From 1446336912952c6fa78ee3eaa9ade8969af2e463 Mon Sep 17 00:00:00 2001
From: Ave <112294121+ave9858@users.noreply.github.com>
Date: Thu, 15 Aug 2024 03:33:44 +0000
Subject: [PATCH] avoid trusting the git hosters

---
 static/get.ps1 | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/static/get.ps1 b/static/get.ps1
index 0d3b604..8a67b82 100644
--- a/static/get.ps1
+++ b/static/get.ps1
@@ -24,6 +24,20 @@ catch {
     $response = Invoke-WebRequest -Uri $RandomURL2 -UseBasicParsing
 }
 
+# Verify script integrity
+$releaseHash = 'D666A4C7810B9D3FE9749F2D4E15C5A65D4AC0D7F0B14A144D6631CE61CC5DF3'
+$stream = New-Object IO.MemoryStream
+$writer = New-Object IO.StreamWriter $stream
+$writer.Write($response)
+$writer.Flush()
+$stream.Position = 0
+$hash = [BitConverter]::ToString([Security.Cryptography.SHA256]::Create().ComputeHash($stream)) -replace '-'
+if ($hash -ne $releaseHash) {
+    Write-Warning "Hash ($hash) mismatch, aborting!`nReport this issue at https://massgrave.dev/troubleshoot"
+    $response = $null
+    return
+}
+
 $rand = [Guid]::NewGuid().Guid
 $isAdmin = [bool]([Security.Principal.WindowsIdentity]::GetCurrent().Groups -match 'S-1-5-32-544')
 $FilePath = if ($isAdmin) { "$env:SystemRoot\Temp\MAS_$rand.cmd" } else { "$env:TEMP\MAS_$rand.cmd" }