CVE-2022-34718 & CVE-2022-34718 - Trying to inventory windows devices with ip6 and ipsec enabled - Script works locally, but not in dynamic collection
I've made a powershell script that works on my win10 ent 64bit pc. When i create a dynamic collection and select the filter drop down for my "powershell (windows vpn)" the second column comes up "Null" and doesn't allow me to change it to any selected value. Not sure how fix. This scripts works for my smb powershell scripts. Running enterprise Pdq inv 19.3.317.0 and pdq deploy 19.3.317.0
if ( -Not ( Get-Command Get-VpnConnection ) ) {
throw "Get-VpnConnection Error."
}
$Properties = @(
"Name"
"ServerAddress"
"TunnelType"
"AuthenticationMethod"
"EncryptionLevel"
"RememberCredential"
"SplitTunneling"
"L2tpIPsecAuth"
"DnsSuffix"
"IdleDisconnectSeconds"
"ConnectionStatus"
)Get-VpnConnection | Select-Object $Properties
-----------
Get-VpnConnection also has an option to pull from the global address book, but not able to get that flag working
Get-VpnConnection -AllUserConnection
Comments
Has this scanner been successfully run on your targets and did it output anything?? I recommend checking out a device that you have scanned and see what data was returned from the scanner. If you run this script outside of PDQ Inventory, does it output anything?
yah, script runs just fine on multiple versions of windows when ran locally.
I should've specified that when testing this script, to run it as the same user that the PowerShell scanner runs as so that it returns the same things. You mentioned having issues querying the global address book. In the past, I've had to make use of the -AllUserConnection parameter in order to get the proper VPN connections.
Once you get the script to output the data properly from an elevated PowerShell window running as the same use that the PowerShell Scanner uses, then we can update the PowerShell Scanner and scan the targets. Once they are finished scanning, open the computer in PDQ Inventory and check the PowerShell page for the results.