-
-
Notifications
You must be signed in to change notification settings - Fork 172
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Desktop Notification for Blocked Scripts #264
Comments
Hi, thank you for the report. I could not reproduce this on W10 22H2, even when I copy pasted your gist manually and after triggering a scan manually.
I can guess that this happens because of I'm not sure how to solve this 🤔 |
A false positive that can be safely ignored. |
@undergroundwires it could be good to add some instructions for user how to ignore it. Notification on a script blocked by Windows Defender, at least. Now it looks like the program just does nothing, very confusing to user. Possible block check method: write script, then read it. If we can not read what we wrote - than likely the script was blocked by antivirus software. |
Good idea. It makes sense. But then it will be desktop-app only functionality right? We can not get it working on browser. |
Of course, for desktop only. |
I will implement this, thank you for the idea again |
I suddenly start getting this when I run the command by copy pasting.
I realize that we do not even need to run this script as TrustedInstaller but can just take ownership of the files before deleting them. I will change the implementation of this so it does not get flagged like this. |
This commit improves the security, reliability, and robustness of directory cleanup operations on Windows. The focus is shifted from deleting entire directories to purging their contents, addressing potential unintended side effects. Previously, numerous directories were removed, which could destabilize system behavior. This improvement has crucial security implications. The prior approach involved changing ownership and assigning permissions to the directory itself, leading to an altered and potentially less secure OS security posture. Directory removal improvements include: - Output user-friendly messages. - Improved ownership and permission handling for file deletion. - Explicit shared functions for enhanced reliability/security. - Centralized way to delete glob (wildcard) patterns in Windows. Notable script improvements: - 'Clear Steam dumps, logs, and traces': - Convert the script to a category to provide more granularity. - Improve cache cleaning, ensuring the entire cache directory is cleared, not just the log files. - 'Clear "Temporary Internet Files" (browser cache)': - Add more documentation. - Grant necessary permissions to folders, fixing errors due to lack of permissions before. - 'Clear Windows Update Medic Service logs': - Remove redundant permission grants, as they are unnecessary in recent Windows versions. - 'Clear Server-initiated Healing Events system logs', 'Clear Windows Update events logs': - Merge due to identical functionalities. - Add more documentation. - 'Clear Defender scan (protection) history': - Remove the execution with `TrustedInstallerPrivileges`, uniformly using `grantPermissions` as with other scripts. This addresses the false-positive alerts from Microsoft Defender, as discussed in #264. - 'Clear "Temporary Internet Files" (browser cache)': - Retain `INetCache` and `Temporary Internet Files` directories, purging only their contents. This approach aims to resolve the issue mentioned in #145, where the absence of these folders could prevent Microsoft Office applications from launching.
This commit improves the security, reliability, and robustness of directory cleanup operations on Windows. The focus is shifted from deleting entire directories to purging their contents, addressing potential unintended side effects. Previously, numerous directories were removed, which could destabilize system behavior. This improvement has crucial security implications. The prior approach involved changing ownership and assigning permissions to the directory itself, leading to an altered and potentially less secure OS security posture. Directory removal improvements include: - Output user-friendly messages. - Improved ownership and permission handling for file deletion. - Explicit shared functions for enhanced reliability/security. - Centralized way to delete glob (wildcard) patterns in Windows. Notable script improvements: - 'Clear Steam dumps, logs, and traces': - Convert the script to a category to provide more granularity. - Improve cache cleaning, ensuring the entire cache directory is cleared, not just the log files. - 'Clear "Temporary Internet Files" (browser cache)': - Add more documentation. - Grant necessary permissions to folders, fixing errors due to lack of permissions before. - 'Clear Windows Update Medic Service logs': - Remove redundant permission grants, as they are unnecessary in recent Windows versions. - 'Clear Server-initiated Healing Events system logs', 'Clear Windows Update events logs': - Merge due to identical functionalities. - Add more documentation. - 'Clear Defender scan (protection) history': - Remove the execution with `TrustedInstallerPrivileges`, uniformly using `grantPermissions` as with other scripts. This addresses the false-positive alerts from Microsoft Defender, as discussed in #264. - 'Clear "Temporary Internet Files" (browser cache)': - Retain `INetCache` and `Temporary Internet Files` directories, purging only their contents. This approach aims to resolve the issue mentioned in #145, where the absence of these folders could prevent Microsoft Office applications from launching.
I don't know what happened but privacy.sexy suddenly cannot run any scripts anymore, not only the ones removed by Defender. I tested with |
privacy.sexy 0.12.5 Just successfully ran "Disable OS data collection/Disable Windows telemetry and data collection/Disable error reporting". |
I will add support for showing system dialogs to solve this. It will also enable functionality where we can prompt for creating a restore point before running the scripts as requested in #50. |
- Fix inability to execute scripts on Windows (tested on Windows 11 22H3 and Windows 10 22H2). The reason for this is unknown, but most likely related to Node / Electron. - Show dialogs information users if the file cannot be executed with a user-friendly message, resolving #264. - Rename `CommandOps` to `ShellOps`. TODO: Move CodeRunner to Renderer process instead of all these node methods TODO: Rename NodeOperations to something that covers electron too. Add missing unit tests. Windows 11 2H3 Other changes: - Add support for native system dialogs: - Create `presentation/common/Dialogs`. - Move existing `SaveFileDialog` implementation there for better structuring. - Improve security by exposing less Node APIs to renderer process but only the code execution function. - Generate timestamped filenames for executed scripts for easier debugging. - Quote paths for macOS and Linux to ensure that they can handle when path name includes whitespace or `'` character (edge cases, should not reallly happen). - Refactor related interfaces naming to exclude `I` prefix. - Update `architecture.md` and domain-driven design diagram to match the target architecture correctly.
This commit enhances application security against potential attacks by isolating dependencies that access the host system (like file operations) from the renderer process. It narrows the exposed functionality to script execution only, adding an extra security layer. The changes allow secure and scalable API exposure, preparing for future functionalities such as desktop notifications for script errors (#264), improved script execution handling (#296), and creating restore points (#50) in a secure and repeatable way. Changes include: - Inject `CodeRunner` into Vue components via dependency injection. - Move `CodeRunner` to the application layer as an abstraction for better domain-driven design alignment. - Refactor `SystemOperations` and related interfaces, removing the `I` prefix. - Update architecture documentation for clarity. - Update return types in `NodeSystemOperations` to match the Node APIs. - Improve `WindowVariablesProvider` integration tests for better error context. - Centralize type checks with common functions like `isArray` and `isNumber`. - Change `CodeRunner` to use `os` parameter, ensuring correct window variable injection. - Streamline API exposure to the renderer process: - Automatically bind function contexts to prevent loss of original context. - Implement a way to create facades (wrapper/proxy objects) for increased security.
This commit addresses an issue in the privacy.sexy desktop application where scripts executed as administrator on Windows were running in the background. This was observed in environments like Windows Pro VMs on Azure, where operations typically run with administrative privileges. Previously, the application used the `"$path"` shell command to execute scripts. This mechanism failed to activate the logic for requesting admin privileges if the app itself was running as an administrator. To resolve this, the script execution process has been modified to explicitly ask for administrator privileges using the `VerbAs` method. This ensures that the script always runs in a new `cmd.exe` window, enhancing visibility and user interaction. Other supporting changes: - Rename the generated script file from `run-{timestamp}-{extension}` er to `{timestamp}-privacy-script-{extension}` for clearer identification and better file sorting. - Refactor `ScriptFileCreator` to parameterize file extension and script name. - Rename `OsTimestampedFilenameGenerator` to `TimestampedFilenameGenerator` to better reflect its new and more scoped functionality after refactoring mentioned abvoe. - Remove `setAppName()` due to ineffective behavior in Windows. - Update `SECURITY.md` to highlight that the app doesn't require admin rights for standard operations. - Add `.editorconfig` settings for PowerShell scripts. - Add a integration test for script execution logic. Improve environment detection for more reliable test execution. - Disable application logging during unit/integration tests to keep test outputs clean and focused.
Update: Several minor issues affecting script execution reliability have been resolved. The primary cause of the script execution failure I experienced was due to privacy.sexy app and its generated script executing as administrator by default on Windows which led to it running in the background without any visible window. This is fixed will be included in an upcoming patch release. I'm also working on integrating an informative dialog to alert users when script execution fails, including due to missing file. Hopefully I can make it to next release. Meanwhile I'm looking for feedback for a long term solution in #304. |
This commit introduces native operating system file dialogs in the desktop application replacing the existing web-based dialogs. It lays the foundation for future enhancements such as: - Providing error messages when saving or executing files, addressing #264. - Creating system restore points, addressing #50. Documentation updates: - Update `desktop-vs-web-features.md` with added functionality. - Update `README.md` with security feature highlights. - Update home page documentation to emphasize security features. Other supporting changes include: - Integrate IPC communication channels for secure Electron dialog API interactions. - Refactor `IpcRegistration` for more type-safety and simplicity. - Introduce a Vue hook to encapsulate dialog functionality. - Improve errors during IPC registration for easier troubleshooting. - Move `ClientLoggerFactory` for consistency in hooks organization and remove `LoggerFactory` interface for simplicity. - Add tests for the save file dialog in the browser context. - Add `Blob` polyfill in tests to compensate for the missing `blob.text()` function in `jsdom` (see jsdom/jsdom#2555). Improve environment detection logic: - Treat test environment as browser environments to correctly activate features based on the environment. This resolves issues where the environment is misidentified as desktop, but Electron preloader APIs are missing. - Rename `isDesktop` environment identification variable to `isRunningAsDesktopApplication` for better clarity and to avoid confusion with desktop environments in web/browser/test environments. - Simplify `BrowserRuntimeEnvironment` to consistently detect non-desktop application environments. - Improve environment detection for Electron main process (electron/electron#2288).
This commit introduces system-native error dialogs on desktop application for code save or execution failures, addressing user confusion described in issue #264. This commit adds informative feedback when script execution or saving fails. Changes: - Implement support for system-native error dialogs. - Refactor `CodeRunner` and `Dialog` interfaces and their implementations to improve error handling and provide better type safety. - Introduce structured error handling, allowing UI to display detailed error messages. - Replace error throwing with an error object interface for controlled handling. This ensures that errors are propagated to the renderer process without being limited by Electron's error object serialization limitations as detailed in electron/electron#24427. - Add logging for dialog actions to aid in troubleshooting. - Rename `fileName` to `defaultFilename` in `saveFile` functions to clarify its purpose. - Centralize message assertion in `LoggerStub` for consistency. - Introduce `expectTrue` in tests for clearer boolean assertions. - Standardize `filename` usage across the codebase. - Enhance existing test names and organization for clarity. - Update related documentation.
This commit addresses issues #264 and #304, where users were not receiving error messages when script execution failed due to antivirus intervention, particularly with Microsoft Defender. Now, desktop app users will see a detailed error message with guidance on next steps if script saving or execution fails due to antivirus removal. Key changes: - Implement a check to detect failure in file writing, including reading the written file back. This method effectively detects antivirus interventions, as the read operation triggers an antivirus scan, leading to file deletion by the antivirus. - Introduce a specific error message for scenarios where an antivirus intervention is detected.
0.12.10 works fine for me. But now I can't test Defender blocking scripts, it's not a stable behavior. Thanks for fixing this👍 |
Description
Privacy cleanup/Clear Windows logs & caches creates script blocked by Windows Defender:
Trojan:PowerShell/MpTamperPShell.HB
OS
Windows 11 22H2 build 22621.2361
privacy.sexy v0.12.4
Reproduction steps
Scripts
https://gist.github.com/selivan/8f390c995dcb282a49f89d26b185274b
Screenshots
Additional information
The text was updated successfully, but these errors were encountered: