-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathdncat-uninstall.ps1
108 lines (90 loc) · 2.95 KB
/
dncat-uninstall.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
<#
.SYNOPSIS
DotnetCat uninstaller script for x64 and x86 Windows systems.
.DESCRIPTION
DotnetCat remote command shell application
uninstaller script for x64 and x86 Windows systems.
.LINK
Application repository: https://github.com/vandavey/DotnetCat
#>
using namespace System.Runtime.InteropServices
using namespace System.Security.Principal
[CmdletBinding()]
param ()
$DefaultErrorPreference = $ErrorActionPreference
$DefaultProgressPreference = $ProgressPreference
# Reset the global preference variables.
function Reset-Preferences {
$ErrorActionPreference = $DefaultErrorPreference
$ProgressPreference = $DefaultProgressPreference
}
# Write an error message to stderr and exit.
function Show-Error {
$Symbol = "[x]"
Reset-Preferences
if ($PSVersionTable.PSVersion.Major -ge 6) {
$Symbol = "`e[91m${Symbol}`e[0m"
}
[Console]::Error.WriteLine("${Symbol} ${args}`n")
exit 1
}
# Write a status message to stdout.
function Show-Status {
$Symbol = "[*]"
if ($PSVersionTable.PSVersion.Major -ge 6) {
$Symbol = "`e[96m${Symbol}`e[0m"
}
Write-Output "${Symbol} ${args}"
}
$ErrorActionPreference = "Stop"
$ProgressPreference = "SilentlyContinue"
# Require Windows operating system
if (-not [RuntimeInformation]::IsOSPlatform([OSPlatform]::Windows)) {
Show-Error "Windows operating system required"
}
$UserPrincipal = [WindowsPrincipal]::new([WindowsIdentity]::GetCurrent())
# Require elevated shell privileges
if (-not $UserPrincipal.IsInRole([WindowsBuiltInRole]::Administrator)) {
Show-Error "Administrator shell privileges required"
}
# Validate CPU architecture and set variables
if ($env:PROCESSOR_ARCHITECTURE -eq "AMD64") {
$AppDir = "${env:ProgramFiles}\DotnetCat"
}
elseif ($env:PROCESSOR_ARCHITECTURE -eq "x86") {
$AppDir = "${env:ProgramFiles(x86)}\DotnetCat"
}
else {
Show-Error "Unsupported processor architecture: '${env:PROCESSOR_ARCHITECTURE}'"
}
# Remove all application files
if (Test-Path $AppDir) {
Show-Status "Removing application files from '${AppDir}'..."
Remove-Item $AppDir -Recurse -Force
}
else {
Show-Status "No application files to remove from '${AppDir}'"
}
$EnvTarget = [EnvironmentVariableTarget]::Machine
$EnvPath = [Environment]::GetEnvironmentVariable("Path", $EnvTarget)
# Remove application directory from environment path
if ($EnvPath.Contains($AppDir)) {
if ($EnvPath -eq $AppDir -or $EnvPath -eq "${AppDir};") {
$EnvPath = [string]::Empty
}
elseif ($EnvPath.StartsWith($AppDir)) {
$EnvPath = $EnvPath.Replace("${AppDir};", $null)
}
else {
$EnvPath = $EnvPath.Replace(";${AppDir}", $null)
}
[Environment]::SetEnvironmentVariable("Path", $EnvPath, $EnvTarget)
if ($?) {
Show-Status "Removed '${AppDir}' from environment path"
}
else {
Show-Error "Failed to remove '${AppDir}' from environment path"
}
}
Reset-Preferences
Show-Status "DotnetCat was successfully uninstalled`n"