Jump to content
colombeen

[FUNC] Bitlocker Drive Info

Recommended Posts

colombeen

Hi everyone, I created a function to gather bitlocker information. It can tell you whether or not a drive is protected, which encryption method is being used, ...

I tried to cover all the details in the function description

 

The function (and 3 "internal" functions) :

; #FUNCTION# ====================================================================================================================
; Name...........: _BitlockerDriveInfo
; Description ...: Get Bitlocker information for one or multiple drives
; Syntax.........: _BitlockerDriveInfo([$sDrive[, $sComputer = @ComputerName[, $bDebug = False]]])
; Parameters ....: $sDrive  - Optional: The drive. Allowed values are:
;                  |""      - Get the info for all available drives
;                  |Letter: - Get the info for the specific drive
;                  $sComputer - Optional: The computer from which the info should be requested
;                  $bDebug  - Optional: Shows the hex ReturnValue from the WMI methods if set to True
; Return values .: Success  - Returns a 2D array with the following information
;                  |[string] Drive Letter
;                  |[string] Drive Label
;                  |[string] Volume Type
;                  |[bool]   Initialized For Protection
;                  |[string] Protection Status
;                  |[string] Lock Status
;                  |[bool]   Auto Unlock Enabled
;                  |[bool]   Auto Unlock Key Stored
;                  |[string] Conversion Status
;                  |[string] Encryption Method
;                  |[int]    Encryption Percentage
;                  |[string] Wiping Status
;                  |[int]    Wiping Percentage
;                  |[array]  Key Protectors (Or [string] "None" if the drive isn't protected)
;                  Failure  - 0, sets @error to:
;                  |1 - There was an issue retrieving the COM object. @extended returns error code from ObjGet
;                  |2 - The specified drive in $Drive doesn't exist
;                  |3 - There was an issue running the WMI query
; Author ........: colombeen
; Modified.......:
; Remarks .......: Requires to be run with admin elevation. Windows Vista or newer!
;                  A BIG THANKS to everyone from the community who contributed!
; Related .......:
; Link ..........:
; Example .......: #include <Array.au3>
;                  $Header = "Drive Letter|Drive Label|Volume Type|Initialized For Protection|Protection Status|" & _
;                            "Lock Status|Auto Unlock Enabled|Auto Unlock Key Stored|Conversion Status|Encryption " & _
;                            "Method|Encryption Percentage|Wiping Status|Wiping Percentage|Key Protectors"
;                  _ArrayDisplay(_BitlockerDriveInfo(), "Bitlocker Drive Info", "", 64, Default, $Header)
; ===============================================================================================================================
Func _BitlockerDriveInfo($sDrive = "", $sComputer = @ComputerName, $bDebug = False)
    Local $aConversionStatusMsg[7]  =   ["Unknown", "Fully Decrypted", "Fully Encrypted", "Encryption In Progress", "Decryption In Progress", "Encryption Paused", "Decryption Paused"]
    Local $aEncryptionMethodMsg[9]  =   ["Unknown", "None", "AES_128_WITH_DIFFUSER", "AES_256_WITH_DIFFUSER", "AES_128", "AES_256", "HARDWARE_ENCRYPTION", "XTS_AES_128", "XTS_AES_256"]
    Local $aKeyProtectorTypeMsg[11] =   ["Unknown or other protector type", "Trusted Platform Module (TPM)", "External key", "Numerical password", "TPM And PIN", "TPM And Startup Key", "TPM And PIN And Startup Key", "Public Key", "Passphrase", "TPM Certificate", "CryptoAPI Next Generation (CNG) Protector"]
    Local $aLockStatusMsg[3]        =   ["Unknown", "Unlocked", "Locked"]
    Local $aProtectionStatusMsg[3]  =   ["Unprotected", "Protected", "Unknown"]
    Local $aVolumeTypeMsg[3]        =   ["Operating System Volume", "Fixed Data Volume", "Portable Data Volume"]
    Local $aWipingStatusMsg[5]      =   ["Unknown", "Free Space Not Wiped", "Free Space Wiped", "Free Space Wiping In Progress", "Free Space Wiping Paused"]
    Local $iRow                     =   0
    Local $sRunMethod, $objWMIService, $objWMIQuery, $sDriveFilter, $iProtectionStatus, $iLockStatus, $bIsAutoUnlockEnabled, $bIsAutoUnlockKeyStored, $iConversionStatus, $iEncryptionPercentage, $iEncryptionFlags, $iWipingStatus, $iWipingPercentage, $iEncryptionMethod, $aVolumeKeyProtectorID, $aVolumeKeyProtectors, $iKeyProtectorType

    $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate,authenticationLevel=pktPrivacy}!\\" & $sComputer & "\root\CIMV2\Security\MicrosoftVolumeEncryption")
    If @error Then Return SetError(1, @error, 0)

    If $sDrive <> "" Then
        Local $iDriveType = _WMIPropertyValue("DriveType", "Win32_LogicalDisk", "WHERE DeviceID='" & $sDrive & "'", Default, $sComputer)
        If @error Or ($iDriveType <> 2 And $iDriveType <> 3) Then Return SetError(2, 0, 0)
        $sDriveFilter = " WHERE DriveLetter='" & $sDrive & "'"
    EndIf

    $objWMIQuery = $objWMIService.ExecQuery("SELECT * FROM Win32_EncryptableVolume" & $sDriveFilter, "WQL", 0)
    If Not IsObj($objWMIQuery) Then Return SetError(3, 0, 0)

    Local $aResult[$objWMIQuery.count][14]
    For $objDrive In $objWMIQuery
        If $bDebug Then ConsoleWrite(@CRLF & "+> " & $objDrive.DriveLetter & @CRLF)
        If _WMIMethodExists($objDrive, "GetConversionStatus") Then
            $sRunMethod = $objDrive.GetConversionStatus($iConversionStatus, $iEncryptionPercentage, $iEncryptionFlags, $iWipingStatus, $iWipingPercentage)
            If $bDebug Then ConsoleWrite("!> GetConversionStatus    0x" & Hex($sRunMethod) & @CRLF)
        Else
            $iConversionStatus      =   -1
            $iWipingStatus          =   -1
            $iEncryptionPercentage  =   0
            $iWipingPercentage      =   0
        EndIf
        If _WMIMethodExists($objDrive, "GetEncryptionMethod") Then
            $sRunMethod = $objDrive.GetEncryptionMethod($iEncryptionMethod)
            If $bDebug Then ConsoleWrite("!> GetEncryptionMethod    0x" & Hex($sRunMethod) & @CRLF)
        Else
            $iEncryptionMethod      =   0
        EndIf
        If _WMIMethodExists($objDrive, "GetKeyProtectors") Then
            $sRunMethod = $objDrive.GetKeyProtectors("0", $aVolumeKeyProtectorID)
            If $bDebug Then ConsoleWrite("!> GetKeyProtectors       0x" & Hex($sRunMethod) & @CRLF)
        Else
            $aVolumeKeyProtectorID  =   0
        EndIf
        If _WMIMethodExists($objDrive, "GetLockStatus") Then
            $sRunMethod = $objDrive.GetLockStatus($iLockStatus)
            If $bDebug Then ConsoleWrite("!> GetLockStatus          0x" & Hex($sRunMethod) & @CRLF)
        Else
            $iLockStatus            =   -1
        EndIf
        If _WMIMethodExists($objDrive, "GetProtectionStatus") Then
            $sRunMethod = $objDrive.GetProtectionStatus($iProtectionStatus)
            If $bDebug Then ConsoleWrite("!> GetProtectionStatus    0x" & Hex($sRunMethod) & @CRLF)
        Else
            $iProtectionStatus      =   2
        EndIf
        If _WMIMethodExists($objDrive, "IsAutoUnlockEnabled") Then
            $sRunMethod = $objDrive.IsAutoUnlockEnabled($bIsAutoUnlockEnabled)
            If $bDebug Then ConsoleWrite("!> IsAutoUnlockEnabled    0x" & Hex($sRunMethod) & @CRLF)
        Else
            $bIsAutoUnlockEnabled   =   "Unknown"
        EndIf
        If _WMIMethodExists($objDrive, "IsAutoUnlockKeyStored") Then
            $sRunMethod = $objDrive.IsAutoUnlockKeyStored($bIsAutoUnlockKeyStored)
            If $bDebug Then ConsoleWrite("!> IsAutoUnlockKeyStored  0x" & Hex($sRunMethod) & @CRLF)
        Else
            $bIsAutoUnlockKeyStored =   "Unknown"
        EndIf

        If IsArray($aVolumeKeyProtectorID) And UBound($aVolumeKeyProtectorID) > 0 Then
            Dim $aVolumeKeyProtectors[UBound($aVolumeKeyProtectorID)][2]

            For $i = 0 To UBound($aVolumeKeyProtectorID) - 1
                $aVolumeKeyProtectors[$i][0]        =   $aVolumeKeyProtectorID[$i]
                If _WMIMethodExists($objDrive, "GetKeyProtectorType") Then
                    If $objDrive.GetKeyProtectorType($aVolumeKeyProtectorID[$i], $iKeyProtectorType) = 0 Then
                        $aVolumeKeyProtectors[$i][1]=   $aKeyProtectorTypeMsg[$iKeyProtectorType]
                    Else
                        $aVolumeKeyProtectors[$i][1]=   "Unknown"
                    EndIf
                Else
                    $aVolumeKeyProtectors[$i][1]    =   "Unknown"
                EndIf
            Next
        Else
            $aVolumeKeyProtectors                   =   "None"
        EndIf

        ; DriveLetter
        $aResult[$iRow][0]      =   $objDrive.DriveLetter
        ; DriveLabel
        $aResult[$iRow][1]      =   _WMIPropertyValue("VolumeName", "Win32_LogicalDisk", "WHERE DeviceID='" & $objDrive.DriveLetter & "'", Default, $sComputer)
        ; VolumeType
        If _WMIPropertyExists($objDrive, "VolumeType") Then
            $aResult[$iRow][2]  =   $aVolumeTypeMsg[$objDrive.VolumeType]
        Else
            If $objDrive.DriveLetter = _WMIPropertyValue("SystemDrive", "Win32_OperatingSystem", "", Default, $sComputer) Then
                $aResult[$iRow][2]= $aVolumeTypeMsg[0]
            ElseIf _WMIPropertyValue("DriveType", "Win32_LogicalDisk", "WHERE DeviceID='" & $objDrive.DriveLetter & "'", Default, $sComputer) = 3 Then
                $aResult[$iRow][2]= $aVolumeTypeMsg[1]
            ElseIf _WMIPropertyValue("DriveType", "Win32_LogicalDisk", "WHERE DeviceID='" & $objDrive.DriveLetter & "'", Default, $sComputer) = 2 Then
                $aResult[$iRow][2]= $aVolumeTypeMsg[2]
            Else
                $aResult[$iRow][2]= "Unknown"
            EndIf
        EndIf
        ; IsVolumeInitializedForProtection
        If _WMIPropertyExists($objDrive, "IsVolumeInitializedForProtection") Then
            $aResult[$iRow][3]  =   $objDrive.IsVolumeInitializedForProtection
        Else
            $aResult[$iRow][3]  =   "Unkown"
        EndIf
        ; ProtectionStatus
        $aResult[$iRow][4]      =   $aProtectionStatusMsg[$iProtectionStatus]
        ; LockStatus
        $aResult[$iRow][5]      =   $aLockStatusMsg[$iLockStatus + 1]
        ; IsAutoUnlockEnabled
        $aResult[$iRow][6]      =   $bIsAutoUnlockEnabled
        ; IsAutoUnlockEnabled
        $aResult[$iRow][7]      =   $bIsAutoUnlockKeyStored
        ; ConversionStatus
        $aResult[$iRow][8]      =   $aConversionStatusMsg[$iConversionStatus + 1]
        ; EncryptionMethod
        $aResult[$iRow][9]      =   $aEncryptionMethodMsg[$iEncryptionMethod + 1]
        ; EncryptionPercentage
        $aResult[$iRow][10]     =   $iEncryptionPercentage
        ; WipingStatus
        $aResult[$iRow][11]     =   $aWipingStatusMsg[$iWipingStatus + 1]
        ; WipingPercentage
        $aResult[$iRow][12]     =   $iWipingPercentage
        ; KeyProtectors
        $aResult[$iRow][13]     =   $aVolumeKeyProtectors

        $iRow += 1
    Next
    _ArraySort($aResult)
    Return $aResult
EndFunc   ;==>_BitlockerDriveInfo

Func _WMIPropertyExists($Object, $Property)
    If Not IsObj($Object) Then Return False
    For $sProperty In $Object.Properties_
        If $sProperty.Name = $Property Then Return True
    Next
    Return False
EndFunc   ;==>_WMIPropertyExists

Func _WMIMethodExists($Object, $Method)
    If Not IsObj($Object) Then Return False
    For $sMethod In $Object.Methods_
        If $sMethod.Name = $Method Then Return True
    Next
    Return False
EndFunc   ;==>_WMIMethodExists

Func _WMIPropertyValue($sProperty = "", $sClass = "", $sFilter = "", $sNamespace = Default, $sComputer = @ComputerName)
    Local $objWMIService, $objWMIQuery

    If $sClass = "" Or $sProperty = "" Then Return SetError(1, 0, 0)
    If $sFilter <> "" Then $sFilter = " " & $sFilter
    If $sNamespace = Default Then $sNamespace = "\root\CIMV2"

    $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate,authenticationLevel=pktPrivacy}!\\" & $sComputer & $sNamespace)
    If @error Then Return SetError(2, @error, 0)

    $objWMIQuery = $objWMIService.ExecQuery("SELECT * FROM " & $sClass & $sFilter, "WQL", 0x30)
    If Not IsObj($objWMIQuery) Then Return SetError(3, 0, 0)

    For $objItem In $objWMIQuery
        For $Property In $objItem.Properties_
            If $Property.Name = $sProperty Then
                Return $Property.Value
            EndIf
        Next
    Next

    Return SetError(4, 0, 0)
EndFunc   ;==>_WMIPropertyValue

 

Example 1:

#RequireAdmin
#include <array.au3>

; Get information on all available drives
Global $test = _BitlockerDriveInfo()
If @error Then
    ConsoleWrite("!> _BitlockerDriveInfo() error: " & @error & ". extended: " & @extended & @CRLF)
ElseIf IsArray($test) Then
    _ArrayDisplay($test, "Bitlocker Drive Info", "", 64, Default, "Drive Letter|Drive Label|Volume Type|Initialized For Protection|Protection Status|Lock Status|Auto Unlock Enabled|Auto Unlock Key Stored|Conversion Status|Encryption Method|Encryption Percentage|Wiping Status|Wiping Percentage|Key Protectors")
    ; Display the Key Protectors for the first record
    If IsArray($test[0][13]) Then _ArrayDisplay($test[0][13])
EndIf

Example 2:

#RequireAdmin
#include <array.au3>

; Get information on the C-drive of the current computer + show extra information in the console
Global $test = _BitlockerDriveInfo("C:", @ComputerName, True)
If @error Then
    ConsoleWrite("!> _BitlockerDriveInfo() error: " & @error & ". extended: " & @extended & @CRLF)
ElseIf IsArray($test) Then
    ConsoleWrite("Bitlocker information on the " & $test[0][0] & " drive" & @CRLF)
    ConsoleWrite("Protection Status: " & $test[0][4] & @CRLF)
EndIf

 

Screenshot for the first example:

5b7d3052055e9_2018-08-2211_42_42-Clipboard.thumb.png.362f5fa3339f81ad50fb018664af4afd.png

 

Suggestions? Bugs?

Just let me know

 

TODO:

  • ???

 

Version 1.0:

  • Initial release

Version 1.1:

  • Fixed: Drive Label will not work when you request the information from a remote system (currently using DriveGetLabel)
  • Fixed: The current fix for the missing VolumeType property in some Windows versions will only work locally
  • Added: New internal function (_WMIPropertyValue())

Version 1.2:

  • Fixed: The drive exists & drive type check only worked locally when a drive was specified in $sDrive
Edited by colombeen
Release v1.2
  • Like 3

Share this post


Link to post
Share on other sites
colombeen

Fixed the first bugs I found

Share this post


Link to post
Share on other sites
colombeen

Found some more bugs, fixed them :)

  • Like 1

Share this post


Link to post
Share on other sites
cbs803

it would be cool to be able to display encryption progress after activating bitlocker - i'm pretty sure could utilize your function to loop that information, what do you think?

Edited by cbs803

Share this post


Link to post
Share on other sites
cbs803
Global $a, $b, $c

$strComputer = @ComputerName
$objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & $strComputer & "\root\CIMV2\Security\MicrosoftVolumeEncryption")

While $b <> 100
    $objWMIQuery = $objWMIService.ExecQuery("SELECT * FROM Win32_EncryptableVolume WHERE DriveLetter='C:'", "WQL", 0)
    For $objDrive In $objWMIQuery
        $res = $objDrive.GetConversionStatus($a, $b, $c)
        ;Display Progress Text or increment a Progress Bar
        ;"Bitlocker Encryption in Progress (" & $b & "%)...")
        Sleep(1000)
    Next
WEnd

From your function - it helped me include Bitlocker Encryption Progress into my own GUI... Thankyou!!!!

Share this post


Link to post
Share on other sites
colombeen
; Use readable var names ;-)
Global $ConversionStatus, $EncryptionPercentage, $EncryptionFlags, $WipingStatus, $WipingPercentage

$strComputer = @ComputerName
$objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & $strComputer & "\root\CIMV2\Security\MicrosoftVolumeEncryption")

; $objWMIService error check
If @error Then Return False

While $EncryptionPercentage <> 100
    $objWMIQuery = $objWMIService.ExecQuery("SELECT * FROM Win32_EncryptableVolume WHERE DriveLetter='C:'", "WQL", 0)
    For $objDrive In $objWMIQuery
        ; https://docs.microsoft.com/en-us/windows/desktop/secprov/getconversionstatus-win32-encryptablevolume
        $res = $objDrive.GetConversionStatus($ConversionStatus, $EncryptionPercentage, $EncryptionFlags, $WipingStatus, $WipingPercentage)
        
        ; Display Progress Text or increment a Progress Bar
        ; "Bitlocker Encryption in Progress (" & $EncryptionPercentage & "%)...")
        Sleep(1000)
    Next
WEnd

Nice to see that someone can use it :)

Edited by colombeen

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • Beege
      By Beege
      I found this article and enjoyed it so much I had play with some code since the numbers are small enough. 
      https://thatsmaths.com/2016/08/11/a-toy-example-of-rsa-encryption/
       
      Standard Encryption's vs RSA Encryption (Public Key Encryption) Fundamental Differences
      If you read that and couldn't immediately clarify the difference then let me blow your mind because its simple:
      STANDARD ENCRYPTION'S:
      ORIGINAL_DATA + Password(or KEY) = Encrypted DATA
          Then to decrypt -> 
              Encrypted DATA + (SAME Password(or SAME KEY)) = ORIGINAL_DATA
              
      RSA:
              ORIGINAL_DATA + Password(or PUBLIC_KEY) = Encrypted DATA
          Then to decrypt -> 
              Encrypted DATA + (DIFFERENT Password(or PRIVATE_KEY)) = ORIGINAL_DATA
      Are we all caught up? Did the colors help? I think they did
      That's crazy right? Don't answer. It is. And crazier its used EVERY TIME we make a secure connection to a server over the internet. But here's the craziest part to me that I recently got clarity on from the toy example and that is the simplicity of this very very very very important algorithm that has yet to be cracked (fingers crossed):
                 Mod($vData ^ $key, $n)
          
      So ya. That's it. That's the magic algorithm. 3 values. Oh and $n is also a shared known value that will be in the certificate with the public key that your browser reads when it makes a connection:

      That's just mind blowing to me so couldn't resist getting something going in AUT. After playing with this code, I got a much better understanding of how its not just that algorithm that makes this whole thing possible. The numbers that we pick to form the public key and n are just as important and also how important it is to be random! 
      Let me know if you have any problems. Enjoy!
      #include <array.au3> _Toy_RSA_Example() ;https://thatsmaths.com/2016/08/11/a-toy-example-of-rsa-encryption/ Func _Toy_RSA_Example() Local $p, $q, $n, $nT, $e, $d Local $aPublicKeys, $aCrypt, $sDecrypt, $sMsg ;Pick two random primes (they will be between 1000-10000) $p = _GetRandomPrime() $q = _GetRandomPrime() $sMsg = 'p= %i \t\t| Prime 1 - [NOT SHARED!]\nq= %i \t\t| Prime 2 - [NOT SHARED!]\n' ;Calculate lowest common multiple $nT = _LCM($p - 1, $q - 1) $sMsg &= 'nT= %i \t| _LCM(p - 1,q - 1) - [NOT SHARED!]\n' ;Calculate n. This is a shared number $n = $p * $q $sMsg &= 'n= %i \t| p * q - [Shared]\n' ;Get a small random list of possible public keys to pick from. Only searching for 100ms $aPublicKeys = _GetPublicKeys($nT) _ArrayDisplay($aPublicKeys, "Possible Public Keys Found") ;Pick a random public (encryption) key from array $e = $aPublicKeys[Random(1, $aPublicKeys[0], 1)] $sMsg &= 'e= %i \t| Public (Encryption) Key - [Shared]\n' ;Generate our private (decryption) key $d = _GetPrivateKey($e, $nT) $sMsg &= 'd= %i \t| Private (Decryption) Key - [NOT SHARED!]\n' ;format our msg (rsa details) to encrypt $sMsg = StringFormat($sMsg, $p, $q, $nT, $n, $e, $d) ;encrypt message $aCrypt = _RSA($sMsg, $e, $n) _ArrayDisplay($aCrypt, 'Encrypted RSA messsage') ;Decrypt array back $sDecrypt = _RSA($aCrypt, $d, $n) MsgBox(0, 'Decrypted RSA messsage', $sDecrypt) EndFunc ;==>_Toy_RSA_Example ;Function will perfrom Mod($v ^ $key, $n) on each char/element. ;Excepts Arrays or Strings. If input is array a string is returned and vice versa. Func _RSA($vDat, $key, $n) Local $bIsStr = IsString($vDat) If $bIsStr Then $vDat = StringToASCIIArray($vDat) For $i = 0 To UBound($vDat) - 1 $vDat[$i] = _Modular($vDat[$i], $key, $n) Next Return $bIsStr ? $vDat : StringFromASCIIArray($vDat) EndFunc ;==>_RSA ;algorithm is from the book "Discrete Mathematics and Its Applications 5th Edition" by Kenneth H. Rosen. Func _Modular($iBase, $iExp, $iMod) ; Mod($v ^ $key, $n) Local $iPower = Mod($iBase, $iMod) Local $x = 1 For $i = 0 To (4 * 8) - 1 If BitAND(0x00000001, BitShift($iExp, $i)) Then $x = Mod(($x * $iPower), $iMod) EndIf $iPower = Mod(($iPower * $iPower), $iMod) Next Return $x EndFunc ;==>_Modular ;Generate a "random" list of possible valid public keys to choose from based on $nT Func _GetPublicKeys($nT, $iMs = 100) Do Local $aKeys[10000] = [0], $iTime = TimerInit() Local $i = (Mod(@SEC, 2) ? Int($nT / 2) : Int($nT / 4)) ; randomize where we start Do If _IsPrime($i) And _IsCoPrime($i, $nT) Then $aKeys[0] += 1 $aKeys[$aKeys[0]] = $i EndIf $i += (Mod(@MSEC, 2) ? 1 : 100) ; randomize step size Until ($i >= ($nT - 1)) Or (TimerDiff($iTime) > $iMs) ReDim $aKeys[$aKeys[0] + 1] Until $aKeys[0] > 5 ; Ive seen 200+ returned sometimes and 0 on others. Make sure we have at least a few choices Return $aKeys EndFunc ;==>_GetPublicKeys ;https://www.geeksforgeeks.org/multiplicative-inverse-under-modulo-m/ - _ModInverse(a,m) Func _GetPrivateKey($a, $m) If ($m = 1) Then Return 0 ; Local $t, $q, $y = 0, $x = 1, $m0 = $m While ($a > 1) $q = Int($a / $m) ;q is quotient $t = $m ; $m = Mod($a, $m) ;m is remainder now, process same as Euclid's algo $a = $t ; $t = $y ; $y = $x - $q * $y ;Update y and x $x = $t ; WEnd Return $x < 0 ? $x + $m0 : $x EndFunc ;==>_GetPrivateKey ;Pick the next nearest prime from a random number (or number you cho0se) Func _GetRandomPrime($iStart = Default) Local $iPrime = ($iStart = Default ? Random(1000, 10000, 1) : $iStart) Do $iPrime += 1 Until _IsPrime($iPrime) Return $iPrime EndFunc ;==>_GetRandomPrime #Region Math Functions Func _IsPrime($n) For $i = 2 To (Int($n ^ 0.5) + 1) If Mod($n, $i) = 0 Then Return False Next Return True EndFunc ;==>_IsPrime Func _IsCoPrime($a, $b) Return _GCD($a, $b) = 1 EndFunc ;==>_IsCoPrime Func _GCD($iX, $iY) Local $iM While 1 $iM = Mod($iX, $iY) If $iM = 0 Then Return $iY $iX = $iY $iY = $iM WEnd EndFunc ;==>_GCD Func _LCM($iX, $iY) Return ($iX * $iY) / _GCD($iX, $iY) EndFunc ;==>_LCM #EndRegion Math Functions  
      You should get a message box displaying the decrypted message with details of the values used:

       
      rsa.au3
    • SolemnStrike
      By SolemnStrike
      Hey, 
      I know the title sounds weird, but i couldn't find better words for it...
      I finally managed to have a working image search (yes yes i know image search is evil :p).
      I noticed that even if the script is compiled, the images have to be in my script folder.
      But i don't want that the images i'm searching for on the screen can be viewed, edited etc by every user.
      Is there a way to... uhm... put them in a file like .rar, but one that can't be easily opened? 🤔
       
      Edit: Now that i think of .rar, maybe using a .rar which is protected by a password... Can autoit search, open, extract, use and delete that? (I guess so, I didn't search for this yet, going to google that asap)
    • leomoon
      By leomoon
      Hello,
      I'm having trouble getting information from Win32_Processor:
      https://docs.microsoft.com/en-us/windows/desktop/CIMWin32Prov/win32-processor
      How does this WMI Query work? Let's say I need to query VMMonitorModeExtensions, Level, ProcessorId, and ProcessorType.
      How would this work?
      Thanks.
    • colombeen
      By colombeen
      Hi guys,
      I'm trying to get some information using WMI, from the Win32_EncryptableVolume class.
      I exec my query, filter out the C-drive, but when I need more info using the objects methods, I only get 1 value back and I can't seem to retrieve the other out params that should be there.
      A very minimal version of what I'm trying to do (no error checking etc, very basic). You need to start SciTE as admin or you won't see any results in the console!
      #RequireAdmin $strComputer = @ComputerName $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & $strComputer & "\root\CIMV2\Security\MicrosoftVolumeEncryption") $objWMIQuery = $objWMIService.ExecQuery("SELECT * FROM Win32_EncryptableVolume WHERE DriveLetter='C:'", "WQL", 0) For $objDrive In $objWMIQuery ConsoleWrite("> " & $objDrive.GetConversionStatus() & @CRLF) ConsoleWrite("> " & $objDrive.GetConversionStatus().ConversionStatus & @CRLF) ConsoleWrite("> " & $objDrive.GetConversionStatus().EncryptionPercentage & @CRLF) Next The result from the console is : 
      > 0 > > What I'm expecting to get back is : 
      > 0 > 0 > 0 When using powershell I get this (run as admin is required!!!) : 
      PS C:\WINDOWS\system32> (Get-WmiObject -namespace "Root\cimv2\security\MicrosoftVolumeEncryption" -ClassName "Win32_Encryptablevolume" -Filter "DriveLetter='C:'").GetConversionStatus() ... ConversionStatus : 0 EncryptionFlags : 0 EncryptionPercentage : 0 ReturnValue : 0 ... All I seem to be getting is the ReturnValue when I use the method.
      I've tried this on multiple methods, always ending up with the same result
      Anyone here who has experience with this type of thing?
       
      Greetz
      colombeen
×