external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-03-09 15:40:18 +00:00
Code Issues Releases Wiki Activity

More work on Intel AMT ACM host-based TLS activation.

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2021-03-16 13:56:14 -07:00
parent 3b2ef66dcd
commit 286342bb1b
5 changed files with 86 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

20
agents/meshcmd.js
View file

@ -113,7 +113,7 @@ function run(argv) {
//console.log('addedModules = ' + JSON.stringify(addedModules));
var actionpath = 'meshaction.txt';
if (args.actionfile != null) { actionpath = args.actionfile; }
var actions = ['HELP', 'ROUTE', 'MICROLMS', 'AMTCONFIG', 'AMTSCAN', 'AMTPOWER', 'AMTFEATURES', 'AMTNETWORK', 'AMTLOADWEBAPP', 'AMTLOADSMALLWEBAPP', 'AMTLOADLARGEWEBAPP', 'AMTCLEARWEBAPP', 'AMTSTORAGESTATE', 'AMTINFO', 'AMTINFODEBUG', 'AMTVERSIONS', 'AMTHASHES', 'AMTSAVESTATE', 'AMTUUID', 'AMTCCM', 'AMTDEACTIVATE', 'AMTACMDEACTIVATE', 'SMBIOS', 'RAWSMBIOS', 'MESHCOMMANDER', 'AMTAUDITLOG', 'AMTEVENTLOG', 'AMTPRESENCE', 'AMTWIFI', 'AMTWAKE', 'AMTSTOPCONFIGURATION'];
var actions = ['HELP', 'ROUTE', 'MICROLMS', 'AMTCONFIG', 'AMTSCAN', 'AMTPOWER', 'AMTFEATURES', 'AMTNETWORK', 'AMTLOADWEBAPP', 'AMTLOADSMALLWEBAPP', 'AMTLOADLARGEWEBAPP', 'AMTCLEARWEBAPP', 'AMTSTORAGESTATE', 'AMTINFO', 'AMTINFODEBUG', 'AMTVERSIONS', 'AMTHASHES', 'AMTSAVESTATE', 'AMTUUID', 'AMTCCM', 'AMTDEACTIVATE', 'AMTACMDEACTIVATE', 'SMBIOS', 'RAWSMBIOS', 'MESHCOMMANDER', 'AMTAUDITLOG', 'AMTEVENTLOG', 'AMTPRESENCE', 'AMTWIFI', 'AMTWAKE', 'AMTSTARTCONFIG', 'AMTSTOPCONFIG'];
// Load the action file
var actionfile = null;
@ -428,7 +428,21 @@ function run(argv) {
console.log('Proxy set to ' + proxy[0] + ':' + proxyport);
}
if (settings.action == 'amtstopconfiguration') {
if (settings.action == 'amtstartconfig') {
// Start Intel AMT configuration
var amtMeiModule, amtMei;
try { amtMeiModule = require('amt-mei'); amtMei = new amtMeiModule(); } catch (ex) { console.log(ex); exit(1); return; }
amtMei.on('error', function (e) { console.log('ERROR: ' + e); exit(1); return; });
amtMei.startConfiguration(function (state) {
if (state == 3) { console.log("Intel AMT is not in correct mode."); }
else if (state == 1) { console.log("Intel AMT internal error."); }
else if (state == 48) { console.log("Random generator not ready."); }
else if (state == 49) { console.log("Certificate not ready."); }
else if (state == 0) { console.log("Success."); }
else { console.log("Unknown status: " + state); }
exit(1);
});
} else if (settings.action == 'amtstopconfig') {
// Stop Intel AMT configuration
var amtMeiModule, amtMei;
try { amtMeiModule = require('amt-mei'); amtMei = new amtMeiModule(); } catch (ex) { console.log(ex); exit(1); return; }
@ -437,7 +451,7 @@ function run(argv) {
if (state == 3) { console.log("Intel AMT is not in in-provisionning mode."); }
else if (state == 1) { console.log("Intel AMT internal error."); }
else if (state == 0) { console.log("Success."); }
else { console.log("Unknown state: " + state); }
else { console.log("Unknown status: " + state); }
exit(1);
});
} else if (settings.action == 'smbios') {

5
agents/modules_meshcore/amt-apfclient.js
View file

@ -46,7 +46,10 @@ function CreateAPFClient(parent, args) {
function rstr2hex(input) { var r = '', i; for (i = 0; i < input.length; i++) { r += char2hex(input.charCodeAt(i)); } return r; }; // Convert a raw string to a hex string
function d2h(d) { return (d / 256 + 1 / 512).toString(16).substring(2, 4); }
function buf2hex(input) { var r = '', i; for (i = 0; i < input.length; i++) { r += d2h(input[i]); } return r; };
function Debug(str) { if (obj.parent.debug) { console.log(str); } }
function Debug(str) {
//require('MeshAgent').SendCommand({ action: 'msg', type: 'console', value: str });
if (obj.parent.debug) { console.log(str); }
}
function guidToStr(g) { return g.substring(6, 8) + g.substring(4, 6) + g.substring(2, 4) + g.substring(0, 2) + "-" + g.substring(10, 12) + g.substring(8, 10) + "-" + g.substring(14, 16) + g.substring(12, 14) + "-" + g.substring(16, 20) + "-" + g.substring(20); }
function strToGuid(s) { s = s.replace(/-/g, ''); var ret = s.substring(6, 8) + s.substring(4, 6) + s.substring(2, 4) + s.substring(0, 2) + s.substring(10, 12) + s.substring(8, 10) + s.substring(14, 16) + s.substring(12, 14) + s.substring(16, 20) + s.substring(20); return ret; }
function binzerostring(len) { var res = ''; for (var l = 0; l < len; l++) { res += String.fromCharCode(0 & 0xFF); } return res; }

15
agents/modules_meshcore/amt-mei.js
View file

@ -416,13 +416,15 @@ function amt_heci() {
for (var i = 4; i < arguments.length; ++i) { optional.push(arguments[i]); }
// Format the command
var data = Buffer.alloc(4 + 64 + 4 + 4 + 320);
data.writeUInt32LE((certHash.length == 48) ? 3 : 2, 0); // Write certificate hash type: SHA256 = 2, SHA384 = 3
certHash.copy(data, 4); // Write the hash
data.writeUInt32LE(hostVpn ? 1 : 0, 68); // Write is HostVPN is enabled
var len = 1 + 64 + 4 + 4;
if (dnsSuffixList != null) { len += 320; }
var data = Buffer.alloc(len);
data[0] = (certHash.length == 48) ? 3 : 2; // Write certificate hash type: SHA256 = 2, SHA384 = 3
certHash.copy(data, 1); // Write the hash
data.writeUInt32LE(hostVpn ? 1 : 0, 65); // Write is HostVPN is enabled
if (dnsSuffixList != null) {
data.writeUInt32LE(dnsSuffixList.length, 72); // Write the number of DNS Suffix, from 0 to 4
var ptr = 76;
data.writeUInt32LE(dnsSuffixList.length, 69); // Write the number of DNS Suffix, from 0 to 4
var ptr = 73;
for (var i = 0; i < dnsSuffixList.length; i++) { ptr += data.write(dnsSuffixList[i], ptr) + 1; } // Write up to 4 DNS Suffix with null seperation.
}
@ -443,7 +445,6 @@ function amt_heci() {
module.exports = amt_heci;
/*
AMT_STATUS_SUCCESS = 0,
AMT_STATUS_INTERNAL_ERROR = 1,