Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!DOCTYPE html>
- <html>
- <head>
- <title>INTEL-SA-00075 Unprovisioning Tool</title>
- <link type="text/css" href="styles.css" media="screen" rel="stylesheet" title="CSS" />
- <script type="text/javascript" src="v.js"></script>
- <script type="text/javascript" src="common-0.0.1.js"></script>
- <script type="text/javascript" src="amt-wsman-node-0.2.0.js"></script>
- <script type="text/javascript" src="amt-wsman-0.2.0.js"></script>
- <script type="text/javascript" src="amt-0.2.0.js"></script>
- </head>
- <body onload="startup()" style="background-color:lightgray;margin:0px;padding:0px">
- <div style="background:blue;color:white;padding:8px">INTEL-SA-00075 Unprovisioning Tool</div>
- <div id="toolbar"><input id="startButton" value="Start" type="button" style="text-align:center;width:32%;height:20px" onclick="xstart()" /><input id="clearButton" value="Clear" type="button" style="text-align:center;width:32%;height:20px" onclick="xclear()" /><input id="closeButton" value="Close" type="button" style="text-align:center;width:32%;height:20px" onclick="xexit()" /></div>
- <div style="position:absolute;left:0;right:0;top:56px;bottom:0px;padding:3px">
- <div id="results" style="overflow-x:auto;overflow-y:scroll;width:100%;height:100%;font-family:Arial;font-size:12px"></div>
- </div>
- <script type="text/javascript">
- var fs = require('fs');
- var gui = require('nw.gui');
- var wsstack = null;
- var amtstack = null;
- var wsstackAdmin = null;
- var amtstackAdmin = null;
- var wsstackAdminPW = null;
- var amtstackAdminPW = null;
- var trySetAdminAcl = true;
- var tryUberUnconfig = true;
- var CCMAllowed = false;
- var ACMAllowed = false;
- var Mode = -1;
- var close = false;
- var realm;
- //var handles = [];
- //var osadminHandle;
- var adminUserName = "admin";
- var newAdminPassword = getRandomAmtPass();
- //var adminHandle = 0;
- function startup() {
- if (gui.App.argv.length > 0) {
- close = true;
- xstart();
- }
- }
- function xclear() {
- QH('results', '');
- }
- function xexit() {
- gui.App.quit();
- }
- function xstate(x) {
- QE('startButton', !x);
- }
- //function debug(x) { QA("results", x + "<br />"); }
- function debug(x) {
- console.log(x);
- var now = new Date();
- var message = now.toLocaleTimeString() + " - " + x;
- QA("results", message + "<br />")
- //fs.appendFile("..\\out.txt", x + "\n", err => function(err) { QA(err + "<br />"); });
- if (gui.App.argv.length > 0) {
- fs.appendFileSync(gui.App.argv[0] + "\\log.txt", message + "\r\n");
- }
- }
- // Start the test
- function xstart() {
- xstate(true);
- debug("INTEL-SA-00075 Unprovisioning Tool version " + version + ".");
- debug("Connecting to LMS....");
- wsstack = WsmanStackCreateService("127.0.0.1", 16992, "$$OsAdmin", "whoops", 0);
- amtstack = AmtStackCreateService(wsstack);
- wsstackAdmin = WsmanStackCreateService("127.0.0.1", 16992, adminUserName, "whoops", 0);
- amtstackAdmin = AmtStackCreateService(wsstackAdmin);
- wsstackAdminPW = WsmanStackCreateService("127.0.0.1", 16992, adminUserName, newAdminPassword, 0);
- amtstackAdminPW = AmtStackCreateService(wsstackAdmin);
- //console.log("Starting test.");
- amtstack.Get("IPS_HostBasedSetupService", hostedBasedSetupServiceCallback);
- }
- function hostedBasedSetupServiceCallback(stack, name, responses, status, tag) {
- //debug("hostedBasedSetupServiceCallback: Status = " + status + ", Name=" + name);
- if (status == 200) {
- //var mode = getProvisioningType(responses["Body"]["AllowedControlModes"])
- //if (mode != "") { debug(mode); }
- var modes = [];
- for (i = 0; i < responses["Body"]["AllowedControlModes"].length; i++) {
- modes.push(getProvisioningType(responses["Body"]["AllowedControlModes"][i]));
- }
- Mode = responses["Body"]["CurrentControlMode"];
- debug("Current Provisioning Mode: " + getProvisioningType(Mode));
- debug("Available Modes: " + modes.join(', '));
- amtstack.Get("AMT_GeneralSettings", generalSettingsCallback);
- } else if (status == 401) {
- debug("Intel® AMT reports Unauthorized.");
- closeApp();
- } else if (status == 408) {
- debug("Can't talk to LMS.");
- closeApp();
- } else {
- debug("Error when talking to LMS: " + status);
- closeApp();
- }
- }
- function getProvisioningType(typeNumber) {
- if (typeNumber == 0) {
- return ("Not provisioned");
- }
- if (typeNumber == 1) {
- CCMAllowed = true;
- return ("CCM");
- }
- if (typeNumber == 2) {
- ACMAllowed = true;
- return ("ACM");
- }
- return "";
- }
- function generalSettingsCallback(stack, name, response, status) {
- console.log("generalSettingsCallback", response, status);
- //debug("generalSettingsCallback: Status = " + status + ", Name=" + name);
- if (status == 200) {
- //debug("");
- //realm = responses["Body"]["DigestRealm"];
- //debug("Digest Realm: " + realm);
- // Set Intel AMT Password
- if (trySetAdminAcl && Mode == 2) {
- //debug("Trying to set admin password: " + newAdminPassword);
- debug("Trying to set admin password.");
- var NetworkAdminPassword = window.btoa(rstr_md5("admin:" + realm + ":" + newAdminPassword));
- amtstackAdmin.AMT_AuthorizationService_SetAdminAclEntryEx("admin", NetworkAdminPassword, amtAuthorizationServiceSetAdminAclEntryEx);
- } else {
- closeApp();
- }
- // Intel AMT is configured. Let's see what else we can do with $$OsAdmin
- //if (tryUberUnconfig && (Mode == 1 || Mode == 2))
- //{
- // debug("Trying to unprovision.");
- // amtstackAdmin.AMT_SetupAndConfigurationService_Unprovision(1, amtSetupAndConfigurationServiceUnprovisionCallback);
- //}
- //else{
- //if (close) { gui.App.quit();}
- //}
- } else {
- debug("Failed to get General Intel® AMT Settings: " + status);
- closeApp();
- }
- }
- function amtAuthorizationServiceSetAdminAclEntryEx(stack, name, response, status) {
- console.log("amtAuthorizationServiceSetAdminAclEntryEx", response, status);
- //debug("amtAuthorizationServiceSetAdminAclEntryEx: Status = " + status + ", Name=" + name);
- if (status == 200) {
- var returnVal = (response["Body"]["ReturnValueStr"])
- if (returnVal = "SUCCESS") {
- //debug("Successfully set admin password to " + newAdminPassword + ".")
- debug("Successfully set admin password.")
- // Intel AMT is configured. Let's see what else we can do with $$OsAdmin
- if (tryUberUnconfig && (Mode == 1 || Mode == 2)) {
- debug("Trying to unprovision.");
- amtstackAdminPW.AMT_SetupAndConfigurationService_Unprovision(1, amtSetupAndConfigurationServiceUnprovisionCallback);
- } else {
- closeApp();
- }
- } else {
- debug("Failed to set admin password: " + returnVal);
- closeApp();
- }
- }
- }
- function amtSetupAndConfigurationServiceUnprovisionCallback(stack, name, response, status, tag) {
- console.log("amtSetupAndConfigurationServiceUnprovisionCallback", response, status);
- //debug("cimAccountCallback: Status = " + status + ", Name=" + name);
- if (status == 200) {
- console.log(response);
- var returnVal = (response["Body"]["ReturnValueStr"])
- if (returnVal = "SUCCESS") {
- debug("Successfully unprovisioned.")
- } else {
- debug("Failed to unprovision: " + returnVal + ". Reboot and try again.");
- }
- } else {
- debug("Failed to unprovision: " + status);
- }
- closeApp();
- }
- // Close the application after a delay
- function closeApp() {
- var t = 10;
- xstate(false);
- debug("Done.");
- if (gui.App.argv.length > 0) {
- t = 2000;
- var now = new Date();
- QA("results", now.toLocaleTimeString() + " - " + "Results in " + gui.App.argv[0] + "\\log.txt" + "<br />");
- }
- if (close) {
- setTimeout(function() {
- gui.App.quit();
- }, t);
- }
- }
- // Check if this is a valid Intel AMT password
- function passwordcheck(p) {
- var re = /(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%^&*()+-]).{8,}/;
- return re.test(p);
- }
- // Intel AMT password stuff
- function xxRandomNonce(xlength) {
- var xxxRandomNonceX = ["a", "b", "c", "d", "e", "f", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9"],
- r = "";
- for (var i = 0; i < xlength; i++) {
- r += xxxRandomNonceX[Math.floor(Math.random() * 16)];
- }
- return r;
- }
- function getRandomAmtPass() {
- return "@1Aa" + xxRandomNonce(16);
- }
- // EXTRA STUFF
- // Returns true if Intel AMT needs to be updated
- function checkAmtVersion(version) {
- var vSplit = version.split('.');
- var v1 = parseInt(vSplit[0]);
- var v2 = parseInt(vSplit[1]);
- var v3 = parseInt(vSplit[2]);
- var vx = ((v2 * 1000) + v3);
- var ok = 0;
- if ((v1 <= 5) || (v1 >= 12)) {
- ok = 1;
- } // Intel AMT less then v5 and v12 and beyond, all ok.
- else if ((v1 == 6) && (vx >= 2061)) {
- ok = 1;
- } // 1st Gen Core
- else if ((v1 == 7) && (vx >= 1091)) {
- ok = 1;
- } // 2st Gen Core
- else if ((v1 == 8) && (vx >= 1071)) {
- ok = 1;
- } // 3st Gen Core
- else if ((v1 == 9)) {
- if ((v2 < 5) && (vx >= 1041)) {
- ok = 1;
- } else if (vx >= 5061) {
- ok = 1;
- }
- } // 4st Gen Core
- else if ((v1 == 10) && (vx >= 55)) {
- ok = 1;
- } // 5st Gen Core
- else if (v1 == 11) {
- if ((v2 < 5) && (vx >= 25)) {
- ok = 1;
- } // 6st Gen Core
- else if (vx >= 6027) {
- ok = 1;
- } // 7st Gen Core
- }
- return (ok == 0);
- }
- function getAmtInfo() {
- amtstack.BatchEnum("", ["CIM_SoftwareIdentity", "*AMT_SetupAndConfigurationService"], processSystemVersion); // Get Intel AMT version information and plenty more
- }
- function processSystemVersion(stack, name, responses, status) {
- if (status == 200) {
- var amtlogicalelements = [];
- if (responses != null) {
- if (responses["CIM_SoftwareIdentity"] != null && responses["CIM_SoftwareIdentity"].responses != null) {
- amtlogicalelements = responses["CIM_SoftwareIdentity"].responses;
- if (responses["AMT_SetupAndConfigurationService"] != null && responses["AMT_SetupAndConfigurationService"].response != null) {
- amtlogicalelements.push(responses["AMT_SetupAndConfigurationService"].response);
- }
- }
- }
- if (amtlogicalelements.length == 0) {
- disconnect();
- return;
- } // Could not get Intel AMT version, disconnect();
- var v = getInstance(amtlogicalelements, "AMT")["VersionString"];
- var amtversion = parseInt(v.split('.')[0]);
- var amtversionmin = parseInt(v.split('.')[1]);
- var updateRequired = checkAmtVersion(v);
- debug("Intel® AMT version: " + v + ", update required: " + updateRequired);
- }
- }
- </script>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement