asked on

system object audit script

Hello Ee,

As a system engineer , I need to develop a way to audit the GAC , and our custom application objects to verify it matches the QA approved version of the system . This is a result of issues in our team's deployment process and source code .

I am proficient in powershell and thought of using a script to capture the properties of the dlls and any other properties from the GAC , but there may be a tool or script out there already that does this ?

Also, the file version property of any dll , how is that in putted, is this done at time of build . I see a lot of dlls with a file version as blank.

Mauro Cazabonnet

Hi,
I had a similar challenge verifying dll and exe's. I calculated the SHA1 hash value and ran a comparison.

Please check the link below

http://windowsitpro.com/scripting/calculate-md5-and-sha1-file-hashes-using-powershell

davesnb

ASKER

Thanks for the info but the dlls and objects in question do not have a hash , are there any other ways?

Mauro Cazabonnet

With the scripts in the link you can generate a SHA or MD5 hash value from the files and then run a comparison with the script's that generated them.

I'll upload a sample script

davesnb

ASKER

Can you upload a sample

Mauro Cazabonnet

Sorry, I'll upload in a few hours...
Regards,
M

davesnb

ASKER

thank you.

SOLUTION

Mauro Cazabonnet

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Mauro Cazabonnet

This is the function I used to check the hash value in the audit script

example
$strTemp = GetFileHash $filePath MD5

function GetFileHash
{
	param(
    ## The path of the file to check
    $Path,

    ## The algorithm to use for hash computation
    [ValidateSet("MD5", "SHA1", "SHA256", "SHA384", "SHA512")]
    $HashAlgorithm = "MD5"
	)

	## Create the hash object that calculates the hash of our file.
	$hashType = [Type] "System.Security.Cryptography.$HashAlgorithm"
	$hasher = $hashType::Create()

	## Create an array to hold the list of files
	$files = @()

	## If they specified the file name as a parameter, add that to the list
	## of files to process
	if($path)
	{
 	   $files += $path
	}
	## Otherwise, take the files that they piped in to the script.
	## For each input file, put its full name into the file list
	else
	{
   		$files += @($input | Foreach-Object { $_.FullName })
	}

	## Go through each of the items in the list of input files
	foreach($file in $files)
	{
    	## Skip the item if it is not a file
    	if(-not (Test-Path $file -Type Leaf)) { continue }

    	## Convert it to a fully-qualified path
    	$filename = (Resolve-Path $file).Path

    	## Use the ComputeHash method from the hash object to calculate
    	## the hash
    	$inputStream = New-Object IO.StreamReader $filename
    	$hashBytes = $hasher.ComputeHash($inputStream.BaseStream)
    	$inputStream.Close()

    	## Convert the result to hexadecimal
    	$builder = New-Object System.Text.StringBuilder
    	$hashBytes | Foreach-Object { [void] $builder.Append($_.ToString("X2")) }

    	## Return a custom object with the important details from the
    	## hashing
		$HashValue = $builder.ToString()
    	$output = New-Object PsObject -Property @{
        	#Path = ([IO.Path]::GetFileName($file));
        	Path = $filename
			HashAlgorithm = $hashAlgorithm;
        	HashValue = $builder.ToString()
    	}

    		Return $HashValue
	}		
}

Open in new window

davesnb

ASKER

I am confused, will the script apply a hash to files that do not have an MD5 or does it just "get" the existing hash value ? Can you specify exactly where it generates an MD5 and applies it to the file in question.

ASKER CERTIFIED SOLUTION

Mauro Cazabonnet

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial