#193068 - 2009-03-23 04:55 PM
Logging security settings in IE
|
Stixx
Just in Town
Registered: 2009-03-18
Posts: 2
Loc: USA
|
Hi all!
First post, but a long time lurker here. I'm bringing my question to the brighter minds here, since my mind cannot seem to find a decent way to do things. I'll get some of the little info out of the way first:
Windows XP
KiXtart 4.60
IE v6.0
Basically, what I am looking to do is write a script the reports the IE security settings(under "Tools" --> "Internet Options..." --> "Security" tab --> "Custom Level...") to a text file.
Right now, we have a script that "works", but it doesn't work well. Half the time it displays incorrect information(it will say something is enabled, when it is actually disabled). This script pulls info from the registry and makes no use of COM.
The problem that I see with looking at the registry, is that when you change a value for these settings, anywhere between 4 and 8 registry values change. This is probably why our script that we use right now doesn't work very well. So I am assuming that I can use COM to pull what all these values are for each content zone(Internet, Local intranet, Trusted Sites, Restricted Sites). Unfortunately, my COM knowledge is limited, and I haven't found too much useful info(or info that I understand) through google or the forums. I've also looked for KiX/VBS scripts to see if anyone has attempted what I am looking for. No luck.
I'm in a government environment, so installing other software is a no no. So basically, scripting is my only option. If anyone has any thoughts/direction that they can send me to, I would greatly appreciate it! So far I have ScriptOmatic, and some other sites that I've been looking at(but some of the info is so obfuscated, i don't even know what I'm reading!)
http://msdn.microsoft.com/en-us/library/aa752084(VS.85).aspx
http://msdn.microsoft.com/en-us/library/ms537186(VS.85).aspx
Thank you all again for any help!
|
|
Top
|
|
|
|
|
#193079 - 2009-03-23 07:02 PM
Re: Logging security settings in IE
[Re: NTDOC]
|
Stixx
Just in Town
Registered: 2009-03-18
Posts: 2
Loc: USA
|
Here is what has been "used"(they kinda stopped using it since it wasn't working correctly).
Break ON
Dim $IEARRAY[20]
Dim $SubArray[4]
Global $IArry[20]
Dim $KArry[3]
Global $IEIni
Global $INIFile
Global $Pos
Global $Neg
Global $Blurb
$Pos = " CHECKED"
$Neg = " NOT CHECKED"
$CCS = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet"
$TCPPMTR = "\Services\TCPIP\parameters"
$AFDPMTR = "\Services\AFD\parameters"
$MSK = "HKLM\SOFTWARE\Microsoft"
$WLGN = "\Windows NT\CurrentVersion\Winlogon"
$UIE = "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
$MIE = $MSK + "\Windows\CurrentVersion\Internet Settings"
$INIFile = @SCRIPTDIR + "\Output\DATA_@WKSTA.INI"
$IEIni = @SCRIPTDIR + "\Patch Files\IE_Zones.INI"
If Exist (@SCRIPTDIR + "\Output") = 0
MD @SCRIPTDIR + "\Output"
? "Output Directory Created"
If @ERROR <> 0
? " * Error Encountered: " + @SERROR
EndIf
EndIf
CLS
$RE=RedirectOutput (@SCRIPTDIR + "\Output\IEcheck_@WKSTA.txt",1)
; Set the IE worksheet and INI section variables for Windows 2003 and XP. None for Win2k.
Select
Case @DOS="5.2"
$IEESC1 = ReadValue($MSK + "\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}", "IsInstalled")
$IEESC2 = ReadValue($MSK + "\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}", "IsInstalled")
If $IEESC1="1" And $IEESC2="1"
$WrkSht="IE Checklist-W_IEESC"
$INISec="IEESC_Info"
Else
$WrkSht="IE Checklist-NO IEESC"
$INISec="IENoESC_Info"
EndIf
$=WriteProfileString ($INIFile,"IE_INFO","IE_Worksheet_CU",$WrkSht + " (CU)")
$=WriteProfileString ($INIFile,"IE_INFO","IE_Worksheet_LM",$WrkSht + " (LM)")
$=WriteProfileString ($INIFile,"IE_INFO","IE_INISec",$INISec)
Case @DOS="5.1"
$WrkSht="IE Checklist"
$INISec="IENoESC_Info"
$=WriteProfileString ($INIFile,"IE_INFO","IE_Worksheet_CU",$WrkSht + " (CU)")
$=WriteProfileString ($INIFile,"IE_INFO","IE_Worksheet_LM",$WrkSht + " (LM)")
$=WriteProfileString ($INIFile,"IE_INFO","IE_INISec",$INISec)
EndSelect
??
?" *********************************************************"
?" ********** Checking INTERNET EXPLORER SETTINGS **********"
?" *************** Verify with Documentation ***************"
?" *********************************************************"
?
$VAR = ""
$ = RegCmpr("HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings","Security_HKLM_only","1","Configure IE to use only machine settings is")
; Open & Read General IE Settings File into array
$ObjTxt = CreateObject("Scripting.FileSystemObject")
$ObjFl = $ObjTxt.OpenTextFile(@SCRIPTDIR + "\Patch Files\IE_General.txt",Not 0)
$IEArray = Split($ObjFl.ReadAll,@CRLF)
$s = UBound($IEArray)
ReDim Preserve $IEArray[$s]
$=$ObjFl.Close
$SIEKY = "1","2"
For Each $CR in $SIEKY
Select
Case $CR = "1"
$IEAS = "HKCU"
$VAR = "CU_"
???" **Current User Settings**"?
Case $CR = "2"
$IEAS = "HKLM"
$VAR = "LM_"
???" **Local Machine Settings**"?
EndSelect
$RegKey = "Start_Page"
$reg = ReadValue($IEAS + "\Software\Microsoft\Internet Explorer\Main","Start Page")
? "Home Page - " + $reg ?
$=WriteProfileString ($INIFile,$INISec,$VAR + $RegKey,$reg)
$ = RegCmpr($IEAS + "\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1","Flags","211","Configure Local Zone Includes properly is")
$IEKY = "3","1","2","4"
For Each $ZN in $IEKY
Select
Case $ZN ="1"
??? " Local Intranet Zone "?" ------------------- "
$ = DOZONE($ZN)
Case $ZN ="2"
??? " Trusted Sites Zone "?" ------------------ "
$ = DOZONE($ZN)
Case $ZN ="3"
??? " Internet Zone "?" ------------- "
$ = DOZONE($ZN)
Case $ZN ="4"
??? " Restricted Sites Zone "?" -------------------- "
$ = DOZONE($ZN)
EndSelect
Next
???" Advanced Settings "?" ----------------- "?
For Each $IEVal in $IEArray
$SubArray = Split($IEVal,"|")
$RLoc = $SubArray[0]
$RKey = $SubArray[1]
$ExpVal = $SubArray[2]
$Blurb = $SubArray[3]
$ = RegCmpr($IEAS + $RLoc,$RKey,$ExpVal,$Blurb)
Next
Next
Exit
; FUNCTIONS
Function DOZONE($ZN)
$ = RegRd("SecLevel","SecLevel",$ZN)
If $iereg = "0"
?? "Security Level for this zone is configured properly."
Else
?? "Security Level for this zone is not configured properly."
EndIf
??"---------------------------------"?".NET FRAMEWORK-RELIANT COMPONENTS"?"---------------------------------"?
$ = RegRd("DotNet","DotNet",$ZN)
??"------------------------------"?"ACTIVE X CONTROLS AND PLUG-INS"?"------------------------------"?
$ = RegRd("ActiveX","ActiveX",$ZN)
??"---------"?"DOWNLOADS"?"---------"?
$ = RegRd("Downloads","Downloads",$ZN)
??"----"?"JAVA"?"----"?
$ = RegRd("Java","Java",$ZN)
Select
Case $IEREG = "0"
$ireg = "Disable java"
Case $IEREG = "65536"
$ireg = "High safety"
Case $IEREG = "131072"
$ireg = "Medium safety"
Case $IEREG = "196608"
$ireg = "Low safety"
Case $IEREG = "524288"
$ireg = "Custom"
EndSelect
? $KBlurb + " - " + $IREG ?
??"-------------"?"MISCELLANEOUS"?"-------------"?
$ = RegRd("Misc","Misc",$ZN)
??"----------"?"SCRIPTING"?"----------"?
$ = RegRd("Script","Script",$ZN)
??"-------------------"?"USER AUTHENTICATION"?"-------------------"?
$ = RegRd("UsrAuth","UsrAuth",$ZN)
Select
Case $IEREG = "0"
$ireg = "Automatically logon with current username and password"
Case $IEREG = "65536"
$ireg = "Prompt for user name and password"
Case $IEREG = "131072"
$ireg = "Automatic logon only in the Intranet zone"
Case $IEREG = "196608"
$ireg = "Anonymous logon"
EndSelect
? $KBlurb + " - " + $IREG ?
$DOZONE = @SERROR
EndFunction
; Function to compare a registry value to an expected value and write results to output ini file.
Function RegCmpr($RegLoc,$RegKey,$ExpVal,$Blurb)
$RegCmpr = ReadValue($RegLoc,$RegKey)
If $RegCmpr = $ExpVal
? $Blurb + $Pos ?
$=WriteProfileString ($INIFile,$INISec,$VAR + $RegKey,"1")
Else
? $Blurb + $Neg ?
$=WriteProfileString ($INIFile,$INISec,$VAR + $RegKey,"0")
EndIf
EndFunction
; Function to read a registry value and write the value to the output ini file under the correct zone.
Function RegRd($IHdr,$ILoc,$ZN)
$ZLoc = $IEAS + "\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zones\" + $ZN
$IVal= ReadProfileString ($IEIni,$IHdr,$ILoc)
If InStr($IVAL,";") <> 0
$IArry = Split($IVal,";")
$t = UBound($IArry) - 1
ReDim Preserve $IArry[$t]
Else
$IArry = $IVal
EndIf
If @Error <> 0
?"Error: " + @SERROR
EndIf
$Z = 0
For $IIdx = 0 to $t
$KArry = Split($IArry[$Z],"|")
$RegKey = $KArry[0]
$KBlurb = $KArry[1]
$GetIReg = $KArry[2]
$iereg = ReadValue($ZLoc,$RegKey)
$=WriteProfileString ($INIFile,$INISec,$VAR + $ZN + "_" + $RegKey,$iereg)
If $GetIReg <> 0
Select
Case $IEREG = "1"
$IREG = "Prompt"
Case $IEREG = "0"
$IREG = "Enabled"
Case $IEREG = "3"
$IREG = "Disabled"
Case $IEREG = ""
$IREG = "<NULL>"
Case $IEREG = "65536"
If $RegKey = "1200"
$IREG = "Administrator Approved"
Else
$ireg = "High"
EndIf
Case $IEREG = "131072"
$ireg = "Medium"
Case $IEREG = "196608"
$ireg = "Low"
EndSelect
? $KBlurb + " - " + $IREG ?
EndIf
$Z = $Z + 1
Next
$RegRd = $IREG
EndFunction
EDIT: apologies for the length...i know its kind of beasty
Edited by Stixx (2009-03-23 07:12 PM)
|
|
Top
|
|
|
|
|
#193080 - 2009-03-23 07:41 PM
Re: Logging security settings in IE
[Re: Stixx]
|
NTDOC
Administrator
Registered: 2000-07-28
Posts: 11625
Loc: CA
|
Well using the Sanity script from Glenn here is what I get back which shows why you're not getting good results.
Warning: Variable declared multiple times.
Variable Name: $Blurb
In function: RegCmpr
Referenced on line: 189
Previously declared as GLOBAL on line 14.
Warning: Undeclared variable.
Variable Name: $CCS
In function: Main
Referenced on line: 17
Warning: Undeclared variable.
Variable Name: $TCPPMTR
In function: Main
Referenced on line: 18
Warning: Undeclared variable.
Variable Name: $AFDPMTR
In function: Main
Referenced on line: 19
Warning: Undeclared variable.
Variable Name: $MSK
In function: Main
Referenced on line: 20
Warning: Undeclared variable.
Variable Name: $WLGN
In function: Main
Referenced on line: 21
Warning: Undeclared variable.
Variable Name: $UIE
In function: Main
Referenced on line: 22
Warning: Undeclared variable.
Variable Name: $MIE
In function: Main
Referenced on line: 23
Warning: Undeclared variable.
Variable Name: $RE
In function: Main
Referenced on line: 36
Warning: Undeclared variable.
Variable Name: $IEESC1
In function: Main
Referenced on line: 41
Warning: Undeclared variable.
Variable Name: $IEESC2
In function: Main
Referenced on line: 42
Warning: Undeclared variable.
Variable Name: $WrkSht
In function: Main
Referenced on line: 44
Warning: Undeclared variable.
Variable Name: $INISec
In function: Main
Referenced on line: 45
Warning: Undeclared variable.
Variable Name: $
In function: Main
Referenced on line: 50
Warning: Undeclared variable.
Variable Name: $VAR
In function: Main
Referenced on line: 67
Warning: Undeclared variable.
Variable Name: $ObjTxt
In function: Main
Referenced on line: 71
Warning: Undeclared variable.
Variable Name: $ObjFl
In function: Main
Referenced on line: 72
Warning: Undeclared variable.
Variable Name: $s
In function: Main
Referenced on line: 74
Warning: Undeclared variable.
Variable Name: $SIEKY
In function: Main
Referenced on line: 78
Warning: Undeclared variable.
Variable Name: $CR
In function: Main
Referenced on line: 79
Warning: Undeclared variable.
Variable Name: $IEAS
In function: Main
Referenced on line: 82
Warning: Undeclared variable.
Variable Name: $RegKey
In function: Main
Referenced on line: 91
Warning: Undeclared variable.
Variable Name: $reg
In function: Main
Referenced on line: 92
Warning: Undeclared variable.
Variable Name: $IEKY
In function: Main
Referenced on line: 98
Warning: Undeclared variable.
Variable Name: $ZN
In function: Main
Referenced on line: 99
Warning: Undeclared variable.
Variable Name: $IEVal
In function: Main
Referenced on line: 118
Warning: Undeclared variable.
Variable Name: $RLoc
In function: Main
Referenced on line: 120
Warning: Undeclared variable.
Variable Name: $RKey
In function: Main
Referenced on line: 121
Warning: Undeclared variable.
Variable Name: $ExpVal
In function: Main
Referenced on line: 122
Warning: Undeclared variable.
Variable Name: $
In function: DOZONE
Referenced on line: 134
Warning: Undeclared variable.
Variable Name: $iereg
In function: DOZONE
Referenced on line: 135
Warning: Undeclared variable.
Variable Name: $ireg
In function: DOZONE
Referenced on line: 154
Warning: Undeclared variable.
Variable Name: $KBlurb
In function: DOZONE
Referenced on line: 164
Warning: Undeclared variable.
Variable Name: $
In function: RegCmpr
Referenced on line: 193
Warning: Undeclared variable.
Variable Name: $INISec
In function: RegCmpr
Referenced on line: 193
Warning: Undeclared variable.
Variable Name: $VAR
In function: RegCmpr
Referenced on line: 193
Warning: Undeclared variable.
Variable Name: $ZLoc
In function: RegRd
Referenced on line: 202
Warning: Undeclared variable.
Variable Name: $IEAS
In function: RegRd
Referenced on line: 202
Warning: Undeclared variable.
Variable Name: $IVal
In function: RegRd
Referenced on line: 203
Warning: Undeclared variable.
Variable Name: $t
In function: RegRd
Referenced on line: 206
Warning: Undeclared variable.
Variable Name: $Z
In function: RegRd
Referenced on line: 215
Warning: Undeclared variable.
Variable Name: $IIdx
In function: RegRd
Referenced on line: 216
Warning: Undeclared variable.
Variable Name: $KArry
In function: RegRd
Referenced on line: 217
Warning: Undeclared variable.
Variable Name: $RegKey
In function: RegRd
Referenced on line: 218
Warning: Undeclared variable.
Variable Name: $KBlurb
In function: RegRd
Referenced on line: 219
Warning: Undeclared variable.
Variable Name: $GetIReg
In function: RegRd
Referenced on line: 220
Warning: Undeclared variable.
Variable Name: $iereg
In function: RegRd
Referenced on line: 221
Warning: Undeclared variable.
Variable Name: $
In function: RegRd
Referenced on line: 222
Warning: Undeclared variable.
Variable Name: $INISec
In function: RegRd
Referenced on line: 222
Warning: Undeclared variable.
Variable Name: $VAR
In function: RegRd
Referenced on line: 222
Warning: Undeclared variable.
Variable Name: $IREG
In function: RegRd
Referenced on line: 226
51 warnings generated, 250 lines processed.
|
|
Top
|
|
|
|
Moderator: Shawn, ShaneEP, Ruud van Velsen, Arend_, Jochen, Radimus, Glenn Barnas, Allen, Mart
|
0 registered
and 581 anonymous users online.
|
|
|
