Installer updates

[day1player]

Created debloater.vm package

• Added the following functions to common.vm from recent Commando release:

VM-Remove-Appx-Package
VM-Set-Service-Manual-Start
VM-Disable-Scheduled-Task
VM-Update-Registry-Value
VM-Remove-Path
VM-Execute-Custom-Command
VM-Apply-Configurations

• Added VM-Get-WindowsVersion function to common.vm to identify Win10, Win11, or Win11ARM installations
• Created win10, win11, and win11ARM config files
  • Config files for win11 and win11arm are mostly placeholders for now

Created installer.vm package

• Moved failed_packages.txt to $Env:VM_COMMON_DIR
  • Mostly for aesthetic reasons. Failed packages log is printed to console output if people need it. Plus we know where it will be if we need to troubleshoot
• Changed background image setting from 6 (fit) to 0 (center)
  • This allows for more customization of the desktop background especially for Commando. Also allows reuse of images from readme.md and the background setting
  • Should still work with flarevm's current background
• Important: Changed variable/file name config.xml (previously holding package and variables) to packages.xml to avoid confusion with the new custom configs that can be supported
  • Installer script for Mandiant VMs should now place a packages.xml file AND a config.xml file into $Env:VM_COMMON_DIR
  • installer.vm now expects packages to be listed in the packages.xml file
  • installer.vm now expects OS configurations to be listed in the config.xml file
• Created new prompt dialog box that will force itself to be the top window
  • Added functionality to include a custom .ico file (expected in $Env:VM_COMMON_DIR\vm.ico)
  • Expects a variable $Env:MandiantVM to exist (explained below)
• Added function to change icon of Desktop Tools folder (using the custom .ico file above)
  • More changes to this folder listed below
• No longer popping log.txt for cleaner exit of installation
  • log locations are still listed at the close of installation if needed
• Fixed bug where installed apps were not being logged to log.txt
• Moved Get-InstalledPackages function to common.vm

Changes/additions to common.vm

• Added VM-Configure-Prompts function to add "Mandiant VM" and timestamps to PowerShell and cmd
  • Important: Above "Mandiant VM" is a placeholder. Added an environment variable in Commando installer script to set this variable (set to Commando VM). When the script runs on Commando the PS Prompt will now be "Commando VM" but when Flare VM is updated it will read "Flare VM"
  • Expects a variable $Env:MandiantVM to exist
• Added VM-Configure-PS-Logging function
• Changed location of Desktop Tools folder to actually be on the desktop
  • This does not affect RAW_TOOLS_DIR as that is different.. This folder is just the folder with all the shortcuts
  • This was originally located in the Start Menu which I believe was a legacy Win7 thing
  • By moving the folder to the desktop itself we can now configure a custom .ico file for the folder for ultimate flexing
• Removed TOOL_LIST_SHORTCUT because this variable is not referenced by any of our packages or install scripts. This function is also what used to create the shortcut on the desktop, and now that the Tools folder lives on the desktop (Not the RAW_TOOLS_DIR, just the folder that hosts all the other shortcuts) we dont need the shortcut
• Added all of the functions mentioned above

[mr-tz]

I didn't review in detail, but looks good. Please consider adding documentation updates to the README and Wiki, where appropriate.

[Ana06]

Thanks for submitting this PR @day1player! 😄

In case you haven't noticed it, the linter is not happy 😬

[Ana06]

Similarly as before, you can't use the result ofRemove-AppxProvisionedPackage to text if it succeeded. An example:

[day1player]

In case you haven't noticed it, the linter is not happy 😬

I did, and I think I fixed what I could! The remaining errors are that the installer and debloater dont have a category (they shouldnt) and that the erroractionpreference in the installer isnt set to stop (I copied from the other installer)

[Ana06]

I did, and I think I fixed what I could! The remaining errors are that the installer and debloater dont have a category (they shouldnt) and that the erroractionpreference in the installer isnt set to stop (I copied from the other installer)

For things that doesn't make sense to fix, you need to exclude the package in the linter as we do for example here:
https://github.com/mandiant/VM-Packages/blob/main/scripts/test/lint.py#L310

This way we know in future PR what things need to be tested for what package 😉

[Ana06]

Thanks for the changes. I think we just need to fix the linter (and ensure the rest of the CI succeeds) and we are good to go! 👍

Can you please squash the commits (to several small commits with related changes removing the half-way work or just a big one) in oder to keep a clean commit history without fix/updates commits? Alternatively, you can use squash and merge when merging that will combine the PR int a single commit.

[day1player]

I think we just need to fix the linter

Done! I think we just need the PR approved and I can merge it.

[Ana06]

The tests fail. I think we want to exclude the installer from the tests as we do with the current installer: https://github.com/mandiant/VM-Packages/blob/main/scripts/test/test_install.ps1#L42 It is failing because it doesn't find the config file. But the real issue with testing the installer is that it installs other packages.

[MalwareMechanic]

Some minor changes plz, then should be gtg

[Ana06]

🎉

Please remember to use squash and merge 😄