Obtenir l'état d'intégrité global du centre de maintenance Windows [Code Source WD]

Bonjour tout le monde,

Pour ma première contribution au forum et si cela vous intéresse ou peut aider quelqu'un d'autre, vous trouverez ci-dessous un code plutôt simple qui permet de récupérer les informations de sécurité du centre de maintenance d'un poste local avec la fonction "WscGetSecurityProviderHealth" de l'API "Wscapi.dll".


Les constantes à déclarer pour utiliser la fonction "WscGetSecurityProviderHealth" :

Code (Text):

CONSTANT
   // WSC_SECURITY_PROVIDER enumeration (https://msdn.microsoft.com/en-us/library/bb432509(v=vs.85).aspx)
   WSC_SECURITY_PROVIDER_NONE = 0 // None of the items that WSC monitors (Wscapi.h).
   WSC_SECURITY_PROVIDER_FIREWALL = 1 // The aggregation of all firewalls for this computer (Wscapi.h).
   WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS = 2 // The automatic update settings for this computer (Wscapi.h).
   WSC_SECURITY_PROVIDER_ANTIVIRUS = 4 // The aggregation of all antivirus products for this computer (Wscapi.h).
   WSC_SECURITY_PROVIDER_ANTISPYWARE = 8 // The aggregation of all anti-spyware products for this computer (Wscapi.h).
   WSC_SECURITY_PROVIDER_INTERNET_SETTINGS = 16 // The settings that restrict the access of web sites in each of the Internet zones for this computer (Wscapi.h).
   WSC_SECURITY_PROVIDER_USER_ACCOUNT_CONTROL = 32 // The User Account Control (UAC) settings for this computer (Wscapi.h).
   WSC_SECURITY_PROVIDER_SERVICE = 64 // The running state of the WSC service on this computer (Wscapi.h).
   WSC_SECURITY_PROVIDER_ALL = WSC_SECURITY_PROVIDER_FIREWALL + WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS + WSC_SECURITY_PROVIDER_ANTIVIRUS + ...
   WSC_SECURITY_PROVIDER_ANTISPYWARE + WSC_SECURITY_PROVIDER_INTERNET_SETTINGS + WSC_SECURITY_PROVIDER_USER_ACCOUNT_CONTROL + WSC_SECURITY_PROVIDER_SERVICE // All of the items that the WSC monitors (Wscapi.h).
 
   // WSC_SECURITY_PROVIDER_HEALTH enumeration (https://msdn.microsoft.com/en-us/library/bb432510(v=vs.85).aspx)
   WSC_SECURITY_PROVIDER_HEALTH_GOOD = 0 // The status of the security provider category is good and does not need user attention (Wscapi.h).
   WSC_SECURITY_PROVIDER_HEALTH_NOTMONITORED = 1 // The status of the security provider category is not monitored by WSC (Wscapi.h).
   WSC_SECURITY_PROVIDER_HEALTH_POOR = 2 // The status of the security provider category is poor and the computer may be at risk (Wscapi.h).
   WSC_SECURITY_PROVIDER_HEALTH_SNOOZE = 3 // The security provider category is in snooze state. Snooze indicates that WSC is not actively protecting the computer (Wscapi.h).
 
   S_FALSE = 0x00000001 // Generic HRESULT pour false (winerror.h).          
FIN
 

La fonction à déclarer pour utiliser la fonction "WscGetSecurityProviderHealth" :

Code (Text):

// Résumé : The WscGetSecurityProviderHealth function gets the aggregate health state of the security provider categories represented by the specified WSC_SECURITY_PROVIDER enumeration values.
// Syntaxe :
//[ <Résultat> = ] WscGetSecurityProviderHealth (<nProviders> est entier sans signe sur 4 octets)
//
// Paramètres :
//   nProviders (entier sans signe sur 4 octets) : One or more of the values in the WSC_SECURITY_PROVIDER enumeration.
// Valeur de retour :
//    entier : //    A variable that takes the value of one of the members of the WSC_SECURITY_PROVIDER_HEALTH enumeration. If the WSC service is not running, the return value is always -1.
//
// Exemple :
// https://msdn.microsoft.com/en-us/library/bb432506(v=vs.85).aspx
//
PROCEDURE WscGetSecurityProviderHealth(LOCAL nProviders est un entier sans signe sur 4 octets)

LOCAL
   nError est un entier = 0
   nHealth est un entier = 0
 
nError = API("wscapi.dll","WscGetSecurityProviderHealth",nProviders,&nHealth)

SI (nError = S_FALSE) ALORS
   nError = -1
   RENVOYER(nError)
FIN

RENVOYER(nHealth)
 

La DLL à charger :

Code (Text):

gnMy_DLL est un entier = 0
gnMy_DLL = ChargeDLL("Wscapi.dll")
 

Le code pour utiliser la fonction "WscGetSecurityProviderHealth" :

Code (Text):

LOCAL
   nResult est un entier
   nProvider est un entier sans signe sur 4 octets = 0

POUR x = 1 A 8
 
   SELON x
       CAS 1 : nProvider = WSC_SECURITY_PROVIDER_FIREWALL
       CAS 2 : nProvider = WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS
       CAS 3 : nProvider = WSC_SECURITY_PROVIDER_ANTIVIRUS
       CAS 4 : nProvider = WSC_SECURITY_PROVIDER_ANTISPYWARE
       CAS 5 : nProvider = WSC_SECURITY_PROVIDER_INTERNET_SETTINGS
       CAS 6 : nProvider = WSC_SECURITY_PROVIDER_USER_ACCOUNT_CONTROL
       CAS 7 : nProvider = WSC_SECURITY_PROVIDER_SERVICE
       CAS 8 : nProvider = WSC_SECURITY_PROVIDER_ALL
       AUTRE CAS
           nProvider = WSC_SECURITY_PROVIDER_NONE
   FIN
 
   nResult = WscGetSecurityProviderHealth(nProvider)
 
   SI (nResult <> -1) ALORS
     
       SELON (nProvider)
           CAS WSC_SECURITY_PROVIDER_FIREWALL:
               Trace("The aggregation of all firewalls for this computer : ")
           CAS WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS:
               Trace("The automatic update settings for this computer : ")
           CAS WSC_SECURITY_PROVIDER_ANTIVIRUS:
               Trace("The aggregation of all antivirus products for this computer : ")
           CAS WSC_SECURITY_PROVIDER_ANTISPYWARE:
               Trace("The aggregation of all anti-spyware products for this computer : ")
           CAS WSC_SECURITY_PROVIDER_INTERNET_SETTINGS:
               Trace("The settings that restrict the access of web sites in each of the Internet zones for this computer : ")
           CAS WSC_SECURITY_PROVIDER_USER_ACCOUNT_CONTROL:
               Trace("The User Account Control (UAC) settings for this computer : ")
           CAS WSC_SECURITY_PROVIDER_SERVICE:
               Trace("The running state of the WSC service on this computer : ")
           CAS WSC_SECURITY_PROVIDER_ALL:
               Trace("All of the items that the WSC monitors : ")
           CAS WSC_SECURITY_PROVIDER_NONE:
               Trace("None of the items that WSC monitors : ")        
       FIN
     
       SELON nResult
           CAS WSC_SECURITY_PROVIDER_HEALTH_GOOD:
               Trace("The status of the security provider category is good and does not need user attention.")
           CAS WSC_SECURITY_PROVIDER_HEALTH_NOTMONITORED:
               Trace("The status of the security provider category is not monitored by WSC.")
           CAS WSC_SECURITY_PROVIDER_HEALTH_POOR:
               Trace("The status of the security provider category is poor and the computer may be at risk.")
           CAS WSC_SECURITY_PROVIDER_HEALTH_SNOOZE:
               Trace("The security provider category is in snooze state.")    
       FIN
     
       Trace(RC)
   SINON
       Trace("the WSC service is not running or WscGetSecurityProviderHealth function is failed.")
   FIN
FIN
 

La DLL à décharger :

Code (Text):

SI (gnMy_DLL) ALORS DéchargeDLL(gnMy_DLL)
 

Voila c'est fini. Maintenant vous pouvez connaitre l'état du firewall, de l'antivirus, de l'UAC, etc...
Si vous avez des commentaires, je suis preneur.

Bien cordialement,

Suite :

Bonjour visiteur, Merci de vous Inscrire ou de vous connectez pour voir les liens!

 

Hello cela correspond bien au statut de ton centre de sécurité ?

Cordialement

 

Bonjour visiteur, Merci de vous Inscrire ou de vous connectez pour voir les liens!

Oui presque.

Merci pour le partage.

Cliquez pour agrandir...