jhochwald · November 2, 2022 11:56
diff --git a/Invoke-ScanForCVE20223602.ps1 b/Invoke-ScanForCVE20223602.ps1

 <#
      .SYNOPSIS
      Scan for CVE-2022-3602 vulnerable versions of OpenSSL
   
      .DESCRIPTION
      Scan for CVE-2022-3602 vulnerable versions of OpenSSL
   
      .PARAMETER All
      Scan for all versions or just for vulnerable versions of OpenSSL
   
      .EXAMPLE
      PS C:\> .\Invoke-ScanForCVE20223602.ps1
   
      .NOTES
      Additional information about the file.
 #>
 [CmdletBinding(ConfirmImpact = 'Low')]
 [OutputType([string])]
 param
 (
   [Parameter(ValueFromPipeline,
   ValueFromPipelineByPropertyName)]
   [Alias('AllVersions', 'ScanAll')]
   [bool]
   $All = $false
 )

 begin
 {
   if ($All -eq $true)
   {
      # All Versions
      $OpensslRegex = 'OpenSSL\s*[0-9]\.[0-9]\.[0-9]'
   }
   else
   {
      # Scan for vulnerable versions only?
      $OpensslRegex = 'OpenSSL\s*3\.0\.[0-6]'
   }
 }

 process
 {
   # Get all Drives
   $AllDrives = ((Get-PSDrive -PSProvider FileSystem).Root)

   foreach ($DriveToScan in $AllDrives)
   {
      Write-Output -InputObject ('Start Scan on {1} on {0}' -f $env:COMPUTERNAME, $DriveToScan)
   
      try
      {
         Get-ChildItem -Path $DriveToScan -Include libcrypto*.dll, libssl*.dll -File -Recurse -ErrorAction SilentlyContinue | ForEach-Object -Process {
            # use RegEx to parse the dll strings for an OpenSSL Version Number
            $OpensslVersion = (Select-String -Path $_ -Pattern $OpensslRegex -AllMatches | ForEach-Object -Process {
                  $_.Matches
               } | ForEach-Object -Process {
                  $_.Value
            })
            if ($OpensslVersion) 
            {
               # Print OpenSSL version number followed by file name
               Write-Warning -Message ('{0} - {1} ' -f $OpensslVersion, $_)
            }
         }
      }
      catch
      {
         $_ | Write-Verbose
      }

      Write-Output -InputObject ('Done Scan on {1} on {0}' -f $env:COMPUTERNAME, $DriveToScan)
   }
 }

	<#
	.SYNOPSIS
	Scan for CVE-2022-3602 vulnerable versions of OpenSSL

	.DESCRIPTION
	Scan for CVE-2022-3602 vulnerable versions of OpenSSL

	.PARAMETER All
	Scan for all versions or just for vulnerable versions of OpenSSL

	.EXAMPLE
	PS C:\> .\Invoke-ScanForCVE20223602.ps1

	.NOTES
	Additional information about the file.
	#>
	[CmdletBinding(ConfirmImpact = 'Low')]
	[OutputType([string])]
	param
	(
	[Parameter(ValueFromPipeline,
	ValueFromPipelineByPropertyName)]
	[Alias('AllVersions', 'ScanAll')]
	[bool]
	$All = $false
	)

	begin
	{
	if ($All -eq $true)
	{
	# All Versions
	$OpensslRegex = 'OpenSSL\s*[0-9]\.[0-9]\.[0-9]'
	}
	else
	{
	# Scan for vulnerable versions only?
	$OpensslRegex = 'OpenSSL\s*3\.0\.[0-6]'
	}
	}

	process
	{
	# Get all Drives
	$AllDrives = ((Get-PSDrive -PSProvider FileSystem).Root)

	foreach ($DriveToScan in $AllDrives)
	{
	Write-Output -InputObject ('Start Scan on {1} on {0}' -f $env:COMPUTERNAME, $DriveToScan)

	try
	{
	Get-ChildItem -Path $DriveToScan -Include libcrypto.dll, libssl.dll -File -Recurse -ErrorAction SilentlyContinue \| ForEach-Object -Process {
	# use RegEx to parse the dll strings for an OpenSSL Version Number
	$OpensslVersion = (Select-String -Path $_ -Pattern $OpensslRegex -AllMatches \| ForEach-Object -Process {
	$_.Matches
	} \| ForEach-Object -Process {
	$_.Value
	})
	if ($OpensslVersion)
	{
	# Print OpenSSL version number followed by file name
	Write-Warning -Message ('{0} - {1} ' -f $OpensslVersion, $_)
	}
	}
	}
	catch
	{
	$_ \| Write-Verbose
	}

	Write-Output -InputObject ('Done Scan on {1} on {0}' -f $env:COMPUTERNAME, $DriveToScan)
	}
	}