Remotely push new client updates.
NOTE: This artifact requires that you supply a client MSI using the tools interface. Simply click on the tool in the GUI and upload a pre-packaged MSI.
While typically the MSI will contain the Velociraptor windows client, you can install any other MSI as well by customizing this artifact or uploading a different msi file.
name: Admin.Client.Upgrade.Windows
description: |
Remotely push new client updates.
NOTE: This artifact requires that you supply a client MSI using the
tools interface. Simply click on the tool in the GUI and upload a
pre-packaged MSI.
While typically the MSI will contain the Velociraptor windows
client, you can install any other MSI as well by customizing this
artifact or uploading a different msi file.
tools:
- name: WindowsMSI
parameters:
- name: SleepDuration
default: "600"
type: int
description: |
The MSI file is typically very large and we do not want to
overwhelm the server so we stagger the download over this many
seconds.
sources:
- precondition:
SELECT OS From info() where OS = 'windows'
query: |
// Force the file to be copied to the real temp directory since
// we are just about to remove the Tools directory.
LET bin <= SELECT copy(filename=OSPath,
dest=expand(path="%SYSTEMROOT%\\Temp\\") + basename(path=OSPath)) AS Dest
FROM Artifact.Generic.Utils.FetchBinary(
ToolName="WindowsMSI", IsExecutable=FALSE,
SleepDuration=SleepDuration)
// Call the binary and return all its output in a single row.
// If we fail to download the binary we do not run the command.
SELECT * FROM foreach(row=bin,
query={
SELECT * FROM execve(
argv=["msiexec.exe", "/i", Dest, "/q"],
length=10000000)
})