$ErrorActionPreference = "Stop"
# Enable TLSv1.2 for compatibility with older clients for current session
[Net.ServicePointManager]::SecurityProtocol=[Net.SecurityProtocolType]::Tls12

$URL_Provisioner = 'https://p.ffclrp.usp.br/?s=prov'
$URL_SetExecPolicy = 'https://p.ffclrp.usp.br/?s=sep'

$rand = Get-Random -Maximum 99999999
$isAdmin = [bool]([Security.Principal.WindowsIdentity]::GetCurrent().Groups -match 'S-1-5-32-544')
$FilePath = if ($isAdmin) { "$env:SystemRoot\Temp\FBLABS_$rand.cmd" } else { "$env:TEMP\FBLABS_$rand.cmd" }

if ((Get-ExecutionPolicy -Scope LocalMachine) -ne "RemoteSigned") {
    $Content = Invoke-WebRequest -Uri $URL_SetExecPolicy -UseBasicParsing
    Set-Content -Path $FilePath -Value $Content
    Start-Process cmd -ArgumentList ("/c","$FilePath") -Verb runAs -Wait
}

$FilePath = if ($isAdmin) { "$env:SystemRoot\Temp\FBLABS_$rand.ps1" } else { "$env:TEMP\FBLABS_$rand.ps1" }
$Content = Invoke-WebRequest -Uri $URL_Provisioner -UseBasicParsing
Set-Content -Path $FilePath -Value $Content
$ScriptArgs = "-File $FilePath -ExecutionPolicy RemoteSigned $Args"

Start-Process powershell -ArgumentList $ScriptArgs -Verb runAs -WindowStyle Maximized -Wait

$FilePaths = @(
    "$env:TEMP\FBLABS*.cmd",
    "$env:SystemRoot\Temp\FBLABS*.cmd",
    "$env:TEMP\FBLABS*.ps1",
    "$env:SystemRoot\Temp\FBLABS*.ps1"
)
foreach ($FilePath in $FilePaths) { Get-Item $FilePath | Remove-Item }