$troubleshoot = 'https://massgrave.dev/troubleshoot'
if ($ExecutionContext.SessionState.LanguageMode.value__ -ne 0) {
    $ExecutionContext.SessionState.LanguageMode
    Write-Host "Windows PowerShell is not running in Full Language Mode."
    Write-Host "Help - https://gravesoft.dev/fix_powershell" -ForegroundColor White -BackgroundColor Blue
    return
}

function Check3rdAV {
    $avList = Get-CimInstance -Namespace root\SecurityCenter2 -Class AntiVirusProduct | Where-Object { $_.displayName -notlike '*windows*' } | Select-Object -ExpandProperty displayName
    if ($avList) {
        Write-Host '3rd party Antivirus might be blocking the script - ' -ForegroundColor White -BackgroundColor Blue -NoNewline
        Write-Host " $($avList -join ', ')" -ForegroundColor DarkRed -BackgroundColor White
    }
}

function CheckFile { 
    param ([string]$FilePath) 
    if (-not (Test-Path $FilePath)) { 
        Check3rdAV
        Write-Host "Failed to create the file in temp folder, aborting!"
        Write-Host "Help - $troubleshoot" -ForegroundColor White -BackgroundColor Blue
        throw 
    } 
}

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$URLs = @(
    'https://github.com/nffdev/NoCapture/releases/download/v1.0.1/NoCapture.exe',
    'https://raw.githubusercontent.com/nffdev/NoCapture/refs/heads/main/NoCapture/build/NoCapture.exe'
)

foreach ($URL in $URLs | Sort-Object { Get-Random }) {
    try { 
        $webclient = New-Object System.Net.WebClient
        $content = $webclient.DownloadData($URL)
        $downloaded = $true
        break 
    } catch {}
}

if (-not $downloaded) {
    Check3rdAV
    Write-Host "Failed to retrieve the file from any of the available repositories, aborting!"
    Write-Host "Help - $troubleshoot" -ForegroundColor White -BackgroundColor Blue
    return
}

# Check for AutoRun registry which may create issues with CMD
$paths = "HKCU:\SOFTWARE\Microsoft\Command Processor", "HKLM:\SOFTWARE\Microsoft\Command Processor"
foreach ($path in $paths) { 
    if (Get-ItemProperty -Path $path -Name "Autorun" -ErrorAction SilentlyContinue) { 
        Write-Warning "Autorun registry found, CMD may crash! `nManually copy-paste the below command to fix...`nRemove-ItemProperty -Path '$path' -Name 'Autorun'"
    } 
}

$rand = [Guid]::NewGuid().Guid
$isAdmin = [bool]([Security.Principal.WindowsIdentity]::GetCurrent().Groups -match 'S-1-5-32-544')
$FilePath = if ($isAdmin) { "$env:SystemRoot\Temp\NoCapture_$rand.exe" } else { "$env:USERPROFILE\AppData\Local\Temp\NoCapture_$rand.exe" }
# Écrire le contenu binaire directement dans le fichier
[System.IO.File]::WriteAllBytes($FilePath, $content)
CheckFile $FilePath

$env:ComSpec = "$env:SystemRoot\system32\cmd.exe"
$chkcmd = & $env:ComSpec /c "echo CMD is working"
if ($chkcmd -notcontains "CMD is working") {
    Write-Warning "cmd.exe is not working.`nReport this issue at $troubleshoot"
}
saps -FilePath $env:ComSpec -ArgumentList "/c """"$FilePath"" $args""" -Wait
CheckFile $FilePath

$FilePaths = @("$env:SystemRoot\Temp\NoCapture*.exe", "$env:USERPROFILE\AppData\Local\Temp\NoCapture*.exe")
foreach ($FilePath in $FilePaths) { Get-Item $FilePath | Remove-Item }