Last active
September 28, 2023 09:05
-
-
Save xasz/dd96e4928e3a24346fedb05996d9de12 to your computer and use it in GitHub Desktop.
Finding Applications in NinaRMM
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
NinjaOne Inventory Searcher | |
Fetching all NinjaOne device inventory to search for the given applications | |
What you need: | |
- NinjaOne Powershel Modul from : https://github.com/homotechsual/NinjaOne | |
- NinjaOne API Credentials - Check out the Powershell Module Doc for more information - Thanks @homotechsual | |
- A list of software which you actually want to search for | |
THIS IS PROVIDED AS IS AND IS NOT A FINSIHED OR CLEANED UP SOFTRWARE | |
THIS IS A HELPER SCRIPT I THREW TOGETHER FOR CVE-2023-5129 TO COLLECT SOME DATA TO MAKE MY LIFE EASY | |
#> | |
# NinjaOne Connection Credentials | |
$ConnectionParameters = @{ | |
Instance = 'eu' | |
ClientID = 'xxx' | |
ClientSecret = 'xxx' | |
UseClientAuth = $True | |
Scopes = "monitoring" | |
} | |
# List to Check what Software you are searching for and what minimium version needs to be instaled | |
# Check is a -like so * wildcards are supported, but be carefull with something like "*edge*" - this will hit often Like "Edge Transport" | |
# THIS IS NOT A FULL LIST OF CVE-2023-5129 APPS WHICH ARE AFFECTED - PLEASE FILL IN YOU PERSONAL AND UP2DATE LIST | |
$softwareSearches = @( | |
@{ | |
Name = "Google Chrome" | |
Version = "116.0.5845.187" | |
}, | |
@{ | |
Name = "*Firefox*" | |
Version = "117.0.1" | |
}, | |
@{ | |
Name = "Microsoft Edge" | |
Version = "117.0.2045.31" | |
}, | |
@{ | |
Name = "*Brave*" | |
Version = "1.57.64" | |
} | |
) | |
# SCRIPT START | |
$ErrorActionPreference = "Stop" | |
Connect-NinjaOne @ConnectionParameters | |
# Kraken everthing | |
Write-Host "Fetching organsations" | |
$map = @{} | |
$orgs = Get-NinjaOneOrganisations | |
$p = 0 | |
foreach($org in $orgs){ | |
Write-Progress -Activity "Fetching Devices" -Status "$(($p / $orgs.Count * 100))% $($org.name)" -PercentComplete ($p / $orgs.Count * 100) | |
$orgDevices = Get-NinjaOneDevices -organisationId $org.id | Where-Object {$_.nodeClass -like "WINDOWS_*"} | |
$deviceMap = [hashtable]@{} | |
foreach($device in $orgDevices){ | |
$deviceMap[$device] = Get-NinjaOneSoftwareProducts -deviceId $device.id | |
} | |
$map[$org] = $deviceMap | |
$p++ | |
} | |
Write-Progress -Activity "Fetching Devices" -Completed | |
Write-Host -Activity "Fetching Inventory" | |
#Filter and list | |
$fixmeDevices = New-Object System.Collections.ArrayList | |
$Infos = New-Object System.Collections.ArrayList | |
$p = 0 | |
foreach($org in $map.Keys){ | |
Write-Progress -Activity "Fetching Inventory for organisation" -Status "$(($p / $orgs.Count * 100))% $($org.name)" -PercentComplete ($p / $orgs.Count * 100) | |
$deviceMap = $map[$org] | |
foreach($device in $deviceMap.Keys){ | |
$inventory = $deviceMap[$device] | |
$fixMe = $false | |
foreach ($software in $softwareSearches){ | |
try{ | |
$hits = $inventory | Where-Object { $_.name -like $software.Name -and ( [version]$_.version -lt [version]$software.Version )} | |
if( ( $hits | Measure-Object).Count -gt 0){ | |
$hits | ForEach-Object { | |
Write-Host ("Found {0} in version {1} which is lower than {2} on client {3} in organisation {4}" -f $_.name, $_.version, $software.Version, $device.systemName, $org.name ) -ForegroundColor Red | |
$Infos.Add( | |
[PSCustomObject]@{ | |
Name = $_.name | |
InstalledVersion = $_.version | |
WantedVersion = $software.Version | |
DeviceName = $device.systemName | |
OrgName = $org.name | |
Org = $org | |
Device = $device | |
Reason = "VersionLower" | |
} | |
) | Out-Null | |
} | |
$fixMe = $true | |
} | |
}catch{ | |
$Infos.Add( | |
[PSCustomObject]@{ | |
Name = $_.name | |
InstalledVersion = $_.version | |
WantedVersion = $software.Version | |
DeviceName = $device.systemName | |
OrgName = $org.name | |
Org = $org | |
Device = $device | |
Reason = "MatchERROR - $($_.Message)" | |
} | |
) | |
} | |
} | |
if($fixMe -eq $true) { | |
$fixmeDevices.Add($device) | Out-Null | |
} | |
} | |
} | |
Write-Progress -Activity "Fetching Inventory for organisation" -Completed | |
Write-Host "Finished..." | |
# NOW WE HAVE DATA | |
# $fixmeDevices are not the devices which matched any of the unpatches software. | |
# $Infos holds each match - Most of which have probably no version number or a not [version]compatible version number - Good luck with that | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment