ciao/*++ KB Management code.Module Name: - Kb.cAbstract: - This code had been initially released by Ivanlef0u, but it was querying the wrong field (ServicePackInEffect) in the table. So I rewrote the code with my own coding style + bug fixes. Kudos to Ivanlef0u ( http://www.ivanlef0u.tuxfamily.org/?p=429 ) for this great idea and his work. PS: Ivanlef0u you have until tomorrow night to reply to my email to let me know if you want to drink a beer tomorrow evening @ "Hall's Beer Tavern of Chatelet" http://doodle.com/vgtb9rxudsz6um79 RSVP here ! I hope this gonna work to get your attention since you didn't reply to my email yet !Environment: - User modeRevision History: - Re-implementation (14 Nov 2010) Matthieu Suiche--*/#define ANSI#define _WIN32_DCOM#define _CRT_SECURE_NO_WARNINGS#include <windows.h>#include <comdef.h>#include <Wbemidl.h>#include <stdio.h>#pragma comment(lib, "wbemuuid.lib")#pragma comment(lib, "comsuppw.lib")BOOL IsKBInstalled(PCHAR KbNumber){BOOL Status;HRESULT hResult;IWbemLocator *WbemLocator;IWbemServices *WbemServices;IEnumWbemClassObject *WbemEnumerator;IWbemClassObject *WbemClassObject;ULONG NumberOfObjects;CHAR Buffer[256]; WbemLocator = NULL; WbemServices = NULL; WbemEnumerator = NULL; Status = FALSE; hResult = CoInitializeEx(0, COINIT_MULTITHREADED); if (FAILED(hResult)) goto Exit; hResult = CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_DEFAULT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE,NULL); if (FAILED(hResult)) goto Exit; // // Obtain the initial locator to Windows Management // on a particular host computer. // hResult = CoCreateInstance(CLSID_WbemLocator, 0, CLSCTX_INPROC_SERVER, IID_IWbemLocator, (LPVOID *)&WbemLocator); if (FAILED(hResult)) goto Exit; // // Connect to the root\cimv2 namespace with the // current user and obtain pointer pSvc // to make IWbemServices calls. // hResult = WbemLocator->ConnectServer(_bstr_t(L"ROOT\\CIMV2"), NULL, NULL, 0, NULL, 0, 0, &WbemServices); if (FAILED(hResult)) goto Exit; // // Set the IWbemServices proxy so that impersonation // of the user (client) occurs. // hResult = CoSetProxyBlanket(WbemServices, RPC_C_AUTHN_WINNT, RPC_C_AUTHZ_NONE, NULL, RPC_C_AUTHN_LEVEL_CALL, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE); if (FAILED(hResult)) goto Exit; // // Use the IWbemServices pointer to make requests of WMI. // Make requests here: // _snprintf(Buffer, sizeof(Buffer)-1, "SELECT * FROM Win32_QuickFixEngineering WHERE HotFixID=\"KB%s\"", KbNumber); hResult = WbemServices->ExecQuery(bstr_t("WQL"), bstr_t(Buffer),WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY, NULL, &WbemEnumerator); if (FAILED(hResult)) goto Exit; hResult = WbemEnumerator->Next(WBEM_INFINITE, 1, &WbemClassObject, &NumberOfObjects); if (FAILED(hResult)) goto Exit; if (NumberOfObjects != 0) Status = TRUE;Exit: if (WbemServices) WbemServices->Release(); if (WbemLocator) WbemLocator->Release(); CoUninitialize(); return Status;}int main(int argc, char *argv[]){ if(argc != 2) { printf("[-] Usage is : %s <KB patch number>\n", argv[0]); return FALSE; } printf("KB%s is %s\n", argv[1], IsKBInstalled(argv[1]) ? "PRESENT" : "NOT PRESENT"); return TRUE;}