xasz/Find-NinjaApplicationsWhichIDoNotLike.ps1

## Find-NinjaApplicationsWhichIDoNotLike.ps1

<#
    NinjaOne Inventory Searcher

    Fetching all NinjaOne device inventory to search for the given applications

    What you need:
    - NinjaOne Powershel Modul from : https://github.com/homotechsual/NinjaOne
    - NinjaOne API Credentials - Check out the Powershell Module Doc for more information - Thanks @homotechsual
    - A list of software which you actually want to search for

    THIS IS PROVIDED AS IS AND IS NOT A FINSIHED OR CLEANED UP SOFTRWARE
    THIS IS A HELPER SCRIPT I THREW TOGETHER FOR CVE-2023-5129 TO COLLECT SOME DATA TO MAKE MY LIFE EASY
 #>


# NinjaOne Connection Credentials
$ConnectionParameters = @{
    Instance = 'eu'
    ClientID = 'xxx'
    ClientSecret = 'xxx'
    UseClientAuth = $True
    Scopes = "monitoring"
}

# List to Check what Software you are searching for and what minimium version needs to be instaled
# Check is a -like so * wildcards are supported, but be carefull with something like "*edge*" - this will hit often Like "Edge Transport"

# THIS IS NOT A FULL LIST OF CVE-2023-5129 APPS WHICH ARE AFFECTED - PLEASE FILL IN YOU PERSONAL AND UP2DATE LIST

$softwareSearches = @(
    @{
        Name = "Google Chrome"
        Version = "116.0.5845.187"
    },
    @{
        Name = "*Firefox*"
        Version = "117.0.1"
    },
    @{
        Name = "Microsoft Edge"
        Version = "117.0.2045.31"
    },
    @{
        Name = "*Brave*"
        Version = "1.57.64"
    }
)


# SCRIPT START

$ErrorActionPreference = "Stop"

Connect-NinjaOne @ConnectionParameters

# Kraken everthing
Write-Host "Fetching organsations"

$map = @{}
$orgs = Get-NinjaOneOrganisations
$p = 0

foreach($org in $orgs){
    Write-Progress -Activity "Fetching Devices" -Status "$(($p / $orgs.Count * 100))% $($org.name)" -PercentComplete ($p / $orgs.Count * 100)
    $orgDevices = Get-NinjaOneDevices -organisationId $org.id | Where-Object {$_.nodeClass -like "WINDOWS_*"}

    $deviceMap = [hashtable]@{}
    foreach($device in $orgDevices){
        $deviceMap[$device] = Get-NinjaOneSoftwareProducts -deviceId $device.id
    }
    $map[$org] = $deviceMap
    $p++
}
Write-Progress -Activity "Fetching Devices" -Completed

Write-Host -Activity "Fetching Inventory"
#Filter and list
$fixmeDevices = New-Object System.Collections.ArrayList
$Infos = New-Object System.Collections.ArrayList

$p = 0
foreach($org in $map.Keys){
    Write-Progress -Activity "Fetching Inventory for organisation" -Status "$(($p / $orgs.Count * 100))% $($org.name)" -PercentComplete ($p / $orgs.Count * 100)
    $deviceMap = $map[$org]
    foreach($device in $deviceMap.Keys){
        $inventory = $deviceMap[$device]
        $fixMe = $false
        foreach ($software in $softwareSearches){
            try{
                $hits = $inventory | Where-Object { $_.name -like $software.Name -and ( [version]$_.version -lt [version]$software.Version )}
                if( ( $hits | Measure-Object).Count -gt 0){
                    $hits | ForEach-Object {
                        Write-Host ("Found {0} in version {1} which is lower than {2} on client {3} in organisation {4}" -f $_.name, $_.version, $software.Version, $device.systemName, $org.name ) -ForegroundColor Red
                        $Infos.Add(
                            [PSCustomObject]@{
                                Name = $_.name
                                InstalledVersion = $_.version
                                WantedVersion = $software.Version
                                DeviceName = $device.systemName
                                OrgName = $org.name
                                Org = $org
                                Device = $device
                                Reason = "VersionLower"
                            }
                        ) | Out-Null
                    }
                    $fixMe = $true
                }
            }catch{
                $Infos.Add(
                    [PSCustomObject]@{
                        Name = $_.name
                        InstalledVersion = $_.version
                        WantedVersion = $software.Version
                        DeviceName = $device.systemName
                        OrgName = $org.name
                        Org = $org
                        Device = $device
                        Reason = "MatchERROR - $($_.Message)"
                    }
                )
            }
        }
        if($fixMe -eq $true) {
            $fixmeDevices.Add($device) | Out-Null
        }
    }
}
Write-Progress -Activity "Fetching Inventory for organisation" -Completed

Write-Host "Finished..."

# NOW WE HAVE DATA

# $fixmeDevices are not the devices which matched any of the unpatches software.
# $Infos holds each match - Most of which have probably no version number or a not [version]compatible version number - Good luck with that

	<#
	NinjaOne Inventory Searcher

	Fetching all NinjaOne device inventory to search for the given applications

	What you need:
	- NinjaOne Powershel Modul from : https://github.com/homotechsual/NinjaOne
	- NinjaOne API Credentials - Check out the Powershell Module Doc for more information - Thanks @homotechsual
	- A list of software which you actually want to search for

	THIS IS PROVIDED AS IS AND IS NOT A FINSIHED OR CLEANED UP SOFTRWARE
	THIS IS A HELPER SCRIPT I THREW TOGETHER FOR CVE-2023-5129 TO COLLECT SOME DATA TO MAKE MY LIFE EASY
	#>


	# NinjaOne Connection Credentials
	$ConnectionParameters = @{
	Instance = 'eu'
	ClientID = 'xxx'
	ClientSecret = 'xxx'
	UseClientAuth = $True
	Scopes = "monitoring"
	}

	# List to Check what Software you are searching for and what minimium version needs to be instaled
	# Check is a -like so * wildcards are supported, but be carefull with something like "edge" - this will hit often Like "Edge Transport"

	# THIS IS NOT A FULL LIST OF CVE-2023-5129 APPS WHICH ARE AFFECTED - PLEASE FILL IN YOU PERSONAL AND UP2DATE LIST

	$softwareSearches = @(
	@{
	Name = "Google Chrome"
	Version = "116.0.5845.187"
	},
	@{
	Name = "Firefox"
	Version = "117.0.1"
	},
	@{
	Name = "Microsoft Edge"
	Version = "117.0.2045.31"
	},
	@{
	Name = "Brave"
	Version = "1.57.64"
	}
	)


	# SCRIPT START

	$ErrorActionPreference = "Stop"

	Connect-NinjaOne @ConnectionParameters

	# Kraken everthing
	Write-Host "Fetching organsations"

	$map = @{}
	$orgs = Get-NinjaOneOrganisations
	$p = 0

	foreach($org in $orgs){
	Write-Progress -Activity "Fetching Devices" -Status "$(($p / $orgs.Count * 100))% $($org.name)" -PercentComplete ($p / $orgs.Count * 100)
	$orgDevices = Get-NinjaOneDevices -organisationId $org.id \| Where-Object {$_.nodeClass -like "WINDOWS_*"}

	$deviceMap = [hashtable]@{}
	foreach($device in $orgDevices){
	$deviceMap[$device] = Get-NinjaOneSoftwareProducts -deviceId $device.id
	}
	$map[$org] = $deviceMap
	$p++
	}
	Write-Progress -Activity "Fetching Devices" -Completed

	Write-Host -Activity "Fetching Inventory"
	#Filter and list
	$fixmeDevices = New-Object System.Collections.ArrayList
	$Infos = New-Object System.Collections.ArrayList

	$p = 0
	foreach($org in $map.Keys){
	Write-Progress -Activity "Fetching Inventory for organisation" -Status "$(($p / $orgs.Count * 100))% $($org.name)" -PercentComplete ($p / $orgs.Count * 100)
	$deviceMap = $map[$org]
	foreach($device in $deviceMap.Keys){
	$inventory = $deviceMap[$device]
	$fixMe = $false
	foreach ($software in $softwareSearches){
	try{
	$hits = $inventory \| Where-Object { $_.name -like $software.Name -and ( [version]$_.version -lt [version]$software.Version )}
	if( ( $hits \| Measure-Object).Count -gt 0){
	$hits \| ForEach-Object {
	Write-Host ("Found {0} in version {1} which is lower than {2} on client {3} in organisation {4}" -f $_.name, $_.version, $software.Version, $device.systemName, $org.name ) -ForegroundColor Red
	$Infos.Add(
	[PSCustomObject]@{
	Name = $_.name
	InstalledVersion = $_.version
	WantedVersion = $software.Version
	DeviceName = $device.systemName
	OrgName = $org.name
	Org = $org
	Device = $device
	Reason = "VersionLower"
	}
	) \| Out-Null
	}
	$fixMe = $true
	}
	}catch{
	$Infos.Add(
	[PSCustomObject]@{
	Name = $_.name
	InstalledVersion = $_.version
	WantedVersion = $software.Version
	DeviceName = $device.systemName
	OrgName = $org.name
	Org = $org
	Device = $device
	Reason = "MatchERROR - $($_.Message)"
	}
	)
	}
	}
	if($fixMe -eq $true) {
	$fixmeDevices.Add($device) \| Out-Null
	}
	}
	}
	Write-Progress -Activity "Fetching Inventory for organisation" -Completed

	Write-Host "Finished..."

	# NOW WE HAVE DATA

	# $fixmeDevices are not the devices which matched any of the unpatches software.
	# $Infos holds each match - Most of which have probably no version number or a not [version]compatible version number - Good luck with that