Last active
October 8, 2024 19:57
-
-
Save jonny-jhnson/0886573078494fc45089b853017b517d to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $LoadedDrivers = Get-CimInstance -ClassName Win32_SystemDriver | |
| $LoadedDrivers | % { | |
| if ($_.PathName -ne $null) { | |
| # Check if the path starts with \??\ and adjust the relative path | |
| if ($_.PathName.StartsWith("\??\")) { | |
| $RelativePath = $_.PathName.Remove(0,4) | |
| } else { | |
| $RelativePath = $_.PathName | |
| } | |
| # Calculate hash only if a valid path is available | |
| $Hash = (Get-FileHash -Path $RelativePath -Algorithm SHA256).Hash.ToLower() | |
| # Create a custom object with path and hash | |
| $CurrentLoaded = [PSCustomObject] @{Path = $RelativePath; Hash = $Hash} | |
| } | |
| } | |
| $RequestContent = ((Invoke-WebRequest -Uri 'https://www.loldrivers.io/api/drivers.json' -UseBasicParsing).Content).toLower() | ConvertFrom-Json | |
| $samples = $RequestContent | ForEach-Object { $_.knownvulnerablesamples } | |
| foreach ($a in $samples.sha256) { | |
| foreach ($b in $CurrentLoaded) { | |
| if ($a -eq $b.Hash) { | |
| $b | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hey @GalliumPaul!
Sorry for the late response, but you are correct. There were actually two issues with my script:
($_.PathName.StartsWith("\??\") -eq $true)before($_.PathName -ne $null)$Hash = (Get-FileHash -Path $RelativePath -Algorithm SHA256).Hash.ToLower()within the($_.PathName.StartsWith("\??\") -eq $trueblock.Thank you for looking at this and commenting! I will apply your changes :)