gjyoung1974 · December 15, 2016 08:23
diff --git a/read_reg_multi_sz_value.js b/read_reg_multi_sz_value.js
 // Gordon Young 2016 [email protected]
 // This script :
 // 1. Reads the given Windows registry subkey value reg_multi_sz data type
 // 2. Compares it to the provided expected setting
 // if the configured setting is compliant the script returns 'pass', 
 // if the setting is non-compliant the script returns 'fail'

 //The registry path we want to test
 var hklm = 0x80000002, KeyName = "SYSTEM\\CurrentControlSet\\Control\\SecurePipeServers\\winreg\\AllowedExactPaths", ValueName = "Machine";

 //set our Array of expected CI Settings values:
 var sExpectedValue = ["System\\CurrentControlSet\\Control\\Server Applications", "Software\\Microsoft\\Windows NT\\CurrentVersion", "System\\CurrentControlSet\\Control\\ProductOptions"];

 // The following function wmiExec() is is just a generic way to call "C Style" provider methods that require output parameters. This helps to return output from the GetMultiStringValue
 // For example the windows regisry method we are calling look like: https://msdn.microsoft.com/en-us/library/aa390458(v=vs.85).aspx
 // uint32 GetMultiStringValue(
 //   [in]  uint32 hDefKey = HKEY_LOCAL_MACHINE,
 //   [in]  string sSubKeyName,
 //   [in]  string sValueName,
 //   [out] string sValue[] << we need a way to get the output value
 // );

 function wmiExec(wmiService, providerName, methodName, methodParameters) {
    var wmiProviderObject = wmiService.Get(providerName);
    var wmiProviderMethod = wmiProviderObject.Methods_.Item(methodName);
    var wmiInputParameterObject = wmiProviderMethod.Inparameters.SpawnInstance_();
    for (var parameter in methodParameters) {
        wmiInputParameterObject.Properties_.item(parameter) = methodParameters[parameter];
    }
    wmiOutParameterObject = wmiProviderObject.ExecMethod_(wmiProviderMethod.Name, wmiInputParameterObject);
    return wmiOutParameterObject;
 }

 var wmiLocatorObj = WScript.CreateObject("WbemScripting.SWbemLocator"); //instanciate WMI provider
 var wmiServiceDefault = wmiLocatorObj.ConnectServer(".", "root\\default");

 // Executing the GetMultiStringValue method and creating an array of the resulting values.
 var methodParameters = new Object();
 methodParameters["hDefKey"] = hklm;
 methodParameters["sSubKeyName"] = KeyName;
 methodParameters["sValueName"] = ValueName;

 var result = wmiExec(wmiServiceDefault, "StdRegProv", "GetMultiStringValue", methodParameters);

 try {
    var presentValues = result.sValue.toArray(); var newValues = new Array(); //marshal "presentValues" as proper Javascript Array as newValues
    for (var i = 0; i < presentValues.length; i++) {
        newValues.push(presentValues[i]);
    }

    //this polyfill implements Javascript ECMA-262 Array.protype.every() - We use this to compare the expected settings array with the returned results
    // https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/every
    Array.prototype.every || (Array.prototype.every = function (a, b) { "use strict"; var c, d; if (null == this) throw new TypeError("this is null or not defined"); var e = Object(this), f = e.length >>> 0; if ("function" != typeof a) throw new TypeError; for (arguments.length > 1 && (c = b), d = 0; d < f;) { var g; if (d in e) { g = e[d]; var h = a.call(c, g, d, e); if (!h) return !1 } d++ } return !0 });

    //sort our arrays to avoid comparison failures due to reg_multi_sz ordering
    sExpectedValue.sort(); newValues.sort();

    //compare our expected CI Settings with those returned from the registry
    var is_same = sExpectedValue.length == newValues.length && sExpectedValue.every(function (element, index) {
        return element === newValues[index];
    });

    if (is_same) {
        WScript.Echo('pass')
    }
    else {
        WScript.Echo('fail')
    }

 }
 catch (err) {
    WScript.Echo('fail');
 }
	// Gordon Young 2016 [email protected]
	// This script :
	// 1. Reads the given Windows registry subkey value reg_multi_sz data type
	// 2. Compares it to the provided expected setting
	// if the configured setting is compliant the script returns 'pass',
	// if the setting is non-compliant the script returns 'fail'

	//The registry path we want to test
	var hklm = 0x80000002, KeyName = "SYSTEM\\CurrentControlSet\\Control\\SecurePipeServers\\winreg\\AllowedExactPaths", ValueName = "Machine";

	//set our Array of expected CI Settings values:
	var sExpectedValue = ["System\\CurrentControlSet\\Control\\Server Applications", "Software\\Microsoft\\Windows NT\\CurrentVersion", "System\\CurrentControlSet\\Control\\ProductOptions"];

	// The following function wmiExec() is is just a generic way to call "C Style" provider methods that require output parameters. This helps to return output from the GetMultiStringValue
	// For example the windows regisry method we are calling look like: https://msdn.microsoft.com/en-us/library/aa390458(v=vs.85).aspx
	// uint32 GetMultiStringValue(
	// [in] uint32 hDefKey = HKEY_LOCAL_MACHINE,
	// [in] string sSubKeyName,
	// [in] string sValueName,
	// [out] string sValue[] << we need a way to get the output value
	// );

	function wmiExec(wmiService, providerName, methodName, methodParameters) {
	var wmiProviderObject = wmiService.Get(providerName);
	var wmiProviderMethod = wmiProviderObject.Methods_.Item(methodName);
	var wmiInputParameterObject = wmiProviderMethod.Inparameters.SpawnInstance_();
	for (var parameter in methodParameters) {
	wmiInputParameterObject.Properties_.item(parameter) = methodParameters[parameter];
	}
	wmiOutParameterObject = wmiProviderObject.ExecMethod_(wmiProviderMethod.Name, wmiInputParameterObject);
	return wmiOutParameterObject;
	}

	var wmiLocatorObj = WScript.CreateObject("WbemScripting.SWbemLocator"); //instanciate WMI provider
	var wmiServiceDefault = wmiLocatorObj.ConnectServer(".", "root\\default");

	// Executing the GetMultiStringValue method and creating an array of the resulting values.
	var methodParameters = new Object();
	methodParameters["hDefKey"] = hklm;
	methodParameters["sSubKeyName"] = KeyName;
	methodParameters["sValueName"] = ValueName;

	var result = wmiExec(wmiServiceDefault, "StdRegProv", "GetMultiStringValue", methodParameters);

	try {
	var presentValues = result.sValue.toArray(); var newValues = new Array(); //marshal "presentValues" as proper Javascript Array as newValues
	for (var i = 0; i < presentValues.length; i++) {
	newValues.push(presentValues[i]);
	}

	//this polyfill implements Javascript ECMA-262 Array.protype.every() - We use this to compare the expected settings array with the returned results
	// https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/every
	Array.prototype.every \|\| (Array.prototype.every = function (a, b) { "use strict"; var c, d; if (null == this) throw new TypeError("this is null or not defined"); var e = Object(this), f = e.length >>> 0; if ("function" != typeof a) throw new TypeError; for (arguments.length > 1 && (c = b), d = 0; d < f;) { var g; if (d in e) { g = e[d]; var h = a.call(c, g, d, e); if (!h) return !1 } d++ } return !0 });

	//sort our arrays to avoid comparison failures due to reg_multi_sz ordering
	sExpectedValue.sort(); newValues.sort();

	//compare our expected CI Settings with those returned from the registry
	var is_same = sExpectedValue.length == newValues.length && sExpectedValue.every(function (element, index) {
	return element === newValues[index];
	});

	if (is_same) {
	WScript.Echo('pass')
	}
	else {
	WScript.Echo('fail')
	}

	}
	catch (err) {
	WScript.Echo('fail');
	}