Skip to content

Instantly share code, notes, and snippets.

@api0cradle
Created May 19, 2023 14:13

Revisions

  1. api0cradle created this gist May 19, 2023.
    21 changes: 21 additions & 0 deletions check_vulnerabledrivers.ps1
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,21 @@
    # Simple script to check drivers in C:\windows\system32\drivers against the loldrivers list
    # Author: Oddvar Moe - @oddvar.moe

    $drivers = get-childitem -Path c:\windows\system32\drivers
    $web_client = new-object system.net.webclient
    $loldrivers = $web_client.DownloadString(" https://www.loldrivers.io/api/drivers.json") | ConvertFrom-Json

    Write-output("Checking {0} drivers in C:\windows\system32\drivers against loldrivers.io json file" -f $drivers.Count)
    foreach ($lol in $loldrivers.KnownVulnerableSamples)
    {
    # Check for matching driver name
    if($drivers.Name -contains $lol.Filename)
    {
    #CHECK HASH
    $Hash = Get-FileHash -Path "c:\windows\system32\drivers\$($lol.Filename)"
    if($lol.Sha256 -eq $Hash.Hash)
    {
    write-output("The drivername {0} is vulnerable with a matching SHA256 hash of {1}" -f $lol.Filename, $lol.SHA256)
    }
    }
    }