Moved ComputerName connectivity test to the parameter validation. Added Write-Progress output for the steps being completed.

dotps1 · dotps1 · commit 6ae037d5aaa6 · 2017-05-16T14:24:07.000-04:00
diff --git a/Functions/Test-WannaCryVulnerability.ps1 b/Functions/Test-WannaCryVulnerability.ps1
@@ -1,7 +1,7 @@
 ﻿<#PSScriptInfo
 
 .Version
-    1.3
+    1.4
 .Guid
     477aa3f4-0434-4925-9c92-7323066cceb7
 .Author 
@@ -11,7 +11,7 @@
 .ProjectUri
     https://github.com/dotps1/PSFunctions
 .ReleaseNotes
-    Added a try catch to first WMI call in the 'ByComputerName' parameter set.  If the call fails the entire loop for that system will be terminated.
+    Moved ComputerName connectivity test to the parameter validation.  Added Write-Progress output for the steps being completed.
 
 #>
 
@@ -57,6 +57,8 @@
     Not applicable to windows 10.
 .Link
     https://www.redsocks.eu/news/ransomware-wannacry/
+.Link
+    https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,-windows-8,-and-windows-server-2012
 .Link
     https://dotps1.github.io
 .Link
@@ -80,6 +82,13 @@ param (
         ValueFromPipeline = $true,
         ValueFromPipelineByPropertyName = $true
     )]
+    [ValidateScript({
+        if (Test-Connection -ComputerName $_ -Count 1 -Quiet) {
+            return $true
+        } else {
+            throw "Failed to contact '$_'."
+        }
+    })]
     [Alias(
         "ComputerName"    
     )]
@@ -147,12 +156,8 @@ process {
     switch ($PSCmdlet.ParameterSetName) {
         "ByComputerName" { 
             foreach ($nameValue in $Name) {
-                if (-not (Test-Connection -ComputerName $nameValue -Count 1 -Quiet)) {
-                    Write-Warning -Message "Failed to contact $nameValue."
-                    continue
-                }
-
                 try {
+                    Write-Progress -Activity "Testing '$nameValue' for WannaCry vulnerabilities using WMI" -CurrentOperation "Retrieve operating system caption" -PercentComplete 20
                     $osCaption = Get-WmiObject -ComputerName $nameValue -Class Win32_OperatingSystem -Property Caption -Credential $Credential -ErrorAction Stop |
                         Select-Object -ExpandProperty Caption
                 } catch {
@@ -165,12 +170,14 @@ process {
                     continue
                 }
 
-                # Patches
-                $appliedHotFixIds = Get-WmiObject -ComputerName $nameValue -Class Win32_QuickFixEngineering -Credential $Credential |
-                    Where-Object -FilterScript { $_.HotFixID -in $hotFixIDs } |
-                        Select-Object -ExpandProperty HotFixID
+                # HotFixes
+                Write-Progress -Activity "Testing '$nameValue' for WannaCry vulnerabilities using WMI" -CurrentOperation "Inventory hotfix information" -PercentComplete 40
+                $appliedHotFixIds = (Get-WmiObject -ComputerName $nameValue -Class Win32_QuickFixEngineering -Credential $Credential).Where({
+                    $_.HotFixID -in $hotFixIDs
+                }).HotFixID
 
                 #SMB1 Feature
+                Write-Progress -Activity "Testing '$nameValue' for WannaCry vulnerabilities using WMI" -CurrentOperation "Retrieve SMB1 feature installation status" -PercentComplete 60
                 $smb1Feature = Get-WmiObject -ComputerName $nameValue -Class Win32_OptionalFeature -Property InstallState -Filter "Name = 'SMB1Protocol'" -Credential $Credential |
                     Select-Object -ExpandProperty InstallState
 
@@ -181,6 +188,7 @@ process {
                 }
 
                 #SMB1 Protocol
+                Write-Progress -Activity "Testing '$nameValue' for WannaCry vulnerabilities using WMI" -CurrentOperation "Retrieve SMB1 protocol status" -PercentComplete 80
                 $smb1Protocol = Invoke-WmiMethod -ComputerName $nameValue -Class StdRegProv -Name GetDwordValue -ArgumentList @( [uint32]2147483650, "SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters", "SMB1" ) -Credential $Credential |
                     Select-Object -ExpandProperty uValue
 
@@ -189,7 +197,9 @@ process {
                 } else {
                     $smb1ProtocolEnabled = $true
                 }
-
+                
+                # Vulnerable?
+                Write-Progress -Activity "Testing '$nameValue' for WannaCry vulnerabilities using WMI" -CurrentOperation "Determine vulnerability status" -PercentComplete 100
                 if ($appliedHotFixIds.Count -gt 0 -and -not $smb1FeatureEnabled -and -not $smb1ProtocolEnabled) {
                     $vulnerable = $false
                 } else {
@@ -211,6 +221,7 @@ process {
         
         "ByCimSession" {
             foreach ($cimSessionValue in $CimSession) {
+                Write-Progress -Activity "Testing '$nameValue' for WannaCry vulnerabilities using CIM" -CurrentOperation "Retrieve operating system caption" -PercentComplete 20
                 $osCaption = Get-CimInstance -CimSession $cimSessionValue -ClassName Win32_OperatingSystem -Property Caption | 
                     Select-Object -ExpandProperty Caption
 
@@ -219,12 +230,15 @@ process {
                     continue
                 }
 
-                # Patches
-                $appliedHotFixIds = Get-CimInstance -CimSession $CimSession -ClassName Win32_QuickFixEngineering |
-                    Where-Object -FilterScript { $_.HotFixID -in $hotFixIds } |
-                        Select-Object -ExpandProperty HotFixID
+                # HotFixes
+                Write-Progress -Activity "Testing '$nameValue' for WannaCry vulnerabilities using CIM" -CurrentOperation "Inventory hotfix information" -PercentComplete 40
+                $appliedHotFixIds = (Get-CimInstance -CimSession $CimSession -ClassName Win32_QuickFixEngineering).Where({
+                    $_.HotFixID -in $hotFixIDs
+                }).HotFixID
+
 
                 #SMB1 Feature
+                Write-Progress -Activity "Testing '$nameValue' for WannaCry vulnerabilities using CIM" -CurrentOperation "Retrieve SMB1 feature installation status" -PercentComplete 60
                 $smb1Feature = Get-CimInstance -CimSession $cimSessionValue -ClassName Win32_OptionalFeature -Property InstallState -Filter "Name = 'SMB1Protocol'" |
                     Select-Object -ExpandProperty InstallState
 
@@ -235,6 +249,7 @@ process {
                 }
 
                 # SMB1 Protocol
+                Write-Progress -Activity "Testing '$nameValue' for WannaCry vulnerabilities using CIM" -CurrentOperation "Retrieve SMB1 protocol status" -PercentComplete 80
                 $smb1Protocol = Invoke-CimMethod -CimSession $cimSessionValue -ClassName StdRegProv -MethodName GetDwordValue -Arguments @{ hDefKey = [uint32]2147483650; sSubKeyName = "SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters"; sValueName = "SMB1" } |
                     Select-Object -ExpandProperty uValue
 
@@ -244,6 +259,8 @@ process {
                     $smb1ProtocolEnabled = $true
                 }
 
+                # Vulnerable?
+                Write-Progress -Activity "Testing '$nameValue' for WannaCry vulnerabilities using CIM" -CurrentOperation "Determine vulnerability status" -PercentComplete 100
                 if ($appliedHotFixIds.Count -gt 0 -and -not $smb1FeatureEnabled -and -not $smb1ProtocolEnabled) {
                     $vulnerable = $false
                 }
