Many of my previous posts are related to things we are required to do from an Information Assurance compliancy standpoint. This is yet another, and is somewhat a follow-on to my last post.
What I'm doing is checking the .Net Framework configuration on machines. The majority of the checks are fairly simple. Here is a sample function:
function chk-30968
{
param ($check)
if(([xml](gc $check)).configuration.runtime.loadfromremotesources.enabled)
{
return([bool]([xml](gc $check)).configuration.runtime.loadfromremotesources.enabled.equals("true"))
}
}
I figured scripting it is easier, since the document we follow tells us to search for all *.exe.config and machine.config files on the machine, then search for specific strings. One machine is fine, but when you have to do this over and over again, against potentially thousands of machines.... Anyone on here who works for DoD probably gets what I'm talking about.
Anyway... A couple of the checks refer to running caspol.exe looking for StrongNamesMembershipCondition and PublishersMembershipCondition.
We can see what is returned by caspol in security.config/enterprisesec.config on some machines. Some machines do not have either file. I assume that is because no changes have ever been made either by a person or by an application that is installed.
Is there a way to get this information by making a call to an assembly in mscorlib.dll? I've found information on loading an assembly, but cannot find anything on making calls.
I can Add-Type -AssemblyName"mscorlib.dll" or [Reflection.Assembly]::LoadFrom("$path\mscorlib.dll"), but am stuck on how to access anything through the assembly.
aTdHvAaNnKcSe