elresleff · May 16, 2019 18:49
diff --git a/Find_java_CFs.ps1 b/Find_java_CFs.ps1
 # I have no choice but to write this in pseudo code (or at least resembling pseudo code in my mind).
 # The first thing I want to do is find any Commercial Features (CFs) in JRE
 # Second, find any Commercial Features (CFs) in JDK

 Function getJavaCFs

 # This is going to only find all applications/files beginning with "java" - i.e java.exe, javaw.exe, javaws.exe, etc... in the JRE
 $filename = '*java*.*' # you can use wildcards here for name and for extension
 $searchinfolder32 = 'C:\Program Files (x86)\Java\jre1.8.0_201\bin'
 $searchinfolder64 = 'C:\Program Files\Java\jre1.8.0_201\bin'
 Get-ChildItem -Path $searchinfolder32 -Filter $filename -Recurse | %{$_.FullName}
 Get-ChildItem -Path $searchinfolder64 -Filter $filename -Recurse | %{$_.FullName}


 # Find all available CFs within JRE that are enabled and/or running - usually only one which is:
 # • JRE Usage Tracking

 # cmd to get running processes = jcmd
 # here I'm wanting to retrieve the text output and grab info from the text.
 # What I am looking for is:
 #   First: "<PID> sun.tools.jcmd.JCmd" should be returned. If this is all that shows - No CFs are currently running
 #   Next:  "<PID>" - If this is returned (without any other text), this is a good indication a a CF is running.
 # I can then exec: jcmd <PID> help to retreive a list of java cmds available to me. This list can be as long as 20-25 cmds.

 # I would want to get the PID from the text (not the one accompanying "sun.tools.jcmd.JCMD")
 # Also the following is the PS equivalent to the java cmd to get pid (which I need to look through my notes for)
 $prc = get-process -id $pid


 # JDK Section

 # This is going to only find all applications/files beginning with "java" - i.e java.exe, javaw.exe, javaws.exe, etc... in the JDK
 $filename = '*java*.*' # you can use wildcards here for name and for extension
 $searchinfolder = 'C:\Program Files\Java\jdk1.8.0_201\bin'
 Get-ChildItem -Path $searchinfolder -Filter $filename -Recurse | %{$_.FullName}

 # Find all available CFs within JDK that are enabled and/or running - usually only one which is:
 #	• Java SE Enterprise (MSI) Installer
 #	• Java Flight Recorder
 #	• Java Mission Control
 #	• Java Advanced Management Console
 #	• JRE Usage Tracking - Yes... it could be installed as part of the JDK
 #	• JRocket Flight Recorder
 #	• JRocket Mission Control
 #	• JRocket Real Time Deterministic GC

 # Repeat the getting of the PID(s) (and rinse)

 # This snippet might be something to start with - changing "Clean-String" to "getJavaCFs" as it is on line 5
 # In this snip, I'm looking more at the structure and less on what the function is actually doing after it grabs the text.
 # Although I think there is a lot of value in cleaning - if it's needed...
 function Clean-String($InputString)
 {
    $maxStringLenth = 500
    if($InputString -eq ""){return $InputString}
    #Remove special characters and line breaks
    Try
    {   
        #If array, join items with a pipe "|" separator (check if array first in order to NOT run the -join command on non arrays and waste time)
            #Using -is [array] is the quickest way to check for if an array or not
        if($InputString -is [array]){$InputString = $InputString -join '|'}
        #Replace special characters like line breaks and tabs
            #.Replace is twice as fast as -Replace ; also twice as fast as trying to check for -Match or -Like to see if any characters even present
        $InputString = $InputString.Replace("`t"," ").Replace("`r"," ").Replace("`n"," ")
        #Cut string down to max length set in variable at top of function ($maxStringLenth)
        if($InputString.length -ge $maxStringLenth){$InputString = $InputString.substring(0,$maxStringLenth)}
        return $InputString
    }
    Catch
    {
        #null string value or error
        return "Clean-String.ERROR"
    }
 }

 # *****************************************************************************
 # PS C:\> jcmd
 # 3588 sun.tools.jcmd.JCmd
 # PS C:\> jcmd 3588 help
 # 3588:
 # java.io.IOException: no such process
 #         at sun.tools.attach.WindowsVirtualMachine.openProcess(Native Method)
 #         at sun.tools.attach.WindowsVirtualMachine.<init>(WindowsVirtualMachine.java:56)
 #         at sun.tools.attach.WindowsAttachProvider.attachVirtualMachine(WindowsAttachProvider.java:69)
 #         at com.sun.tools.attach.VirtualMachine.attach(VirtualMachine.java:208)
 #         at sun.tools.jcmd.JCmd.executeCommandForPid(JCmd.java:147)
 #         at sun.tools.jcmd.JCmd.main(JCmd.java:131)
 # 
 # 
 # At this point - I launch Java Mission Control (JMC)
 # 
 # Then:
 # PS C:\> jcmd
 # 15204
 # 17384 sun.tools.jcmd.JCmd
 # 
 # PS C:\> jcmd 15204 help
 # 15204:
 # The following commands are available:
 # JFR.stop
 # JFR.start
 # JFR.dump
 # JFR.check
 # VM.native_memory
 # VM.check_commercial_features
 # VM.unlock_commercial_features
 # ManagementAgent.stop
 # ManagementAgent.start_local
 # ManagementAgent.start
 # VM.classloader_stats
 # GC.rotate_log
 # Thread.print
 # GC.class_stats
 # GC.class_histogram
 # GC.heap_dump
 # GC.finalizer_info
 # GC.heap_info
 # GC.run_finalization
 # GC.run
 # VM.uptime
 # VM.dynlibs
 # VM.flags
 # VM.system_properties
 # VM.command_line
 # VM.version
 # help
 # 
 # For more information about a specific command use 'help <command>'.
 # PS C:\>
 # 
 # PS C:\> jcmd 15204 VM.check_commercial_features
 # 15204:
 # Commercial Features are unlocked.
 # Status of individual features:
 #   Java Flight Recorder has been used.
 #   Resource Management is disabled.
 #   Current Memory Restriction: None (0)
 # PS C:\>
 # 
 # PS C:\> jcmd 15204 VM.command_line
 # 15204:
 # VM Arguments:
 # jvm_args: -XX:+UseG1GC -XX:+UnlockCommercialFeatures -XX:+FlightRecorder -XX:FlightRecorderOptions=defaultrecording=true -Djava.net.preferIPv4Stack=true
 # java_command: <unknown>
 # java_class_path (initial): C:\Program Files\Java\jdk1.8.0_201\bin\\../lib/missioncontrol/plugins/org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar
 # Launcher Type: generic
 # PS C:\>
 # 
 # PS C:\> jcmd 15204 JFR.check
 # 15204:
 # Recording: recording=0 name="HotSpot default" (running)
 # PS C:\>
	# I have no choice but to write this in pseudo code (or at least resembling pseudo code in my mind).
	# The first thing I want to do is find any Commercial Features (CFs) in JRE
	# Second, find any Commercial Features (CFs) in JDK

	Function getJavaCFs

	# This is going to only find all applications/files beginning with "java" - i.e java.exe, javaw.exe, javaws.exe, etc... in the JRE
	$filename = 'java.*' # you can use wildcards here for name and for extension
	$searchinfolder32 = 'C:\Program Files (x86)\Java\jre1.8.0_201\bin'
	$searchinfolder64 = 'C:\Program Files\Java\jre1.8.0_201\bin'
	Get-ChildItem -Path $searchinfolder32 -Filter $filename -Recurse \| %{$_.FullName}
	Get-ChildItem -Path $searchinfolder64 -Filter $filename -Recurse \| %{$_.FullName}


	# Find all available CFs within JRE that are enabled and/or running - usually only one which is:
	# • JRE Usage Tracking

	# cmd to get running processes = jcmd
	# here I'm wanting to retrieve the text output and grab info from the text.
	# What I am looking for is:
	# First: "<PID> sun.tools.jcmd.JCmd" should be returned. If this is all that shows - No CFs are currently running
	# Next: "<PID>" - If this is returned (without any other text), this is a good indication a a CF is running.
	# I can then exec: jcmd <PID> help to retreive a list of java cmds available to me. This list can be as long as 20-25 cmds.

	# I would want to get the PID from the text (not the one accompanying "sun.tools.jcmd.JCMD")
	# Also the following is the PS equivalent to the java cmd to get pid (which I need to look through my notes for)
	$prc = get-process -id $pid


	# JDK Section

	# This is going to only find all applications/files beginning with "java" - i.e java.exe, javaw.exe, javaws.exe, etc... in the JDK
	$filename = 'java.*' # you can use wildcards here for name and for extension
	$searchinfolder = 'C:\Program Files\Java\jdk1.8.0_201\bin'
	Get-ChildItem -Path $searchinfolder -Filter $filename -Recurse \| %{$_.FullName}

	# Find all available CFs within JDK that are enabled and/or running - usually only one which is:
	# • Java SE Enterprise (MSI) Installer
	# • Java Flight Recorder
	# • Java Mission Control
	# • Java Advanced Management Console
	# • JRE Usage Tracking - Yes... it could be installed as part of the JDK
	# • JRocket Flight Recorder
	# • JRocket Mission Control
	# • JRocket Real Time Deterministic GC

	# Repeat the getting of the PID(s) (and rinse)

	# This snippet might be something to start with - changing "Clean-String" to "getJavaCFs" as it is on line 5
	# In this snip, I'm looking more at the structure and less on what the function is actually doing after it grabs the text.
	# Although I think there is a lot of value in cleaning - if it's needed...
	function Clean-String($InputString)
	{
	$maxStringLenth = 500
	if($InputString -eq ""){return $InputString}
	#Remove special characters and line breaks
	Try
	{
	#If array, join items with a pipe "\|" separator (check if array first in order to NOT run the -join command on non arrays and waste time)
	#Using -is [array] is the quickest way to check for if an array or not
	if($InputString -is [array]){$InputString = $InputString -join '\|'}
	#Replace special characters like line breaks and tabs
	#.Replace is twice as fast as -Replace ; also twice as fast as trying to check for -Match or -Like to see if any characters even present
	$InputString = $InputString.Replace("`t"," ").Replace("`r"," ").Replace("`n"," ")
	#Cut string down to max length set in variable at top of function ($maxStringLenth)
	if($InputString.length -ge $maxStringLenth){$InputString = $InputString.substring(0,$maxStringLenth)}
	return $InputString
	}
	Catch
	{
	#null string value or error
	return "Clean-String.ERROR"
	}
	}

	# *****************************************************************************
	# PS C:\> jcmd
	# 3588 sun.tools.jcmd.JCmd
	# PS C:\> jcmd 3588 help
	# 3588:
	# java.io.IOException: no such process
	# at sun.tools.attach.WindowsVirtualMachine.openProcess(Native Method)
	# at sun.tools.attach.WindowsVirtualMachine.<init>(WindowsVirtualMachine.java:56)
	# at sun.tools.attach.WindowsAttachProvider.attachVirtualMachine(WindowsAttachProvider.java:69)
	# at com.sun.tools.attach.VirtualMachine.attach(VirtualMachine.java:208)
	# at sun.tools.jcmd.JCmd.executeCommandForPid(JCmd.java:147)
	# at sun.tools.jcmd.JCmd.main(JCmd.java:131)
	#
	#
	# At this point - I launch Java Mission Control (JMC)
	#
	# Then:
	# PS C:\> jcmd
	# 15204
	# 17384 sun.tools.jcmd.JCmd
	#
	# PS C:\> jcmd 15204 help
	# 15204:
	# The following commands are available:
	# JFR.stop
	# JFR.start
	# JFR.dump
	# JFR.check
	# VM.native_memory
	# VM.check_commercial_features
	# VM.unlock_commercial_features
	# ManagementAgent.stop
	# ManagementAgent.start_local
	# ManagementAgent.start
	# VM.classloader_stats
	# GC.rotate_log
	# Thread.print
	# GC.class_stats
	# GC.class_histogram
	# GC.heap_dump
	# GC.finalizer_info
	# GC.heap_info
	# GC.run_finalization
	# GC.run
	# VM.uptime
	# VM.dynlibs
	# VM.flags
	# VM.system_properties
	# VM.command_line
	# VM.version
	# help
	#
	# For more information about a specific command use 'help <command>'.
	# PS C:\>
	#
	# PS C:\> jcmd 15204 VM.check_commercial_features
	# 15204:
	# Commercial Features are unlocked.
	# Status of individual features:
	# Java Flight Recorder has been used.
	# Resource Management is disabled.
	# Current Memory Restriction: None (0)
	# PS C:\>
	#
	# PS C:\> jcmd 15204 VM.command_line
	# 15204:
	# VM Arguments:
	# jvm_args: -XX:+UseG1GC -XX:+UnlockCommercialFeatures -XX:+FlightRecorder -XX:FlightRecorderOptions=defaultrecording=true -Djava.net.preferIPv4Stack=true
	# java_command: <unknown>
	# java_class_path (initial): C:\Program Files\Java\jdk1.8.0_201\bin\\../lib/missioncontrol/plugins/org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar
	# Launcher Type: generic
	# PS C:\>
	#
	# PS C:\> jcmd 15204 JFR.check
	# 15204:
	# Recording: recording=0 name="HotSpot default" (running)
	# PS C:\>