You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This prevents running put_and_run ffc.exe -CommandLine "-cid yolocid". Ah, if only FFC could figure out the CID automatically from the registry, since it won't accept a different CID than the registry one.
Sure, we could write an ugly wrapper like (@{"AG"="AID";"CU"="CID";}.GetEnumerator()|%{$k=$_.Name;$d=$_.Value;$c=(gp "HKLM:\SYSTEM\CrowdStrike\{9b03c1d9-3138-44ed-9fae-d9f4c034b88d}\{16e0423f-7058-48c9-a204-725362b67639}\Default" -name $k).$k;$s=256-(($c|measure -Sum).Sum%256);$i=(($c|% tostring "x2")-join"")+"-"+(([int]$s).ToString("x2"));echo "${d}: $i";})|sort but, uh, that defeats the vrey point of having a dedicated binary hehe.
Also, there is a bug with the queued -q system when trying to launch the same commands ( ex: ffc :D ) that pops the following error when a host isn't online. This second one is likely worth its separate issue, and might not be tied to falcon-toolkit specifically. Happy new year :D
caracara.common.exceptions.InvalidOnlineState: [500] Invalid online state 'None'. Expected one of ['online', 'offline', 'unknown'].
The text was updated successfully, but these errors were encountered:
Happy new year :D !
This prevents running
put_and_run ffc.exe -CommandLine "-cid yolocid". Ah, if only FFC could figure out the CID automatically from the registry, since it won't accept a different CID than the registry one.Sure, we could write an ugly wrapper like
(@{"AG"="AID";"CU"="CID";}.GetEnumerator()|%{$k=$_.Name;$d=$_.Value;$c=(gp "HKLM:\SYSTEM\CrowdStrike\{9b03c1d9-3138-44ed-9fae-d9f4c034b88d}\{16e0423f-7058-48c9-a204-725362b67639}\Default" -name $k).$k;$s=256-(($c|measure -Sum).Sum%256);$i=(($c|% tostring "x2")-join"")+"-"+(([int]$s).ToString("x2"));echo "${d}: $i";})|sortbut, uh, that defeats the vrey point of having a dedicated binary hehe.Also, there is a bug with the queued
-qsystem when trying to launch the same commands ( ex: ffc :D ) that pops the following error when a host isn't online. This second one is likely worth its separate issue, and might not be tied to falcon-toolkit specifically. Happy new year :DThe text was updated successfully, but these errors were encountered: