system object audit script

Hello Ee,

As a system engineer , I need to develop a way to audit the GAC , and our custom application objects to verify it matches the QA approved version of the system . This is a result of issues in our team's deployment process and source code .

I am proficient in powershell and thought of using a script to capture the properties of the dlls and any other properties from the GAC , but there may be a tool or script out there already that does this ?

Also, the file version property of any dll , how is that in putted, is this done at time of build . I see a lot of dlls with a file version as blank.
davesnbAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mauro CazabonnetSenior Software EngineerCommented:
Hi,
I had a similar challenge verifying dll and exe's. I calculated the SHA1 hash value and ran a comparison.

Please check the link below

http://windowsitpro.com/scripting/calculate-md5-and-sha1-file-hashes-using-powershell
0
davesnbAuthor Commented:
Thanks for the info but the dlls and objects in question do not have a hash , are there any other ways?
0
Mauro CazabonnetSenior Software EngineerCommented:
With the scripts in the link you can generate a SHA or MD5 hash value from the files and then run a comparison with the script's that generated them.

I'll upload a sample script
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

davesnbAuthor Commented:
Can you upload a sample
0
Mauro CazabonnetSenior Software EngineerCommented:
Sorry, I'll upload in a few hours...
Regards,
M
0
davesnbAuthor Commented:
thank you.
0
Mauro CazabonnetSenior Software EngineerCommented:
This script will generate a hash value of the file inputed

##############################################################################
##
## Get-FileHash
##
## From Windows PowerShell Cookbook (O'Reilly)
## by Lee Holmes (http://www.leeholmes.com/guide)
##
##############################################################################

<#

.SYNOPSIS

Get the hash of an input file.

.EXAMPLE

Get-FileHash myFile.txt
Gets the hash of a specific file

.EXAMPLE

dir | Get-FileHash
Gets the hash of files from the pipeline

.EXAMPLE

Get-FileHash myFile.txt -Hash SHA1
Gets the has of myFile.txt, using the SHA1 hashing algorithm

#>

param(
    ## The path of the file to check
    $Path,

    ## The algorithm to use for hash computation
    [ValidateSet("MD5", "SHA1", "SHA256", "SHA384", "SHA512")]
    $HashAlgorithm = "MD5"
)



## Create the hash object that calculates the hash of our file.
$hashType = [Type] "System.Security.Cryptography.$HashAlgorithm"
$hasher = $hashType::Create()

## Create an array to hold the list of files
$files = @()

## If they specified the file name as a parameter, add that to the list
## of files to process
if($path)
{
    $files += $path
}
## Otherwise, take the files that they piped in to the script.
## For each input file, put its full name into the file list
else
{
    $files += @($input | Foreach-Object { $_.FullName })
}

## Go through each of the items in the list of input files
foreach($file in $files)
{
    ## Skip the item if it is not a file
    if(-not (Test-Path $file -Type Leaf)) { continue }

    ## Convert it to a fully-qualified path
    $filename = (Resolve-Path $file).Path

    ## Use the ComputeHash method from the hash object to calculate
    ## the hash
    $inputStream = New-Object IO.StreamReader $filename
    $hashBytes = $hasher.ComputeHash($inputStream.BaseStream)
    $inputStream.Close()

    ## Convert the result to hexadecimal
    $builder = New-Object System.Text.StringBuilder
    $hashBytes | Foreach-Object { [void] $builder.Append($_.ToString("X2")) }

    ## Return a custom object with the important details from the
    ## hashing
	$HashValue = $builder.ToString()
    $output = New-Object PsObject -Property @{
        #Path = ([IO.Path]::GetFileName($file));
        Path = $filename
		HashAlgorithm = $hashAlgorithm;
        HashValue = $builder.ToString()
    }

    Return $HashValue
}

Open in new window

0
Mauro CazabonnetSenior Software EngineerCommented:
This is the function I used to check the hash value in the audit script

example
$strTemp = GetFileHash $filePath MD5

function GetFileHash
{
	param(
    ## The path of the file to check
    $Path,

    ## The algorithm to use for hash computation
    [ValidateSet("MD5", "SHA1", "SHA256", "SHA384", "SHA512")]
    $HashAlgorithm = "MD5"
	)

	## Create the hash object that calculates the hash of our file.
	$hashType = [Type] "System.Security.Cryptography.$HashAlgorithm"
	$hasher = $hashType::Create()

	## Create an array to hold the list of files
	$files = @()

	## If they specified the file name as a parameter, add that to the list
	## of files to process
	if($path)
	{
 	   $files += $path
	}
	## Otherwise, take the files that they piped in to the script.
	## For each input file, put its full name into the file list
	else
	{
   		$files += @($input | Foreach-Object { $_.FullName })
	}

	## Go through each of the items in the list of input files
	foreach($file in $files)
	{
    	## Skip the item if it is not a file
    	if(-not (Test-Path $file -Type Leaf)) { continue }

    	## Convert it to a fully-qualified path
    	$filename = (Resolve-Path $file).Path

    	## Use the ComputeHash method from the hash object to calculate
    	## the hash
    	$inputStream = New-Object IO.StreamReader $filename
    	$hashBytes = $hasher.ComputeHash($inputStream.BaseStream)
    	$inputStream.Close()

    	## Convert the result to hexadecimal
    	$builder = New-Object System.Text.StringBuilder
    	$hashBytes | Foreach-Object { [void] $builder.Append($_.ToString("X2")) }

    	## Return a custom object with the important details from the
    	## hashing
		$HashValue = $builder.ToString()
    	$output = New-Object PsObject -Property @{
        	#Path = ([IO.Path]::GetFileName($file));
        	Path = $filename
			HashAlgorithm = $hashAlgorithm;
        	HashValue = $builder.ToString()
    	}

    		Return $HashValue
	}		
}

Open in new window

0
davesnbAuthor Commented:
I am confused, will the script apply a hash to files that do not have an MD5 or does it just "get" the existing hash value ? Can you specify exactly where it generates an MD5 and applies it to the file in question.
0
Mauro CazabonnetSenior Software EngineerCommented:
It will generate a hash value of the file, it's not modifying the file. It's basically generating a finger print (hash value) of the file. With that value you can run the second piece of code to compare the baseline (from the initial capture) hash value with other files that you need to audit

Hopefully this makes sense
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.