Blogs

K1000 and K2000 SAMBA remote code execution vulnerability

According to a Nexpose scan, both our K1000 and K2000 show as vulnerable to the following SAMBA bulletin.
I have not seen anything from Quest regarding this.

https://www.samba.org/samba/security/CVE-2017-7494.html
====================================================================
== Subject:     Remote code execution from a writable share.
==
== CVE ID#:     CVE-2017-7494
==
== Versions:    All versions of Samba from 3.5.0 onwards.
==
== Summary:     Malicious clients can upload and cause the smbd server
==              to execute a shared library from a writable share.
==
====================================================================

===========
Description
===========

All versions of Samba from 3.5.0 onwards are vulnerable to a remote
code execution vulnerability, allowing a malicious client to upload a
shared library to a writable share, and then cause the server to load
and execute it.

==================
Patch Availability
==================

A patch addressing this defect has been posted to

  http://www.samba.org/samba/security/

Additionally, Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as
security releases to correct the defect. Patches against older Samba
versions are available at http://samba.org/samba/patches/. Samba
vendors and administrators running affected versions are advised to
upgrade or apply the patch as soon as possible.

==========
Workaround
==========

Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This
prevents clients from accessing any named pipe endpoints. Note this
can disable some expected functionality for Windows clients.

=======
Credits
=======

This problem was found by steelo <knownsteelo@gmail.com>. Volker
Lendecke of SerNet and the Samba Team provided the fix.

View comments (2)

K2000 Kustom Post Installation Tasks

Summary
This is a lot of custom scripting, mostly AutoIT being used in the K2000 appliance to create a new feature not currently available to the K2000, choosing your post install tasks you wish to use when you kick off an image in real time instead of having to log into the web interface and drag/drop your tasks.

The main reason to want this is you have an environment with lots of smaller tasks or applications that can vary a lot from one deployment to the next and its too much trouble to log in and change for each deployment (Think perhaps multiple versions of Java as an example).  It is also  helpful in a multi user environment where more than one tech may use the appliance for the same image and make changes to the tasks before you start a deployment and you end up deploying the wrong tasks.

I would say this is not ideal if you just have 2 or 3 different baseline setups that are always the same and do not change very much.  For that you can just use the duplicate image feature to create a copy of your image, and then permanently assign tasks to that duplicate (Duplicate images do not take up additional space on the K2000)

Last, this is for you if you just want to learn some really cool scripting, concepts and techniques aka, You are a nerd...like me.


How it Works (High Level Overview)
We have essentially a 3 part process to this.
A GUI that we setup as a Pre-Install Task so that right away we get the ability to click on the Post-Install Tasks we want to deploy.

The GUI will take your selections and leave some "breadcrumbs" behind so that we can later look for them.  In this case, we will be creating an .INI file and leaving it at the root of the C: right after we have created our partitions.

CHKgNb.jpeg
njVqj5.jpeg

The rest of the imaging process will proceed as per normal until we reach our Post-Install Tasks section.
At this point, our first Post-Install task is the Interpreter.  This is just a middle man script that will go find our Breadcrumbs (Our .INI File) read what we chose to install from the GUI and write those sections to the Registry.

The rest of the magic happens with the actual Post Install Tasks themselves.

Rather than write each and every job to look for our registry entries, we have a Job Interpreter script that runs along with each Kustom Task.  This way we can use the same jobs we would use as a normal post install task, or stand alone automated installations.  The Job interpreter's "job" is to read the job#, check the registry to see if it should execute the attached install and if it finds it, then proceed, else mark the current task as complete and continue with deployment without actually installing anything.

pjkQ7A.jpeg

Implementation - Part 1 The GUI and Pre-Install Task Phase

Since not everybody uses AutoIT and can compile there own .exe I have written these tasks to be super dynamic and easily changed by each user via .INI files.
So you can use the same .EXE without touching it, and just modify the .INI file to modify the jobs you want to present.

Note: I can not attach files to a blog post so I will try to provide a download link to get the pre-compiled scripts later for now source code will be posted inside this post.

Of course I will include the source code as well so you can see how it was done, and modify the source code should you need to.

Insight: Our Pre-Install tasks takes place in the PBE (Pre Boot Environment) this can be 32bit or 64bit depending on your setup.  The PBE will not run a pre-compiled EXE that does not match the same environment.

We will compile the GUI twice once as a x64 binary and once as a x86 binary so it can be run from both types of PBE.
Instead of running two different tasks.  I like to keep things clean.  So the first task is going to be a small BAT script that checks the environment and launches the appropriate GUI binary.

Here is how the job looks in the K2000
qkeuMU.jpeg

Here is the files contained in our .ZIP
The .BAT file, our x86 GUI, our x64 GUI and the GUI's configuration INI file.
Hqnuhw.jpeg

This is how I made the .BAT file

____ Determin6432bit.bat ____
wmic os get osarchitecture | find "64-bit"
IF %ERRORLEVEL% == 0 goto 64bit
IF %ERRORLEVEL% == 1 goto 32bit

goto END

:64bit
"Choose(PreInstall-Localx64).exe"
goto END

:32bit
"Choose(PreInstall-Localx86).exe"
goto END

:END
___________________________________

Now here is the source code for the GUI itself so you can see how that works, and compile it yourself using AutoIT if you would like.

___ Choose.exe ____

#RequireAdmin
#include <ButtonConstants.au3>
#include <GUIConstantsEx.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
#include <Array.au3>
#include <File.au3>

Global $fINI = @ScriptDir & "\Choose.ini"

If NOT FileExists($fINI) Then ;Exit the GUI with message if the INI file is missing
MsgBox(0, "Notice", "Critical Error, Missing Choose.ini File Exiting Application")
Exit 1
EndIf

$aNames = IniReadSection($fINI, "JobName")
$aIsChecked = IniReadSection($fINI, "IsChecked")
$aIsEnabled = IniReadSection($fINI, "IsEnabled")
$iGUITimeOut = IniRead($fINI, "Extra", "GUITimeOut", "4")
$sMachineMac = ""

AdlibRegister("_SaveSelections", 1000*60*$iGUITimeOut) ;1000 milisecond * 60 = 1 Minute (Will exit the GUI without user interaction after X Time)

FileDelete("C:\KustomPostInstalls.ini") ;Delete INI file just incase it already exists so we do not append old selections.

$K2000 = GUICreate("K2000 Dynamic Task Installer", 615, 437, 192, 124, -1, BitOR($WS_EX_TOPMOST,$WS_EX_WINDOWEDGE))
$Label1 = GUICtrlCreateLabel("K2000 Dynamic Task Installer", 176, 8, 241, 24)
GUICtrlSetFont(-1, 12, 800, 0, "MS Sans Serif")
$Checkbox1 = GUICtrlCreateCheckbox("Checkbox1", 32, 48, 225, 17)
$Checkbox2 = GUICtrlCreateCheckbox("Checkbox2", 32, 80, 225, 17)
$Checkbox3 = GUICtrlCreateCheckbox("Checkbox3", 32, 112, 225, 17)
$Checkbox4 = GUICtrlCreateCheckbox("Checkbox4", 32, 144, 225, 17)
$Checkbox5 = GUICtrlCreateCheckbox("Checkbox5", 32, 176, 225, 17)
$Checkbox6 = GUICtrlCreateCheckbox("Checkbox6", 32, 208, 225, 17)
$Checkbox7 = GUICtrlCreateCheckbox("Checkbox7", 32, 240, 225, 17)
$Checkbox8 = GUICtrlCreateCheckbox("Checkbox8", 32, 272, 225, 17)
$Checkbox9 = GUICtrlCreateCheckbox("Checkbox9", 32, 304, 225, 17)
$Checkbox10 = GUICtrlCreateCheckbox("Checkbox10", 32, 336, 225, 17)
$Checkbox11 = GUICtrlCreateCheckbox("Checkbox11", 312, 48, 225, 17)
$Checkbox12 = GUICtrlCreateCheckbox("Checkbox12", 312, 80, 225, 17)
$Checkbox13 = GUICtrlCreateCheckbox("Checkbox13", 312, 112, 225, 17)
$Checkbox14 = GUICtrlCreateCheckbox("Checkbox14", 312, 144, 225, 17)
$Checkbox15 = GUICtrlCreateCheckbox("Checkbox15", 312, 176, 225, 17)
$Checkbox16 = GUICtrlCreateCheckbox("Checkbox16", 312, 208, 225, 17)
$Checkbox17 = GUICtrlCreateCheckbox("Checkbox17", 312, 240, 225, 17)
$Checkbox18 = GUICtrlCreateCheckbox("Checkbox18", 312, 272, 225, 17)
$Checkbox19 = GUICtrlCreateCheckbox("Checkbox19", 312, 304, 225, 17)
$Checkbox20 = GUICtrlCreateCheckbox("Checkbox20", 312, 336, 225, 17)
$Button1 = GUICtrlCreateButton("Proceed", 128, 384, 345, 33)
GUICtrlSetFont(-1, 12, 800, 0, "MS Sans Serif")
GUISetState(@SW_SHOW)

For $i = 1 to $aIsChecked[0][0] ;Read the INI file and check any boxes set to be checked by default.
GUICtrlSetState(Eval("Checkbox" & $i), $aIsChecked[$i][1])
Next

For $i = 1 to $aNames[0][0] ;Read the INI file and give each task its name
GUICtrlSetData(Eval("Checkbox" & $i), $aNames[$i][1])
Next

For $i = 1 to $aIsEnabled[0][0] ;Read the INI file and hide any tasks set to be hidden for OCD people
If $aIsEnabled[$i][1] = 0 Then GUICtrlSetState(Eval("Checkbox" & $i), $GUI_HIDE)
Next

While 1
$nMsg = GUIGetMsg()
Switch $nMsg
Case $GUI_EVENT_CLOSE
Exit
Case $Button1
ExitLoop
EndSwitch
WEnd

_SaveSelections()

Func _SaveSelections() ;Take our selections and save them to a INI file at the root of the C:
For $i = 1 to $aIsChecked[0][0]
If GuiCtrlRead(Eval("Checkbox" & $i)) = 1 Then IniWrite("C:\KustomPostInstalls.ini", "PostInstallTasks", "Job" & $i, "1")
Next
Exit
EndFunc ;_SaveSelections()

___________________

Here is the .INI file that goes with the GUI so that you can configure its options.

____ Choose.ini _____
[JobName]
;Use String Value For Name
Job1=Install Java8u121
Job2=Install HealthEMS 4.11.27204 Desktop
Job3=Install Cisco AnyConnect 4.3.05017
Job4=Install Barracuda WSA 4.4.5.40
Job5=Install Prolific GPS Puck Driver v118
Job6=Activate Windows
Job7=Activate Office
Job8=Job8
Job9=Job9
Job10=Job10
Job11=Job11
Job12=Job12
Job13=Job13
Job14=Job14
Job15=Job15
Job16=Job16
Job17=Job17
Job18=Job18
Job19=Job19
Job20=Job20
[IsChecked]
;0 Disabled Not Checked By Default | 1 Enabled Checked By Default
Job1=0
Job2=0
Job3=0
Job4=0
Job5=0
Job6=1
Job7=1
Job8=0
Job9=0
Job10=0
Job11=0
Job12=0
Job13=0
Job14=0
Job15=0
Job16=0
Job17=0
Job18=0
Job19=0
Job20=0
[IsEnabled]
;0 Disabled Option Will Not Show on GUI | 1 Enabled Option Will Be Displayed on GUI
Job1=1
Job2=1
Job3=1
Job4=1
Job5=1
Job6=1
Job7=1
Job8=1
Job9=1
Job10=1
Job11=1
Job12=1
Job13=1
Job14=1
Job15=1
Job16=1
Job17=1
Job18=1
Job19=1
Job20=1
[Extra]
;GUI Time Out in Minutes for GUI to close without user input and apply selections
GUITimeOut=4
_______


Implementation - Part 2 The Post-Install Task Interpreter

At this point, we have deployed an image and just hit the Post-Install Phase, our first task should be setup as our Interpreter.

Here is how the task is setup in the K2000
y7b6P2.jpeg

Since we are now out of the PBE and in our Windows environment, we no longer have to have a separate binary for 32bit and 64bit.  We can use a 32bit binary for both Windows environments.  So we just have our 32bit EXE being called as our first Post Install Task.

The interpreter finds the .INI file we created with the GUI earlier, reads the selections and saves it to the Windows Registry.

Here is the source code for the Interpreter, I called it INItoReg.

___ INItoREG.exe ___
#RequireAdmin
#include <File.au3>
#include <Array.au3>

$aINI = INIReadSection("C:\KustomPostInstalls.ini", "PostInstallTasks") ;Read our INI File
;_ArrayDisplay($aINI)

If NOT IsArray($aINI) Then EXIT ;If it has no options or is missing Exit

For $i = 1 to $aINI[0][0] ;Save all the INI entries to their own Registry Key
RegWrite("HKLM\SOFTWARE\K2000\KustomPostInstall", $aINI[$i][0], "REG_SZ", $aINI[$i][1])
Next
________________


Implementation - Part 3 Our Kustom Post-Install Tasks

At this point, we have run the GUI as a Pre-Install Task, the Interpreter has run as the first Post-Install Task and we are reaching our actual Jobs that we have set as a Post-Install Task.

So your jobs get to stay exactly the way they are now.  This was designed in a way that you have just one piece of code between the K2000 and your normal Post Install Task, and that middle code determines if the task gets installed.

Here is an example of one of my Jobs and how you set this up.
The Job Interpreter script was setup just like the GUI, to be extremely flexible and all the configuration is changed via an INI file so you do not ever have to change the code or recompile it.  Just change the .INI file for each job.

The K2000 Kustom Post Install Task
UHU84E.jpeg

The ZIP file for the Job
QHHEP8.jpeg

In here the Install Java.exe is my normal automated installer, the .MSI files are the dependency.  The only thing I added to make this work as a Kustom Job is the JobInterpreter.exe and its JobInfo.ini file.

Here is the source code for the JobInterpreter.exe

___ JobInterpreter.exe ___
#RequireAdmin
$fINI = @ScriptDir & "\JobInfo.ini"
If NOT FileExists($fINI) Then
MsgBox(0, "", "Critical Error - Missing .INI file JobInfo.ini")
Exit
EndIf


$sJobNumber = IniRead($fINI, "JobInfo", "JobNumber", "")
$sJobBinary = IniRead($fINI, "JobInfo", "JobBinary", "")
$sJobName = IniRead($fINI, "JobInfo", "JobName", "")
$sJobWaitComplete = IniRead($fINI, "JobInfo", "JobWaitComplete", "0")
If NOT RegREad("HKLM\SOFTWARE\K2000\KustomPostInstall\", "Job" & $sJobNumber) = 1 Then Exit
MsgBox(0, "", "Currently Launching Job# " & $sJobNumber & " " & $sJobName, 2)
ShellExecute(@ScriptDir & "\" & $sJobBinary)

While ProcessExists($sJobBinary)
Sleep(10)
WEnd

If StringInStr($sJobBinary, ".bat") Then
While ProcessExists("cmd.exe")
Sleep(10)
WEnd
EndIf

Sleep($sJobWaitComplete * 1000)
________

The INI file  handles all the specifics for the job.  What binary to run for the task, what registry key we are looking for, etc.
Here is the source code for JobInfo.ini

___ JobInfo.ini ___
[JobInfo]
;Job Number Must Be Exclusive
JobNumber=1
;Job Name Just used for reference
JobName=Java8u121
;Job Binary is the single file to be executed for install
JobBinary=Install Java8u121.exe
;Job Wait is extra time added at end for a install to complete in seconds i.e. 5 = 5 Seconds
JobWaitComplete=0
_____________

The tricky thing here that I had to figure out is that the K2000 executes your job directly usually, and it waits for completion of that task before it moves to the next.
If your instead calling a middle script like this.  The K2000 moves to the next task soon as JobInterpreter.exe completes!

So that is why the code now has its own internal wait function so it will keep JobInterpreter.exe open until the install process it is calling is completed. 
It works perfectly with a .EXE (most of my installs are self written .EXE) but I found if its a .BAT file that it actually calls the CMD.exe process so that is why I also added an extra line to check for the .BAT extension and wait for CMD to finish installing your job.

It should work for pretty much everything, but if you find some kind of job that it does not work for, just call it from a .BAT file and that should solve it.

Example: My install Cisco AnyConnect job installs to .MSI files so I just created the Kustom Post Install Task to look like this.

tDPEr7.jpeg
ZowoQQ.jpeg
td1gAg.jpeg
ubefNc.jpeg




Nerdy Extras

I will try to post here a download link for all the actual .au3 files (The AutoIt Source Code) the pre-compiled .exe files, the .ini files etc.
Also this was built by me one step at a time, before it evolved into what you see above it had other phases.

For those with a different environment, you may find some of these off shoots useful.

Pre-Install Task GUI Network Version
Before I found I could save the .INI file to the root of the C: to carry my breadcrumbs from the PBE to the Windows Environment I found that the K2000 has a hidden temp folder that I could send the .INI file to.

So this is the source code for the Network GUI that save the INI to the K2000 PETemp folder, and since we are now using a shared location instead of a local location I had to worry about the file names.  Each computer needed to have a unique file name and find its own INI file in the Post phase.  For that I used the MAC address.

__ Choose.exe Network Version ___
#RequireAdmin
#include <ButtonConstants.au3>
#include <GUIConstantsEx.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
#include <Array.au3>
#include <File.au3>

Global $fINI = @ScriptDir & "\Choose.ini"

If NOT FileExists($fINI) Then
MsgBox(0, "Notice", "Critical Error, Missing Choose.ini File Exiting Application")
Exit 1
EndIf

$aNames = IniReadSection($fINI, "JobName")
$aIsChecked = IniReadSection($fINI, "IsChecked")
$aIsEnabled = IniReadSection($fINI, "IsEnabled")
$iGUITimeOut = IniRead($fINI, "Extra", "GUITimeOut", "4")
$sMachineMac = ""

AdlibRegister("_SaveSelections", 1000*60*$iGUITimeOut) ;1000 milisecond * 60 = 1 Minute

$objWMIService  = ObjGet("winmgmts:{impersonationLevel=impersonate}")
$netAdapterSet = $objWMIService.ExecQuery("select * from Win32_NetworkAdapter where DeviceID = 0")
For $netAdapter in $netAdapterSet
    $sMachineMac = $netAdapter.MACAddress
Next

$sMachineMAC = StringReplace($sMachineMAC, ":", "")

#Region ### START Koda GUI section ### Form=C:\Users\it022565\Desktop\K2000 Custom Jobs\K2000.kxf
$K2000 = GUICreate("K2000 Dynamic Task Installer", 615, 437, 192, 124, -1, BitOR($WS_EX_TOPMOST,$WS_EX_WINDOWEDGE))
$Label1 = GUICtrlCreateLabel("K2000 Dynamic Task Installer", 176, 8, 241, 24)
GUICtrlSetFont(-1, 12, 800, 0, "MS Sans Serif")
$Checkbox1 = GUICtrlCreateCheckbox("Checkbox1", 32, 48, 225, 17)
$Checkbox2 = GUICtrlCreateCheckbox("Checkbox2", 32, 80, 225, 17)
$Checkbox3 = GUICtrlCreateCheckbox("Checkbox3", 32, 112, 225, 17)
$Checkbox4 = GUICtrlCreateCheckbox("Checkbox4", 32, 144, 225, 17)
$Checkbox5 = GUICtrlCreateCheckbox("Checkbox5", 32, 176, 225, 17)
$Checkbox6 = GUICtrlCreateCheckbox("Checkbox6", 32, 208, 225, 17)
$Checkbox7 = GUICtrlCreateCheckbox("Checkbox7", 32, 240, 225, 17)
$Checkbox8 = GUICtrlCreateCheckbox("Checkbox8", 32, 272, 225, 17)
$Checkbox9 = GUICtrlCreateCheckbox("Checkbox9", 32, 304, 225, 17)
$Checkbox10 = GUICtrlCreateCheckbox("Checkbox10", 32, 336, 225, 17)
$Checkbox11 = GUICtrlCreateCheckbox("Checkbox11", 312, 48, 225, 17)
$Checkbox12 = GUICtrlCreateCheckbox("Checkbox12", 312, 80, 225, 17)
$Checkbox13 = GUICtrlCreateCheckbox("Checkbox13", 312, 112, 225, 17)
$Checkbox14 = GUICtrlCreateCheckbox("Checkbox14", 312, 144, 225, 17)
$Checkbox15 = GUICtrlCreateCheckbox("Checkbox15", 312, 176, 225, 17)
$Checkbox16 = GUICtrlCreateCheckbox("Checkbox16", 312, 208, 225, 17)
$Checkbox17 = GUICtrlCreateCheckbox("Checkbox17", 312, 240, 225, 17)
$Checkbox18 = GUICtrlCreateCheckbox("Checkbox18", 312, 272, 225, 17)
$Checkbox19 = GUICtrlCreateCheckbox("Checkbox19", 312, 304, 225, 17)
$Checkbox20 = GUICtrlCreateCheckbox("Checkbox20", 312, 336, 225, 17)
$Button1 = GUICtrlCreateButton("Proceed", 128, 384, 345, 33)
GUICtrlSetFont(-1, 12, 800, 0, "MS Sans Serif")
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###

For $i = 1 to $aIsChecked[0][0]
GUICtrlSetState(Eval("Checkbox" & $i), $aIsChecked[$i][1])
Next

For $i = 1 to $aNames[0][0]
GUICtrlSetData(Eval("Checkbox" & $i), $aNames[$i][1])
Next

For $i = 1 to $aIsEnabled[0][0]
If $aIsEnabled[$i][1] = 0 Then GUICtrlSetState(Eval("Checkbox" & $i), $GUI_HIDE)
Next

While 1
$nMsg = GUIGetMsg()
Switch $nMsg
Case $GUI_EVENT_CLOSE
Exit
Case $Button1
ExitLoop
EndSwitch
WEnd

_SaveSelections()

Func _SaveSelections()
RunWait(@comspec & ' /c net use \\**Your K2000 IP**\petemp /user:**Your User ID** **Your  User Password** /persistent:no', "", @SW_HIDE)
For $i = 1 to $aIsChecked[0][0]
If GuiCtrlRead(Eval("Checkbox" & $i)) = 1 Then IniWrite("\\**Your K2000 IP\PeTemp\" & $sMachineMAC & ".ini", "PostInstallTasks", "Job" & $i, "1")
Next
Exit
EndFunc ;_SaveSelections()
________

Post Install GUI Version
My first version of the GUI wrote directly to the Registry.  It was just the GUI and the Jobs however since the PBE has no access to the Windows Registry for your deployment.  It has to be run as a Post Install task.  I did not like waiting for Post Installs to come up and baby sit the image process, that is why we created the Pre-Install version and created the Interpreter to move the INI file into the Registry.  This is also why the JobInterpreter's read the Registry instead of just reading the .INI file directly.  The original version worked this way and I felt no real reason to change all the code when I like the registry anyways.

___ Choose.exe Post Install Task ___
#RequireAdmin
#include <ButtonConstants.au3>
#include <GUIConstantsEx.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
#include <Array.au3>

Global $fINI = @ScriptDir & "\Choose.ini"

If NOT FileExists($fINI) Then
MsgBox(0, "Notice", "Critical Error, Missing Choose.ini File Exiting Application")
Exit 1
EndIf

$aNames = IniReadSection($fINI, "JobName")
$aIsChecked = IniReadSection($fINI, "IsChecked")
$aIsEnabled = IniReadSection($fINI, "IsEnabled")
$iGUITimeOut = IniRead($fINI, "Extra", "GUITimeOut", "4")

AdlibRegister("_SaveSelections", 1000*60*$iGUITimeOut) ;1000 milisecond * 60 = 1 Minute

#Region ### START Koda GUI section ### Form=C:\Users\it022565\Desktop\K2000 Custom Jobs\K2000.kxf
$K2000 = GUICreate("K2000 Dynamic Task Installer", 615, 437, 192, 124, -1, BitOR($WS_EX_TOPMOST,$WS_EX_WINDOWEDGE))
$Label1 = GUICtrlCreateLabel("K2000 Dynamic Task Installer", 176, 8, 241, 24)
GUICtrlSetFont(-1, 12, 800, 0, "MS Sans Serif")
$Checkbox1 = GUICtrlCreateCheckbox("Checkbox1", 32, 48, 225, 17)
$Checkbox2 = GUICtrlCreateCheckbox("Checkbox2", 32, 80, 225, 17)
$Checkbox3 = GUICtrlCreateCheckbox("Checkbox3", 32, 112, 225, 17)
$Checkbox4 = GUICtrlCreateCheckbox("Checkbox4", 32, 144, 225, 17)
$Checkbox5 = GUICtrlCreateCheckbox("Checkbox5", 32, 176, 225, 17)
$Checkbox6 = GUICtrlCreateCheckbox("Checkbox6", 32, 208, 225, 17)
$Checkbox7 = GUICtrlCreateCheckbox("Checkbox7", 32, 240, 225, 17)
$Checkbox8 = GUICtrlCreateCheckbox("Checkbox8", 32, 272, 225, 17)
$Checkbox9 = GUICtrlCreateCheckbox("Checkbox9", 32, 304, 225, 17)
$Checkbox10 = GUICtrlCreateCheckbox("Checkbox10", 32, 336, 225, 17)
$Checkbox11 = GUICtrlCreateCheckbox("Checkbox11", 312, 48, 225, 17)
$Checkbox12 = GUICtrlCreateCheckbox("Checkbox12", 312, 80, 225, 17)
$Checkbox13 = GUICtrlCreateCheckbox("Checkbox13", 312, 112, 225, 17)
$Checkbox14 = GUICtrlCreateCheckbox("Checkbox14", 312, 144, 225, 17)
$Checkbox15 = GUICtrlCreateCheckbox("Checkbox15", 312, 176, 225, 17)
$Checkbox16 = GUICtrlCreateCheckbox("Checkbox16", 312, 208, 225, 17)
$Checkbox17 = GUICtrlCreateCheckbox("Checkbox17", 312, 240, 225, 17)
$Checkbox18 = GUICtrlCreateCheckbox("Checkbox18", 312, 272, 225, 17)
$Checkbox19 = GUICtrlCreateCheckbox("Checkbox19", 312, 304, 225, 17)
$Checkbox20 = GUICtrlCreateCheckbox("Checkbox20", 312, 336, 225, 17)
$Button1 = GUICtrlCreateButton("Proceed", 128, 384, 345, 33)
GUICtrlSetFont(-1, 12, 800, 0, "MS Sans Serif")
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###

For $i = 1 to $aIsChecked[0][0]
GUICtrlSetState(Eval("Checkbox" & $i), $aIsChecked[$i][1])
Next

For $i = 1 to $aNames[0][0]
GUICtrlSetData(Eval("Checkbox" & $i), $aNames[$i][1])
Next

For $i = 1 to $aIsEnabled[0][0]
If $aIsEnabled[$i][1] = 0 Then GUICtrlSetState(Eval("Checkbox" & $i), $GUI_HIDE)
Next

While 1
$nMsg = GUIGetMsg()
Switch $nMsg
Case $GUI_EVENT_CLOSE
Exit
Case $Button1
ExitLoop
EndSwitch
WEnd

_SaveSelections()

Func _SaveSelections()
For $i = 1 to $aIsChecked[0][0]
If GuiCtrlRead(Eval("Checkbox" & $i)) = 1 Then RegWrite("HKLM\SOFTWARE\K2000\KustomPostInstall", "Job" & $i, "REG_SZ", "1")
Next
Exit
EndFunc ;_SaveSelections()

___________

Non AutoIT Users

I just crafted a few short snippits of code to show basic ways to do the same kind of concept with native windows scripting in .bat files
I much prefer AutoIT since I know it well and its very powerfull, but if you do not use it or like it and prefer straight up scripts here is some methods.

An example of how to do the "GUI" with a .bat file.  You just answer Y/N to each install.  Note: This is before I created the .INI method it goes directly to Registry.

__ Native Scripting "GUI" .BAT ___
@Echo Off


set /P job1=Do you want to install Job1 [Y/N]?
if /I "%job1%" EQU "Y" set job1=1
if /I "%job1%" EQU "N" set job1=0

set /P job2=Do you want to install Job2 [Y/N]?
if /I "%job2%" EQU "Y" set job2=1
if /I "%job2%" EQU "N" set job2=0

set /P job3=Do you want to install Job3 [Y/N]?
if /I "%job3%" EQU "Y" set job3=1
if /I "%job3%" EQU "N" set job3=0

set /P job4=Do you want to install Job4 [Y/N]?
if /I "%job4%" EQU "Y" set job4=1
if /I "%job4%" EQU "N" set job4=0
 
REM echo %job1%
REM echo %job2%
REM echo %job3%
REM echo %job4%

if %job1% == 1 reg add HKLM\SOFTWARE\K2000\KustomPostInstall /v Job1 /t REG_SZ /d 1
pause
_________

Native Job Interpreter
Same concept, instead of AutoIT using a .BAT file to check for our registry keys and start the installer.

@Echo Off
for /f "tokens=2*" %%a in ('reg query HKLM\SOFTWARE\K2000\KustomPostInstall /v Job1') do set "var=%%b"
if "%var%"=="1" (echo found 1) else echo did not find
pause

________

And that is that!

Should be enough information, samples, and all the source code so that you can implement this for yourself.
Hope somebody finds the information share useful and I look forward to any comments, ideas, and collaboration that comes from this.
Be the first to comment

Resolve Error 501 Jet_ErrLogFileCorrupt in Exchange – Step by Step

A Brief Overview of Jet Error 501

Sometimes, while mounting the data in the Exchange database an error occurs in the server namely error 501 jet_errlogfilecorrupt. The main cause that leads to the generation of this error is corrupt log files. To resolve the error users have two ways: one is the manual approach and the other one is automated solution. In the article, we will be describing the main cause of Jet error 501 in Exchange, solutions to resolve the error by using built-in utility or expert solution. 

Why Does Unexpected Error 501 jet_errlogfilecorrupt Occur?

The main reason behind the error is corruption in the log files. Moreover, the error occurs as there is some data loss, corruption in the header section of log files, or infected log file. Due to jet error 501 in Exchange Server, users are restricted to load the data in the database. 

Check Whether the Log File is Corrupted or Not

Corruption in log files leads to Server error 501. Mentioned below are few points using which one can make sure that whether the log file is corrupted or not.

  • Run the command prompt window on display screen
  • Next, run Eseutil inbuilt utility by typing a command: eseutil /ml Enn
  • If operation terminates with error 501 JET_errLogFileCorrupt (log file is corrupt) message it means the log file is damaged.

2 Ways to Resolve the Jet Error 501 Easily

In the section mentioned, the users will get to know regarding how to resolve Server Error 501 using inbuilt utility and an automated solution.

Way1: Manual Method

One can resolve the error 501 in Exchange server from the backup of the damaged or corrupted log file. To fix this, one should remove the damaged or corrupted log file from the database of the Exchange server and then one can restore the server from the backup files. Once this process is complete, one needs to run eseutil.exe command to make the log file again. Mentioned below are few points through which one can restore the corrupted or damaged log file and fix the error 501 jet_errLogFileCorrupt easily.

1. Find replica of log files backup: The very first step one should follow is found the backup replica of damaged log files from the working condition of backup. If one is falling short of the corrupt backup log files, one can recover then one can easily recover it by using the inbuilt utility or any other 3rd party tool.

2. Corrupted log files Deleted: If a user has the backup replica of the corrupted log file, then he/she should discard the damaged log files from the database of the Exchange Server.

3. Recover Deleted log file: Once the corrupted log files are deleted from the Exchange server, the next step one should follow is to restore the deleted log file of Microsoft Exchange from backup files. Once this kind of files is recovered, a temporary file namely restore.env is generated all the times. The file thus generated removes the jet error 501 from the log files easily.

4. Run built-in utility i.e., Eseutil: The next step one should follow is to run the Eseutil command to make the log files time and again. The command one should follow to remake the log files is mentioned below:

Eseutil/cc path of the restore end

The command mentioned above will repair the corrupted or damaged log file. Moreover, it will also delete the temporary file i.e., restore.env.

Using these commands one can easily escape the error 501 JET_errLogFileCorruption.

Drawbacks of the Manual Method:

As the users know that a solution must have a flaw. Same occurs in the case of Exchange Server Error 501. Mentioned below are few problems that are encountered while resolving the Jet error 501.

  • The process is very much time consuming and lengthy
  • To recover a hard drive by Use utility is difficult task
  • It becomes very difficult to perform the task as it is complicated

Way 2: Automated Solution

As the above-mentioned method is very difficult to perform as it is very time consuming and lengthy process. So, one should try the Exchange Server log Analyzer tool to perform the task magnificently. The automated utility is so well designed that it can resolve the issue in a single shot. The tool can repair corrupt Exchange log file gracefully and there is no scope of Jet error 501 in it. 

Final Words

One of the major reasons behind Exchange Server error 501 is the corruption in log files. This makes it impossible for users to mount the data files into Microsoft Exchange database. Availability of the manual method to fix error 501 JET_errLogFileCorrupt may prove to be helpful for users up to some extent. However, to rectify it quickly, it is recommended to use a third party utility. One such tool available for this is Exchange Server Log Analyzer, as mentioned above. It makes the process of fixing the error less complicated and fast

Be the first to comment

WannaCry - Check Vulnerability with KACE SMA now!

Hi all, 

a quick note how to prove the vulnerability to be attacked by WannaCry (LinktoBBC).
Of course you can check the KB or Package Numbers in your patch catalog (Single Patches) - you should do that as well. 

But to have a very quick check you can use the OVAL Scan with the CVE-Number.

And build yourself a report (break on 'CVE Number'):

SELECT MACHINE.NAME AS Computer,
       MACHINE.LAST_INVENTORY AS `Last Inventory`,
       OVAL_DEFINITION.SOURCE AS `CVE Number`
  FROM (OVAL_STATUS OVAL_STATUS
        INNER JOIN KBSYS.OVAL_DEFINITION OVAL_DEFINITION
           ON (OVAL_STATUS.OVAL_DEFINITION_ID = OVAL_DEFINITION.ID))
       INNER JOIN MACHINE MACHINE
          ON (OVAL_STATUS.MACHINE_ID = MACHINE.ID)
 WHERE (    OVAL_STATUS.RESULT = 'VULNERABLE'
        AND OVAL_DEFINITION.SOURCE IN ('CVE-2017-0143',
                                       'CVE-2017-0144',
                                       'CVE-2017-0145',
                                       'CVE-2017-0146',
                                       'CVE-2017-0147',
                                       'CVE-2017-0148'))
ORDER BY Computer ASC, `CVE Number` ASC




Hope i could help :)

Timo
View comments (7)

iTunes 12.6 Customising with ORCA Guide

            Download Microsoft Orca (Orca is now a part of the Windows 10 1703 SDK).


https://developer.microsoft.com/en-us/windows/downloads/windows-10-sdk   


Change DL the Path.

 Next

Select MSI Tools only!

 Download

 

Install Orca:

"C:\Temp\Windows Kits\10\WindowsSDK\Installers\Orca-x86_en-us.msi"

 

1.

Download and Install iTunes (x64)

2.

Open and configure iTunes, close it, open again and verify your configuration, close it again.

3.

Copy the iTunes config folder to your "WorkingDir" C:\Temp\iTunes_PKG\_UserConfig

 

Open cmd.exe and Copy and Paste to the CMD Window, or copy how u like.

 

xcopy "%Appdata%\Apple Computer" "C:\Temp\iTunes_PKG\_UserConfig\" /s

 

 

4.

Download and Install WinRAR http://www.rarlab.com/download.htm

5.

Goto C:\Temp\iTunes_PKG\_UserConfig\Apple Computer\Preferences\ByHost

Rename the file with the GUID:

From:

com.apple.iTunes.{63dca991-e924-11e6-9ccb-806e6f6e6963}.plist

To:

com.apple.iTunes.HWGUID.plist

6.

Add the folder "Apple Computer" to "Apple Computer.rar"

7.

Open the Archive in WinRAR, Convert archive to SFX executable

Use the following configuration "Important"

%AppData%

Close WinRAR

 

Now you have the following files in your folder

Rename Apple Computer.exe to Preferences.exe

 

8.

Extract the iTunes Setup with WinRAR or 7-Zip

9.

Copy all extracted .msi’s to

C:\Temp\iTunes_PKG\_MSI\x86
C:\Temp\iTunes_PKG\_MSI\x64


 

10.

Open the iTunes.msi with Orca

11.

Add a new Transform

 

Add and Change the following Tables and Propertys

12.

Table

Property

Signature_

 

 

Appsearch

HWGUID

AppReg

 

 

 

 

-          Click left in AppSearch

-          Press CTRL & R

 

-          Type HWGUID

-          OK

 

-          Type ApppReg

-          OK

  

13.

Table

Property

Data

 

 

Binary

UserFiles

[Binary Data]

Preferences.exe

 

 

 

-          Click left in Binary

-          Press CTRL & R

 

-          Type UserFiles

-          OK

-          OK

 

-          Click Browse,

select your Preferences.exe

-          OK

-          OK

C:\Temp\iTunes_PKG\_UserConfig\Preferences.exe

 


14.

Table

Action

Type

Source

 

 

Custom Action

_FS_Rename_File

1122

System64Folder.A5C49E27_90D3_35F6_A5E8_DB6F691C3C33

 

 

Target

cmd.exe /c REN "%AppData%\Apple Computer\Preferences\ByHost\com.apple.iTunes.HWGUID.plist" "com.apple.iTunes.[HWGUID].plist"

 

 

15.

Table

Action

Type

Source

 

 

Custom Action

_FS_UserFiles

1090

UserFiles

 

 

16.

Table

Action

Condition

Sequence

 

InstallExecuteSequence

_FS_UserFiles

NOT REMOVE~="ALL"

5700

 

InstallExecuteSequence

_FS_Rename_File

NOT REMOVE~="ALL"

6500

 


 

17.

Table

Property

Value

 

Property

IAcceptLicense

Yes

 

Property

REGSRCH_MEDIA_DEFAULTS

0

 

Property

SCHEDULE_ASUW

0

 

Property

REBOOT

ReallySuppress

 

18.

Table

Signature_

Root

Key

Name

Type

 

RegLocator

AppReg

2

SYSTEM\CurrentControlSet\Control\IDConfigDB\Hardware Profiles\0001

HwProfileGuid

2

 

 

19. (Active Setup) only if u like to Setup the config to AllUsers

Table

Registry

Root

Key

Name

Value

Component

Registry

registry1086

2

SOFTWARE\Microsoft\Active Setup\Installed Components\[ProductCode]

 

[ProductName]

iTunes.exe

Registry

registry1085

2

SOFTWARE\Microsoft\Active Setup\Installed Components\[ProductCode]

StubPath

msiexec.exe /fu [ProductCode] /qb!

iTunes.exe

 

View comments (1)
Showing 11 - 15 of 3090 results