Jump to content

Protecting UACD ! -Some Insight


Recommended Posts

Thats what I was talking about - SoftwareElementID identifies BIOS as piece of software, that is why in this case SoftwareElementState is always 3 (it means Running)...

Your implementation of SoftwareElementID is the right one... Nois3`s one is misinterpreted property :(

The problem is different manufacturers are differently implementing WMI classes properties :( That is why I wanted to see output from more people, so we could find property that is always implemented the same way on all systems.

Link to comment
Share on other sites


We can began to work on code (it will take few minutes) - first what I need is pack software, that have cmd support + encryption from cmd. I mean we need to be able to use command like

unpack archive.zip /pasword:xxx

When you will send me the syntax + link to packager, I will create that script for you

Link to comment
Share on other sites

Let me ask some further clarification before i can send you pack software:

1. will all files running from cmdlines.txt are going to be archived? including runonceex.cmd? i ask because both CMDLINES.txt and runonceex.cmd sits inside $OEM$ folder.

2. are you going to unzip archive.zip to some TEMP directory? if that then unzip command should include mention of temporary extraction directory.

3. i run a lot of batch files from RUNONCEEX.cmd but those files are located in some other folder inside my software installer "BOX" folder. do i include that directory inside the archive?

Guide me.....as you and me -these 2 paranoids about security probably can't sleep this night before settling such issues.

**MOON

Link to comment
Share on other sites

Well, I must disappoint you :) I am personally not interested in this topic (I am making deployment for companies, not for personal use)... I am just trying to help.

RunOnceEx + all related files will be in encrypted archive. I would like to unzip files to location where they would be normally after copying from $OEM$ directory

Link to comment
Share on other sites

BTW I am using Product to automatically install chipset drivers. If you are interested, I could post my script,

I'm always interested in your scripts Martin :) Using the Product to install chipset drivers is an interesting approach. However, dont you just integrate the chipset drivers into your source?

Link to comment
Share on other sites

Nope, I cant... The problem is that I need to use setup.exe, not only drivers (specially for Wifi etc...)

Have a look:

'Automaticka instalacia ovladacov pre chipset a nastavenie biosu
'Martin Zugec
'12.7.2004
'20.9.2004

Option Explicit
On Error Resume Next

Dim objWMIService, objShell
Dim strBoard, arrayBoards, strInstallPath
Dim strTypPocitaca

Set objWMIService = GetObject("winmgmts:root\cimv2")
Set arrayBoards = objWMIService.InstancesOf("Win32_BaseBoard", 48)
Set objShell = Wscript.CreateObject("Wscript.shell")

strInstallPath = Left(WScript.ScriptFullName,Len(Wscript.ScriptFullName) - Len(WScript.ScriptName + "n")) & "\"

for each strBoard in arrayBoards
Select Case Trim(LCase(strBoard.Product))
Case "0t9369"
 'Wscript.Echo "Notebook D600"
 funcNainstalovanieWifi("d600")
 funcNainstalovanieChipsetu("d600")
 Case "optiplex gx150"
 'Wscript.Echo "OptiPlex GX150"
 funcNainstalovanieChipsetu("gx150")
 Case "00t606","02x378"
 'Wscript.Echo "Optiplex GX260"
 funcNainstalovanieChipsetu("gx260")
 Case "0x1078","0r2472","0u1324"
 'Wscript.Echo "OptiPlex GX270"
 funcNainstalovanieChipsetu("gx270")
Case "0n4846","0968h","0g5611","0f7739","0g8310"
 'Wscript.Echo "OptiPlex GX280"
 funcNainstalovanieChipsetu("gx280")
 Case Else
 Call OdoslanieMailu
 'wscript.echo ". Nepodarilo sa nainstalovat ovladac pre chipset!"
End Select
next

Call RestartPocitaca

Set objWMIService = Nothing
Set arrayBoards = Nothing
Set objShell = Nothing

Wscript.Quit(0)

Sub OdoslanieMailu

Dim objEmail, objNetwork
Dim strComputerName

Set objEmail = CreateObject("CDO.Message")
Set objNetwork = CreateObject("Wscript.Network")

strComputerName = objNetwork.ComputerName

With objEmail
   .From =  strComputerName & "@domain.com"
   .To = "technicians@domain.com"
   .Subject = "Error"
   .Textbody = "Unsuccessful baseboard installation"
   .Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
   .Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "smtp.domain.com"
   .Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
   .Configuration.Fields.Update
   .Send
End With

Set objEmail = Nothing
Set objNetwork = Nothing

End Sub

Function funcNainstalovanieChipsetu(strTypPocitaca)
objShell.Run strInstallPath & strTypPocitaca & "\Chipset\setup.exe -b -s", 1, True
End Function

Function funcNainstalovanieWifi(strTypPocitaca)
objShell.Run strInstallPath & strTypPocitaca & "\WiFi\setup.exe -b -s", 1, True
End Function

Sub RestartPocitaca
objShell.Run "shutdown.exe -r -f -t 01", 0, False
End Sub

Link to comment
Share on other sites

@Martin

xtremely sorry to hurt you... i was writting in lighter vein...never really ever thoght to hurt someone who is still awake to give company to someone in need... xcuse me, trust me, i'm not that kind of person.

i seek sometime from you to compile the archive so that a wrongly structured archive don't waste your time anymore.

sorry, for my unwittingly deployed witt.

Precisely, i can give you archive tomorrow.. will that be too late?

Link to comment
Share on other sites

Relieved to find you in jovial mood....Expeecting you today night here , i'll be ready with my archive. Thanks, Martin, a night well spent in company of you.

my last post's tommorrow is actually today, in conversation with you i totally missed that tommorrow changed silently to today!!

*************See you today night, i hope so. don't post in return, that will be effort-wasting from your side.

Link to comment
Share on other sites

@Dumpy

yeah, it does the same thing as Martin's script does. but it doesn't solve the insecurity lied therein. Martin, during writting the script, selected a fictitious BIOS date and astonishingly that imaginary BIOS date is younger by just 6 days to the genuine BIOS release date of my machine. It is the Caveat. If we cannot include the BIOS release time (in my machine it is 8:58:02) , then ultimate protection based on BIOS method remains incomplete and unfulfilled.

Thanks. Think again for the sake of Whole UACD builder community.

P.S. BTW, MartinsVBS.txt doesn't have any BIOS release date in it . array AllowedHosts= array("Please")

It didn't have it because it couldn't detect your release date, which is extremely odd.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...