-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathAppControlHelper.au3
More file actions
154 lines (133 loc) · 5.18 KB
/
AppControlHelper.au3
File metadata and controls
154 lines (133 loc) · 5.18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
DllCall("user32.dll", "bool", "SetProcessDpiAwarenessContext", @AutoItX64 ? "int64" : "int", -2)
#include <File.au3>
#include <MsgBoxConstants.au3>
#include <String.au3>
#include "includes\XML.au3"
#NoTrayIcon
#RequireAdmin
#AutoIt3Wrapper_Icon=AppControl.ico
#AutoIt3Wrapper_UseX64=y
#AutoIt3Wrapper_Res_Description=App Control Tray Helper
#AutoIt3Wrapper_res_requestedExecutionLevel=requireAdministrator
#AutoIt3Wrapper_Res_Fileversion=6.1.0
#AutoIt3Wrapper_Res_ProductVersion=6.1.0
#AutoIt3Wrapper_Res_ProductName=AppControlTrayHelper
#AutoIt3Wrapper_Outfile_x64=AppControlHelper.exe
#AutoIt3Wrapper_Res_LegalCopyright=@ 2026 WildByDesign
#AutoIt3Wrapper_Res_Language=1033
#AutoIt3Wrapper_Res_HiDpi=N
#AutoIt3Wrapper_Res_Icon_Add=AppControl.ico
#AutoIt3Wrapper_UseUpx=N
#AutoIt3Wrapper_Compression=0
#AutoIt3Wrapper_Run_Au3Stripper=y
$sTitle = "AppControlTrayHelper"
Global $isDarkMode = is_app_dark_theme()
#cs ----------------------------------------------------------------------------
Function : is_app_dark_theme()
Description : returns if the user has enabled the dark theme for applications in the Windows settings (0 on / 1 off)
if OS too old (key does not exist) the key returns nothing, so function returns False
#ce ----------------------------------------------------------------------------
func is_app_dark_theme()
return(regread('HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize', 'AppsUseLightTheme') == 0) ? True : False
endfunc
If $CmdLine[0] = 0 Then Exit MsgBox(16, $sTitle, "No parameters passed!")
If $CmdLine[1] = "/CiTool" Then
Run('C:\Windows\System32\CiTool.exe --list-policies', "")
EndIf
If $CmdLine[1] = "/LogsCI" Then
$oXML=ObjCreate("Microsoft.XMLDOM")
$stest = FileRead(@AppDataDir & "\Microsoft\MMC\eventvwr")
$oXML.LoadXML($stest)
If Not _XML_NodeExists($oXML, "//DynamicPath") Then
Run(@ComSpec & " /c " & 'eventvwr /c:"Microsoft-Windows-CodeIntegrity/Operational"', "", @SW_HIDE)
Else
$oXMLChild1 = $oXML.selectSingleNode( "//DynamicPath" )
$parent = $oXMLChild1.ParentNode
$test = $parent.removeChild ( $oXMLChild1 )
$oXML.Save(@AppDataDir & "\Microsoft\MMC\eventvwr")
Sleep(500)
Run(@ComSpec & " /c " & 'eventvwr /c:"Microsoft-Windows-CodeIntegrity/Operational"', "", @SW_HIDE)
EndIf
EndIf
If $CmdLine[1] = "/LogsScript" Then
$oXML=ObjCreate("Microsoft.XMLDOM")
$stest = FileRead(@AppDataDir & "\Microsoft\MMC\eventvwr")
$oXML.LoadXML($stest)
If Not _XML_NodeExists($oXML, "//DynamicPath") Then
Run(@ComSpec & " /c " & 'eventvwr /c:"Microsoft-Windows-AppLocker/MSI and Script"', "", @SW_HIDE)
Else
$oXMLChild1 = $oXML.selectSingleNode( "//DynamicPath" )
$parent = $oXMLChild1.ParentNode
$test = $parent.removeChild ( $oXMLChild1 )
$oXML.Save(@AppDataDir & "\Microsoft\MMC\eventvwr")
Sleep(500)
Run(@ComSpec & " /c " & 'eventvwr /c:"Microsoft-Windows-AppLocker/MSI and Script"', "", @SW_HIDE)
EndIf
EndIf
If $CmdLine[1] = "/AddPolicies" Then
Local $spFile
$mFile = FileOpenDialog("Select Policy File(s) to Add or Update", @ScriptDir, "Policy Files (*.cip)", 1 + 4 )
If @error Then
ConsoleWrite("error")
Else
$spFile = StringSplit($mFile, "|")
If UBound($spFile) = 2 Then
$path = $spFile[1]
_ArrayDelete($spFile, 0)
Local $sDrive = "", $sDir = "", $sFileName = "", $sExtension = ""
Local $aPathSplit = _PathSplit($spFile[0], $sDrive, $sDir, $sFileName, $sExtension)
Local $cmd1 = ' (citool.exe -up '
Local $cmd2 = '"'
Local $cmd3 = $aPathSplit[3]
Local $cmd4 = $aPathSplit[4]
Local $cmd5 = '"'
Local $cmd6 = ' -json)'
Run(@ComSpec & " /c " & $cmd1 & $cmd2 & $cmd3 & $cmd4 & $cmd5 & $cmd6, "", @SW_HIDE)
Else
$path = $spFile[1]
_ArrayDelete($spFile, 0)
_ArrayDelete($spFile, 0)
For $x = 0 to UBound($spFile)-1
Local $cmd1 = ' (citool.exe -up '
Local $cmd2 = '"'
Local $cmd3 = $spFile[$x]
Local $cmd4 = '"'
Local $cmd5 = ' -json)'
Run(@ComSpec & " /c " & $cmd1 & $cmd2 & $cmd3 & $cmd4 & $cmd5, "", @SW_HIDE)
Next
EndIf
EndIf
EndIf
If $CmdLine[1] = "/RemovePolicies" Then
Local $spFile
$mFile = FileOpenDialog("Select Policy File(s) for Removal", "C:\Windows\System32\CodeIntegrity\CIPolicies\Active\", "Policy Files (*.cip)", 1 + 4 )
If @error Then
ConsoleWrite("error")
Else
$spFile = StringSplit($mFile, "|")
If UBound($spFile) = 2 Then
$path = $spFile[1]
_ArrayDelete($spFile, 0)
$aExtract = _StringBetween($spFile[0], "{", "}")
Local $cmd1 = ' (citool.exe -rp '
Local $cmd2 = '"{'
Local $cmd3 = $aExtract[0]
Local $cmd4 = '}"'
Local $cmd5 = ' -json)'
Run(@ComSpec & " /c " & $cmd1 & $cmd2 & $cmd3 & $cmd4 & $cmd5, "", @SW_HIDE)
Else
$path = $spFile[1]
_ArrayDelete($spFile, 0)
_ArrayDelete($spFile, 0)
For $x = 0 to UBound($spFile)-1
$aExtract = _StringBetween($spFile[$x], "{", "}")
Local $cmd1 = ' (citool.exe -rp '
Local $cmd2 = '"{'
Local $cmd3 = $aExtract[0]
Local $cmd4 = '}"'
Local $cmd5 = ' -json)'
Run(@ComSpec & " /c " & $cmd1 & $cmd2 & $cmd3 & $cmd4 & $cmd5, "", @SW_HIDE)
Next
EndIf
EndIf
EndIf