Skip to content

Instantly share code, notes, and snippets.

@Jasemalsadi

Jasemalsadi/GPOSearcher.html

Last active November 15, 2022 08:19
Show Gist options
  • Save Jasemalsadi/bdc0392b838e263db4af78a698e8579f to your computer and use it in GitHub Desktop.
Save Jasemalsadi/bdc0392b838e263db4af78a698e8579f to your computer and use it in GitHub Desktop.
Download ZIP
Using Grouper3 output, we can search for certain text in the each GPO , for example, any usage for allowunencryptedTraffic
Raw
GPOSearcher.html
<!DOCTYPE html>
<html>
<head>
<!-- <script src="script.js"></script> -->
</head>
<body>
<h1> GPO Pattern Searcher </h1>
<p> Choose the GPO path file and text pattern to search for </p>
<form name="myForm" onsubmit="return FindThePattern(true)">
<input accept=".txt" type="file" id="myFile" name="filename" required>
<p> Pattern:</p>
<input type="text" id="lname" name="lname" required><br><br>
<p> Offset before the pattern:</p>
<input type="range" min="1" max="10000" value="300" class="slider" id="start" onchange="FindThePattern()" oninput="this.nextElementSibling.value = this.value">
<output>300</output>
<p> Offsent after the pattern:</p>
<input type="range" min="1" max="10000" value="300" class="slider" id="end" onchange="FindThePattern()" oninput="this.nextElementSibling.value = this.value">
<output>300</output>
<br><br>
<input type="submit">
</form>
<pre id="output">
</pre>
<script>
var is_first_time = false;
function FindThePattern() {
if (document.forms["myForm"]["lname"].value == '' || document.forms["myForm"]["filename"].files.length
== 0) return false
ReadFileAllBrowsers(document.forms["myForm"]["filename"],function (fileContent) {
let pattern = document.forms["myForm"]["lname"].value.toLowerCase();
var start;
var end;
if (is_first_time ) {
start = Number(document.getElementById("start").value);
end = Number(document.getElementById("end").value);
}else {
start = Number(document.getElementById("start").defaultValue);
end = Number(document.getElementById("end").defaultValue);
document.getElementById("end").value = start;
document.getElementById("start").value = end;
is_first_time = true;
}
let output = findthePattern_(pattern,fileContent,start,end);
document.getElementById("output").innerHTML = output == "" ? "No results were found" : encodeHTML(output);
})
return false
}
function encodeHTML(s) {
return s.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/"/g, '&quot;');
}
function printError(err) {
alert(err);
console.log(err);
}
function findthePattern_(search_text,dump,start_offset,end_offset) {
var GPOs = dump.split("[GPO]")
//var currentMachineGPO = GPOs.shift()
General_string = "";
for (var i = 0; i < GPOs.length; i++) {
var current = GPOs[i];
var gpo_name;
var all_gpo_information;
if (i!=0) {
gpo_name = current.split("|")[2];
all_gpo_information = current.split("_");
if (all_gpo_information.length > 1) all_gpo_information = all_gpo_information[0];
else if((current.split("\n\n| ")).length>1) all_gpo_information = current.split("\n\n| ")[0];
else all_gpo_information = current.substr(0,indexes(current,"Path in SYSVOL".toLocaleLowerCase())*2.5);
} else { // Getting information about my current GPO
gpo_name = "My Current GPO"
all_gpo_information = "Our Current machine GPO"
}
var matches = indexes(current, search_text);
// console.log(all_gpo_information);
// console.log("\n\n----------Finding------- \n");
if (matches.length > 0) {
General_string += (all_gpo_information);
General_string += (`
----------Finding-------
`);
for (var i2 = 0; i2 < matches.length; i2++) { // printing the results
var current_match = matches[i2];
var start = current_match < start_offset ? 0 : current_match - start_offset;
var end = current.length <= end_offset ? current.length : current_match + end_offset;
General_string += (current.substr(start, end-start));
}
General_string += (`
------------------------------------------------------------------------------------------
`);
}
}
return General_string;
}
function indexes(source, find) {
//find = find.toLowerCase();
var a = [], i = -1;
while ((i = source.toLowerCase().indexOf(find, i + 1)) >= 0) a.push(i);
return a;
}
function download(filename, text) {
var element = document.createElement('a');
element.setAttribute('href', 'data:text/plain;charset=utf-8,' + encodeURIComponent(text));
element.setAttribute('download', filename);
element.style.display = 'none';
document.body.appendChild(element);
element.click();
document.body.removeChild(element);
}
//Tested in Mozilla Firefox browser, Chrome
function ReadFileAllBrowsers(FileElement, CallBackFunction) {
try {
var file = FileElement.files[0];
var contents_ = "";
if (file) {
var reader = new FileReader();
reader.readAsText(file, "UTF-8");
reader.onload = function(evt) {
CallBackFunction(evt.target.result);
}
reader.onerror = function(evt) {
alert("Error reading file");
}
}
} catch (Exception) {
var fall_back = ieReadFile(FileElement.value);
if (fall_back != false) {
CallBackFunction(fall_back);
}
}
}
///Reading files with Internet Explorer
function ieReadFile(filename) {
try {
var fso = new ActiveXObject("Scripting.FileSystemObject");
var fh = fso.OpenTextFile(filename, 1);
var contents = fh.ReadAll();
fh.Close();
return contents;
} catch (Exception) {
alert(Exception);
return false;
}
}
</script>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment