Added the functionality to download remediation scripts

device/windows.py

@@ -397,6 +397,33 @@ def download_apps(self, mdmpfx):
         os.remove(certpath)
         os.remove(keypath)
 
+    def download_remediation_scripts(self, mdmpfx):
+        certpath = 'pytune_mdm.crt'
+        keypath = 'pytune_mdm.key'
+        extract_pfx(mdmpfx, certpath, keypath)
+
+        ime = IME(self.device_name, certpath, keypath)
+
+        self.logger.info(f'downloading remediation scripts...')
+        scripts = ime.get_remediation_scripts()
+        if len(scripts) == 0:
+            self.logger.error(f'available remediation scripts not found')
+        else:
+            self.logger.alert(f'remediation scripts found!')
+            i = 1
+            for script in scripts:
+                self.logger.info(f'#{i} (Remediation/Policy ID:{script["PolicyId"]}):\n')
+                print("Detection Script Parameters:" + script["PolicyScriptParameters"])
+                print("Detection Script:")
+                print(base64.b64decode(script["PolicyBody"]).decode('utf-8') + '\n')
+                print("Remediation Script Parameters:" + script["RemediationScriptParameters"])
+                print("Remediation Script:")
+                print(base64.b64decode(script["RemediationScript"]).decode('utf-8') + '\n')
+                i=i+1
+
+        os.remove(certpath)
+        os.remove(keypath)
+
 class IME():
     def __init__(self, device_name, certpath, keypath):
         self.device_name = device_name
@@ -497,6 +524,27 @@ def get_selected_app(self):
         response_payload = response.json()['ResponsePayload']
         decompressed_string = self.decompress_string(response_payload)
         return json.loads(decompressed_string)
+
+    def get_remediation_scripts(self):
+
+        sidecar_url = self.resolve_service_address()
+        sessionid = str(uuid.uuid4())
+        data = self.create_request_data(sessionid, "GetScript")
+
+        headers = {
+            'Content-Type': 'application/json; charset=utf-8',
+            'Prefer': 'return-content',
+        }
+
+        response = requests.put(
+            url=f'{sidecar_url}/SideCarGatewaySessions(\'{sessionid}\')?api-version=1.5',
+            cert=(self.certpath, self.keypath),
+            data=json.dumps(data),
+            headers=headers,
+            )
+
+        response_payload = response.json()['ResponsePayload']
+        return json.loads(response_payload)
 
     def get_content_info(self, assigned_app):
         sidecar_url = self.resolve_service_address()

pytune.py

@@ -91,6 +91,10 @@ def check_compliant(self, os, username, password, refresh_token, certpfx, proxy)
     def download_apps(self, device_name, mdmpfx, proxy):
         device = self.new_device('Windows', device_name, None, None, None, None, proxy)
         device.download_apps(mdmpfx)
+
+    def download_remediation_scripts(self, device_name, mdmpfx, proxy):
+        device = self.new_device('Windows', device_name, None, None, None, None, proxy)
+        device.download_remediation_scripts(mdmpfx)
 
 def main():
     description = f"{banner}"
@@ -145,6 +149,10 @@ def main():
     download_apps_intune_parser.add_argument('-m', '--mdmpfx', required=True, action='store', help='mdm pfx path')
     download_apps_intune_parser.add_argument('-d', '--device_name', required=True, action='store', help='device name')
 
+    download_apps_intune_parser = subparsers.add_parser('get_remediations', help='download available remediation scripts (only Windows supported since I\'m lazy)')
+    download_apps_intune_parser.add_argument('-m', '--mdmpfx', required=True, action='store', help='mdm pfx path')
+    download_apps_intune_parser.add_argument('-d', '--device_name', required=True, action='store', help='device name')
+
     args = parser.parse_args()
     proxy=None
     if args.proxy:
@@ -170,6 +178,8 @@ def main():
         pytune.check_compliant(args.os, args.username, args.password, args.refresh_token, args.certpfx, proxy)                
     if args.command == 'download_apps':
         pytune.download_apps(args.device_name, args.mdmpfx, proxy)        
+    if args.command == 'get_remediations':
+        pytune.download_remediation_scripts(args.device_name, args.mdmpfx, proxy)  
 
 if __name__ == "__main__":
     main()