-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathConnectWise ScreenConnect - Delete Device.ps1
82 lines (64 loc) · 2.42 KB
/
ConnectWise ScreenConnect - Delete Device.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
<#
.NOTES
===========================================================================
Created on: 05/22/2024
Updated on: 05/22/2024
Created by: James Krolik
===========================================================================
.DESCRIPTION
This script is designed to delete devices out of ScreenConnect.
#>
$baseURL = ""
$loginURL = $baseURL + "/login"
#Credentials to the website.
$username = ""
$password = ""
#The session ID of the device to delete.
#This will be the GUID string between the name of the group in the URL and the training /Start.
#Example: https://screenconnect.yourorg.net/Workstations/50a2680d-9242-49fc-b75f-fac55ba59da2/Start, the session ID would be 50a2680d-9242-49fc-b75f-fac55ba59da2.
$sessionID = ""
#Query the main website to establish a session token.
$webrequest = Invoke-WebRequest -uri $loginURL
$response = $webrequest.RawContent
# Regular expression pattern to extract text between"antiForgeryToken":" and ",
$pattern = '"antiForgeryToken":"([^"]+)"'
# Perform the regex match
if ($response -match $pattern) {
# Extracted text
$antiForgeryToken = $matches[1]
} else {
$antiForgeryToken = "blank"
}
#Update the login URL
$loginURL = $baseURL + "/Services/AuthenticationService.ashx/TryLogin"
$headers = @{
"Content-Type" = "application/json"
"Origin" = "$baseURL"
"X-Anti-Forgery-Token" = $antiForgeryToken
}
$Params = @{
"URI" = "$loginURL"
"Method" = 'POST'
}
$body = '["' + $username + '","' + $password + '",null,null,null]'
#Authenticate to the website and establish the session.
$response = invoke-webrequest @Params -Body $body -Headers $headers -SessionVariable screenConnectSession
#Retrieve the cookie from the authentication response
$cookie = $response.headers.'Set-Cookie'
$sessionsURL = $baseURL + "/Services/PageService.ashx/AddSessionEvents"
$headers = @{
"Content-Type" = "application/json"
"X-Anti-Forgery-Token" = "$antiForgeryToken"
"Cookie" = "$cookie"
}
$Params = @{
"URI" = "$sessionsURL"
"Method" = 'POST'
}
#EventType 21 is 'Delete'
#EventType 100 is 'Uninstall and Delete'
#EventType 41 is 'Uninstall'
$body = '[["Workstations"],[{"SessionID":"' + $sessionID + '","EventType":21}]]'
#POST to process the deletion
$response = invoke-webrequest @Params -Body $body -Headers $headers -WebSession $screenConnectSession
#Expected response code should be 200 with a description of OK