:\WSUSUpdates folder on server name WSUSServer and copies them to your local USB drive mapped to X drive and within X:\WSUS-Transport. also ask for creds when connecting to the WSUSServer.
3) Copy the files on the USB X drive from X:\WSUS-Transport onto the WSUSServer2 and copy them into C:\WSUSUpdates2
4) execute this command wsusutil.exe import C:\WSUSUpdates2\export.xml.gz export.log
#
Write a air gapped wsus powershell script that consists of 3 options
1) WSUS Export, this will export the files remotely from C:\WSUSUpdates folder on server name WSUSServer and copies them to your local USB drive mapped to X drive and within X:\WSUS-Transport. also ask for creds when connecting to the WSUSServer.
2) Copy the files on the USB X drive from X:\WSUS-Transport onto the WSUSServer2 and copy them into C:\WSUSUpdates2
3) execute this command wsusutil.exe import C:\WSUSUpdates2\export.xml.gz export.log
Sure, here’s an air gapped WSUS PowerShell script that consists of three options:
bash
Copy code
WSUS PowerShell Script
Option 1: Export WSUS Updates
$export = Read-Host “Do you want to export WSUS updates? (Y/N)”
if ($export -eq “Y”) {
$sourcePath = “\WSUSServer\C$\WSUSUpdates”
$targetPath = “X:\WSUS-Transport”
$cred = Get-Credential
Copy-Item -Path $sourcePath -Destination $targetPath -Recurse -Credential $cred
& “C:\Program Files\Update Services\Tools\wsusutil.exe” export $targetPath\export.xml.gz $targetPath\export.log
}
Option 2: Copy WSUS Updates to Another Server
$copy = Read-Host “Do you want to copy WSUS updates to another server? (Y/N)”
if ($copy -eq “Y”) {
$sourcePath = “X:\WSUS-Transport”
$targetPath = “\WSUSServer2\C$\WSUSUpdates2”
Copy-Item -Path $sourcePath -Destination $targetPath -Recurse
}
Option 3: Import WSUS Updates
$import = Read-Host “Do you want to import WSUS updates? (Y/N)”
if ($import -eq “Y”) {
$importPath = “C:\WSUSUpdates2\export.xml.gz”
$logPath = “C:\WSUSUpdates2\export.log”
& “C:\Program Files\Update Services\Tools\wsusutil.exe” import $importPath $logPath
}
Option 1 prompts the user if they want to export WSUS updates. If the user chooses “Y”, the script will connect to the WSUSServer, using credentials provided by the user, and copy the WSUS updates from C:\WSUSUpdates to the local USB drive, mapped to X:\WSUS-Transport. Then, the script will use the wsusutil.exe command to export the updates to X:\WSUS-Transport\export.xml.gz and X:\WSUS-Transport\export.log.
Option 2 prompts the user if they want to copy WSUS updates to another server. If the user chooses “Y”, the script will copy the updates from X:\WSUS-Transport to \WSUSServer2\C$\WSUSUpdates2.
Option 3 prompts the user if they want to import WSUS updates. If the user chooses “Y”, the script will use the wsusutil.exe command to import the updates from C:\WSUSUpdates2\export.xml.gz and C:\WSUSUpdates2\export.log.
#
To identify a newly inserted USB drive and use its mapped drive letter within a PowerShell script, you can use the following steps:
Use the Get-WMIObject cmdlet to query the Win32_Volume class to get information about all mounted volumes, including USB drives.
Filter the results to include only removable drives by checking the DriveType property.
Check for any new drives by comparing the current list of removable drives to a previous list of removable drives.
If a new drive is detected, assign its drive letter to a variable and use it within your script.
Here is an example PowerShell code that demonstrates this:
perl
Copy code
Define the WMI query to get the mounted volumes
$wmiQuery = “SELECT * FROM Win32_Volume WHERE DriveType = 2”
Get the current list of removable drives
$currentDrives = Get-WMIObject -Query $wmiQuery | Select-Object DriveLetter
Wait for a new drive to be inserted
do {
Write-Host “Insert a USB driveā¦”
Start-Sleep -Seconds 5
$newDrives = Get-WMIObject -Query $wmiQuery | Select-Object DriveLetter
} until ($newDrives.Count -gt $currentDrives.Count)
Find the new drive by comparing the current and new lists
$newDriveLetter = ($newDrives | Where-Object {$currentDrives.DriveLetter -notcontains $_.DriveLetter}).DriveLetter
Use the new drive letter in your script
Write-Host “New USB drive detected: $($newDriveLetter)”
This script waits for a new USB drive to be inserted by continuously checking for changes in the list of removable drives using a loop. When a new drive is detected, its drive letter is assigned to the $newDriveLetter variable, which can then be used within the script.
#
Write a air gapped wsus powershell script that consists of 4 menu options
1) identify a newly inserted USB drive and use its mapped drive letter within this PowerShell script for the other menu options
2) WSUS Export, this will export the files remotely from C:\WSUSUpdates folder on server name WSUSServer and copies them to your local USB drive mapped to X drive and within X:\WSUS-Transport. also ask for creds when connecting to the WSUSServer.
3) Copy the files on the USB X drive from X:\WSUS-Transport onto the WSUSServer2 and copy them into C:\WSUSUpdates2
4) execute this command wsusutil.exe import C:\WSUSUpdates2\export.xml.gz export.log
Sure, here’s an updated script that includes the 4th menu option:
Function to identify newly inserted USB drive and return its mapped drive letter
Function Get-USBDriveLetter {
$drive = Get-WMIObject Win32_LogicalDisk | Where-Object {$_.DriveType -eq 2} | Sort-Object -Property Name | Select-Object -Last 1
$driveLetter = $drive.Name
return $driveLetter
}
Menu options
do {
Clear-Host
Write-Host “Select an option:”
Write-Host “1. Identify a newly inserted USB drive and use its mapped drive letter within this script.”
Write-Host “2. WSUS Export: Export WSUS update files from WSUSServer and copy to USB drive.”
Write-Host “3. WSUS Import: Copy WSUS update files from USB drive to WSUSServer2.”
Write-Host “4. WSUS Util: Run WSUSUtil.exe import command on WSUSServer2.”
Write-Host “5. Exit.”
$choice = Read-Host “Enter your choice (1-5):”
switch ($choice) {
1 {
$usbDriveLetter = Get-USBDriveLetter
Write-Host “USB drive letter: $usbDriveLetter”
Start-Sleep -Seconds 5 # Wait for user to read output
}
2 {
# Prompt for credentials to connect to WSUSServer
$cred = Get-Credential
# Copy WSUS update files to USB drive
$usbDriveLetter = Get-USBDriveLetter
$usbPath = “$usbDriveLetter\WSUS-Transport”
New-Item -ItemType Directory -Path $usbPath -Force
Copy-Item -Path “\WSUSServer\C$\WSUSUpdates*” -Destination $usbPath -Recurse -Credential $cred
Write-Host “WSUS update files copied to USB drive ($usbPath).”
Start-Sleep -Seconds 5 # Wait for user to read output
}
3 {
# Copy WSUS update files from USB drive to WSUSServer2
$usbDriveLetter = Get-USBDriveLetter
$usbPath = “$usbDriveLetter\WSUS-Transport”
Copy-Item -Path $usbPath* -Destination “\WSUSServer2\C$\WSUSUpdates2” -Recurse
Write-Host “WSUS update files copied from USB drive ($usbPath) to WSUSServer2.”
Start-Sleep -Seconds 5 # Wait for user to read output
}
4 {
# Run WSUSUtil.exe import command on WSUSServer2
$wsusUtilPath = “C:\Program Files\Update Services\Tools\WsusUtil.exe”
$xmlPath = “C:\WSUSUpdates2\export.xml.gz”
$logPath = “C:\WSUSUpdates2\export.log”
$command = “$wsusUtilPath import $xmlPath $logPath”
Invoke-Command -ComputerName WSUSServer2 -ScriptBlock {Invoke-Expression $args[0]} -ArgumentList $command
Write-Host “WSUSUtil.exe import command executed on WSUSServer2.”
Start-Sleep -Seconds 5 # Wait for user to read output
}
5 {
break
}
default {
Write-Host “Invalid choice. Please select 1-5.”
Start-Sleep -Seconds 5 # Wait for user to read
#
using the wsusutil command export .xml.gz file extension file and .log
the wsus data folder from the internet connected wsus server onto a usb drive and using the wsusutil command export .xml.gz file extension file and .log file extension without user prompt and copy onto usb drive, i will physically move the usb drive to the offline wsus server and run the other powershell selection to run the wsusutil import command xml.gz file extension file and .log file extension without user prompt copy it onto the offline server.
# Define the main menu options
$mainMenu = @("&Identify USB Drive", "&WSUS Export", "&Copy from WSUS to USB", "&Copy from USB to WSUS Air Gapped", "&WSUS Import")
# Define the function to display the main menu and get user input
function Show-MainMenu {
Write-Host "Select an option:"
for ($i = 0; $i -lt $mainMenu.Length; $i++) {
Write-Host "$i. $($mainMenu[$i])"
}
$choice = Read-Host
return $choice
}
# Define the function to identify a newly inserted USB drive
function Identify-USBDrive {
Write-Host "Insert the USB drive and press Enter."
Read-Host
$drive = Get-WmiObject Win32_LogicalDisk -Filter "DriveType='2'" | Select-Object -Last 1
if ($drive) {
$usbDrive = $drive.DeviceID
Write-Host "USB drive identified as $usbDrive."
return $usbDrive
} else {
Write-Host "No USB drive found."
return $null
}
}
# Define the function to execute the WSUS export command remotely
function WSUS-Export {
$server = Read-Host "Enter the name of the WSUS server:"
$creds = Get-Credential
$command = "wsusutil.exe export C:\WSUSUpdates\export.xml.gz C:\WSUSUpdates\export.log"
Invoke-Command -ComputerName $server -Credential $creds -ScriptBlock { param($command) & $command } -ArgumentList $command
Write-Host "WSUS export completed."
}
# Define the function to copy files remotely from WSUS to USB
function Copy-From-WSUS {
$server = Read-Host "Enter the name of the WSUS server:"
$creds = Get-Credential
$usbDrive = Identify-USBDrive
if ($usbDrive) {
$command = "robocopy.exe C:\WSUSUpdates $usbDrive\WSUS-Transport /E"
Invoke-Command -ComputerName $server -Credential $creds -ScriptBlock { param($command) & $command } -ArgumentList $command
Write-Host "Files copied from WSUS to USB."
} else {
Write-Host "Unable to copy files from WSUS to USB."
}
}
# Define the function to copy files from USB to WSUS Air Gapped
function Copy-To-WSUS {
$server = Read-Host "Enter the name of the WSUS server:"
$creds = Get-Credential
$usbDrive = Identify-USBDrive
if ($usbDrive) {
$command = "robocopy.exe $usbDrive\WSUS-Transport C:\WSUSUpdates2 /E"
Invoke-Command -ComputerName $server -Credential $creds -ScriptBlock { param($command) & $command } -ArgumentList $command
Write-Host "Files copied from USB to WSUS Air Gapped."
} else {
Write-Host "Unable to copy files from USB to WSUS Air Gapped."
}
}
# Define the function to execute the WSUS import command remotely
function WSUS-Import {
$server = Read-Host "Enter the name of the WSUS server:"
$creds = Get-Credential
$
RoboCopy script
$usbDriveLetter = ""
while ($true) {
Write-Host ""
Write-Host "USB Menu"
Write-Host "---------"
Write-Host "1. Identify newly inserted USB drive"
Write-Host "2. Copy C:\WSUSUpdates folder to USB drive"
Write-Host "3. Copy USB drive WSUS-Transfer folder to C:\WSUSUpdates"
Write-Host "4. Exit"
$choice = Read-Host "Enter your choice (1-4)"
switch ($choice) {
1 {
$usbDrives = Get-WMIObject Win32_Volume | Where-Object { $_.DriveType -eq 2 } | Select-Object DriveLetter
Write-Host "Please insert your USB drive..."
while ($true) {
Start-Sleep -Seconds 1
$newUsbDrives = Get-WMIObject Win32_Volume | Where-Object { $_.DriveType -eq 2 } | Select-Object DriveLetter
$insertedUsbDrives = Compare-Object $usbDrives $newUsbDrives -PassThru
if ($insertedUsbDrives) {
$usbDriveLetter = $insertedUsbDrives.Trim()
Write-Host "USB drive detected on drive letter $usbDriveLetter"
break
}
}
}
2 {
if ($usbDriveLetter) {
$source = "C:\WSUSUpdates"
$destination = "$usbDriveLetter\WSUS-Transfer"
if (!(Test-Path -Path $destination)) {
New-Item -ItemType Directory -Path $destination | Out-Null
}
robocopy $source $destination /E
}
else {
Write-Host "Please identify a USB drive first"
}
}
3 {
if ($usbDriveLetter) {
$source = "$usbDriveLetter\WSUS-Transfer"
$destination = "C:\WSUSUpdates"
if (!(Test-Path -Path $destination)) {
New-Item -ItemType Directory -Path $destination | Out-Null
}
robocopy $source $destination /E
}
else {
Write-Host "Please identify a USB drive first"
}
}
4 {
break
}
default {
Write-Host "Invalid choice, please try again"
}
}
}
hardware script
$computers = Get-Content -Path "C:\computers.txt"
foreach ($computer in $computers) {
Write-Host "Hardware information for computer: $computer"
$hardware = Get-WmiObject -Class Win32_ComputerSystem -ComputerName $computer
Write-Host "Model: $($hardware.Model)"
Write-Host "Manufacturer: $($hardware.Manufacturer)"
Write-Host "Serial Number: $($hardware.SerialNumber)"
$bios = Get-WmiObject -Class Win32_BIOS -ComputerName $computer
Write-Host "BIOS Version: $($bios.Version)"
$processor = Get-WmiObject -Class Win32_Processor -ComputerName $computer
Write-Host "Processor: $($processor.Name)"
Write-Host "Number of Cores: $($processor.NumberOfCores)"
Write-Host "Number of Logical Processors: $($processor.NumberOfLogicalProcessors)"
$memory = Get-WmiObject -Class Win32_PhysicalMemory -ComputerName $computer
$totalMemory = 0
foreach ($module in $memory) {
$totalMemory += [math]::Round(($module.Capacity / 1GB), 2)
}
Write-Host "Total Memory: $totalMemory GB"
$disk = Get-WmiObject -Class Win32_LogicalDisk -ComputerName $computer -Filter "DeviceID='C:'"
$diskSize = [math]::Round(($disk.Size / 1GB), 2)
$diskFreeSpace = [math]::Round(($disk.FreeSpace / 1GB), 2)
Write-Host "Disk Size: $diskSize GB"
Write-Host "Free Disk Space: $diskFreeSpace GB"
Write-Host "==============================="
}
software script
$computers = Get-Content -Path "C:\computers.txt"
foreach ($computer in $computers) {
Write-Host "Installed software on computer: $computer"
$software = Get-WmiObject -Class Win32_Product -ComputerName $computer
foreach ($app in $software) {
Write-Host "Name: $($app.Name)"
Write-Host "Version: $($app.Version)"
Write-Host "Vendor: $($app.Vendor)"
Write-Host "Install Date: $($app.InstallDate)"
Write-Host "==============================="
}
}
# Hardware and Software Report v0.1
# Author : Zach Sheppard
# Description : This PowerShell script will identify all machines within Active Directory network and export Hardware and Software informtation to a HTML report on the D Drive.
# Import the PSHTML module
Import-Module PSHTML
# Set the output file path
$outputFilePath = "D:\DATA\NetworkAudit.html"
# Initialize an empty array to hold the results
$results = @()
# Get a list of all the machines on the network
$computers = Get-ADComputer -Filter 'OperatingSystem -Like "*"' | Select-Object -ExpandProperty Name
# Loop through each computer and gather information
foreach ($computer in $computers) {
# Initialize a hashtable to hold the computer information
$computerInfo = @{
"Hostname" = $computer
}
# Get the hardware information
$hardware = Get-CimInstance Win32_ComputerSystem -ComputerName $computer
$bios = Get-CimInstance Win32_BIOS -ComputerName $computer
$cpu = Get-CimInstance Win32_Processor -ComputerName $computer
$memory = Get-CimInstance Win32_PhysicalMemory -ComputerName $computer
$disk = Get-CimInstance Win32_LogicalDisk -Filter "DeviceID='C:'" -ComputerName $computer
# Add the hardware information to the hashtable
$computerInfo.Add("Vendor", $hardware.Manufacturer)
$computerInfo.Add("Model", $hardware.Model)
$computerInfo.Add("Type", $hardware.SystemType)
$computerInfo.Add("Processor", $cpu.Name)
$computerInfo.Add("BIOS Version", $bios.SMBIOSBIOSVersion)
$computerInfo.Add("Memory", "{0:N2} GB" -f ($memory.Capacity/1GB))
$computerInfo.Add("Total Disk Space", "{0:N2} GB" -f ($disk.Size/1GB))
$computerInfo.Add("Current CPU Usage", (Get-CimInstance Win32_PerfFormattedData_PerfOS_Processor -Filter "Name='_Total'" -ComputerName $computer).PercentProcessorTime)
$computerInfo.Add("Current Memory Usage", "{0:N2} GB" -f ((Get-CimInstance Win32_OperatingSystem -ComputerName $computer).FreePhysicalMemory/1GB))
$computerInfo.Add("Current Disk Space Usage", "{0:N2} GB" -f ($disk.FreeSpace/1GB))
# Get the software information
$software = Get-WmiObject -Class Win32_Product -ComputerName $computer | Select-Object -Property Name, InstallDate, InstallLocation, EstimatedSize
$os = Get-CimInstance Win32_OperatingSystem -ComputerName $computer
# Add the software information to the hashtable
$computerInfo.Add("Software Name", $software.Name)
$computerInfo.Add("Software Install Date", $software.InstallDate)
$computerInfo.Add("Software Install Location", $software.InstallLocation)
$computerInfo.Add("Software Size", $software.EstimatedSize)
$computerInfo.Add("Software Version", $software.Version)
$computerInfo.Add("Operating System Name", $os.Caption)
$computerInfo.Add("Operating System Version", $os.Version)
$computerInfo.Add("Operating System Build", $os.BuildNumber)
# Add the hashtable to the results array
$results += New-Object PSObject -Property $computerInfo
}
# Create the HTML document
$html = New-Html -Title "Network Audit" -Style "table, th, td { border: 1px solid black; border-collapse: collapse; } th, td { padding: 5px; }"
# Create the hardware table
$html | Add-Html "<h2>Hardware Information</h2>"
$html | Add-Html "<table>"
$html | Add-Html "<tr><th>Hostname</th><th>Vendor</th><th>Model</th><th>Type</th><th>Processor</th><th>BIOS Version</th><th>Memory</th><th>Total Disk Space</th><th>Current CPU Usage</th><th>Current Memory Usage</th><th>Current Disk Space Usage</th></tr>"
foreach ($result in $results) {
$html | Add-Html "<tr>"
$html | Add-Html "<td>$($result.Hostname)</td>"
$html | Add-Html "<td>$($result.Vendor)</td>"
$html | Add-Html "<td>$($result.Model)</td>"
$html | Add-Html "<td>$($result.Type)</td>"
$html | Add-Html "<td>$($result.Processor)</td>"
$html | Add-Html "<td>$($result.'BIOS Version')</td>"
$html | Add-Html "<td>$($result.'Memory')</td>"
$html | Add-Html "<td>$($result.'Total Disk Space')</td>"
$html | Add-Html "<td>$($result.'Current CPU Usage')</td>"
$html | Add-Html "<td>$($result.'Current Memory Usage')</td>"
$html | Add-Html "<td>$($result.'Current Disk Space Usage')</td>"
$html | Add-Html "</tr>"
}
$html | Add-Html "</table>"
# Create the software table
$html | Add-Html "<h2>Software Information</h2>"
$html | Add-Html "<table>"
$html | Add-Html "<tr><th>Hostname</th><th>Name</th><th>Software Install Date</th><th>Software Install Location</th><th>Software Size</th><th>Software Version</th><th>Operating System Name</th><th>Operating System Version</th><th>Operating System Build</th></tr>"
foreach ($result in $results) {
$html | Add-Html "<tr>"
$html | Add-Html "<td>$($result.Hostname)</td>"
$html | Add-Html "<td>$($result.Name)</td>"
$html | Add-Html "<td>$($result.'Software Install Date')</td>"
$html | Add-Html "<td>$($result.'Software Install Location')</td>"
$html | Add-Html "<td>$($result.'Software Size')</td>"
$html | Add-Html "<td>$($result.'Software Version')</td>"
$html | Add-Html "<td>$($result.'Operating System Name')</td>"
$html | Add-Html "<td>$($result.'Operating System Version')</td>"
$html | Add-Html "<td>$($result.'Operating System Build')</td>"
$html | Add-Html "</tr>"
}
$html | Add-Html "</table>"
# Save the HTML file
$html | Out-Html -FilePath $outputFilePath
###############################################
# Import the PSHTML module
Import-Module PSHTML
# Set the output file path
$outputFilePath = "C:\Audit\NetworkHardwareAudit.html"
# Initialize an empty array to hold the results
$results = @()
# Get a list of all the machines on the network
$computers = Get-ADComputer -Filter 'OperatingSystem -Like "*"' | Select-Object -ExpandProperty Name
# Loop through each computer and gather information
foreach ($computer in $computers) {
# Initialize a hashtable to hold the computer information
$computerInfo = @{
"Hostname" = $computer
}
# Get the hardware information
$hardware = Get-CimInstance Win32_ComputerSystem -ComputerName $computer
$bios = Get-CimInstance Win32_BIOS -ComputerName $computer
$cpu = Get-CimInstance Win32_Processor -ComputerName $computer
# Add the hardware information to the hashtable
$computerInfo.Add("Vendor", $hardware.Manufacturer)
$computerInfo.Add("Model", $hardware.Model)
$computerInfo.Add("Type", $hardware.SystemType)
$computerInfo.Add("Processor", $cpu.Name)
$computerInfo.Add("BIOS Version", $bios.SMBIOSBIOSVersion)
# Add the hashtable to the results array
$results += New-Object PSObject -Property $computerInfo
}
# Create the HTML document
$html = New-Html -Title "Network Hardware Audit" -Style "table, th, td { border: 1px solid black; border-collapse: collapse; } th, td { padding: 5px; }"
# Create the hardware table
$html | Add-Html "<h2>Hardware Information</h2>"
$html | Add-Html "<table>"
$html | Add-Html "<tr><th>Hostname</th><th>Vendor</th><th>Model</th><th>Type</th><th>Processor</th><th>BIOS Version</th></tr>"
foreach ($result in $results) {
$html | Add-Html "<tr>"
$html | Add-Html "<td>$($result.Hostname)</td>"
$html | Add-Html "<td>$($result.Vendor)</td>"
$html | Add-Html "<td>$($result.Model)</td>"
$html | Add-Html "<td>$($result.Type)</td>"
$html | Add-Html "<td>$($result.Processor)</td>"
$html | Add-Html "<td>$($result.'BIOS Version')</td>"
$html | Add-Html "</tr>"
}
$html | Add-Html "</table>"
# Save the HTML file
$html | Out-Html -FilePath $outputFilePath