Part of Slepp's ProjectsPastebinTURLImagebinFilebin
Feedback -- English French German Japanese
Create Upload Newest Tools Donate

Advertising

WMI Patch Manager
Sunday, November 14th, 2010 at 2:17:48pm UTC 

  1. ciao/*++
  2.     KB Management code.
  3.  
  4. Module Name:
  5.  
  6.     - Kb.c
  7.  
  8. Abstract:
  9.  
  10.     - This code had been initially released by Ivanlef0u, but it was querying the wrong
  11.     field (ServicePackInEffect) in the table. So I rewrote the code with my own coding style + bug fixes.
  12.     Kudos to Ivanlef0u ( http://www.ivanlef0u.tuxfamily.org/?p=429 ) for this great idea and his work.
  13.  
  14.     PS: Ivanlef0u you have until tomorrow night to reply to my email to let me know if you want to drink a beer
  15.     tomorrow evening @ "Hall's Beer Tavern of Chatelet"
  16.     http://doodle.com/vgtb9rxudsz6um79 RSVP here !
  17.     I hope this gonna work to get your attention since you didn't reply to my email yet !
  18.  
  19. Environment:
  20.  
  21.     - User mode
  22.  
  23. Revision History:
  24.  
  25.     - Re-implementation (14 Nov 2010) Matthieu Suiche
  26. --*/
  27.  
  28. #define ANSI
  29. #define _WIN32_DCOM
  30. #define  _CRT_SECURE_NO_WARNINGS
  31. #include <windows.h>
  32. #include <comdef.h>
  33. #include <Wbemidl.h>
  34. #include <stdio.h>
  35.  
  36. #pragma comment(lib, "wbemuuid.lib")
  37. #pragma comment(lib, "comsuppw.lib")
  38.  
  39. BOOL IsKBInstalled(PCHAR KbNumber)
  40. {
  41. BOOL Status;
  42. HRESULT hResult;
  43. IWbemLocator *WbemLocator;
  44. IWbemServices *WbemServices;
  45. IEnumWbemClassObject *WbemEnumerator;
  46. IWbemClassObject *WbemClassObject;
  47. ULONG NumberOfObjects;
  48. CHAR Buffer[256];
  49.  
  50.     WbemLocator = NULL;
  51.     WbemServices = NULL;
  52.     WbemEnumerator = NULL;
  53.  
  54.     Status = FALSE;
  55.  
  56.     hResult = CoInitializeEx(0, COINIT_MULTITHREADED);
  57.     if (FAILED(hResult)) goto Exit;
  58.  
  59.     hResult = CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_DEFAULT,
  60.                                    RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE,NULL);
  61.     if (FAILED(hResult)) goto Exit;
  62.  
  63.     //
  64.     // Obtain the initial locator to Windows Management
  65.     // on a particular host computer.
  66.     //
  67.     hResult = CoCreateInstance(CLSID_WbemLocator, 0, CLSCTX_INPROC_SERVER,
  68.                                IID_IWbemLocator, (LPVOID *)&WbemLocator);
  69.     if (FAILED(hResult)) goto Exit;
  70.  
  71.     //
  72.     // Connect to the root\cimv2 namespace with the
  73.     // current user and obtain pointer pSvc
  74.     // to make IWbemServices calls.
  75.     //
  76.     hResult = WbemLocator->ConnectServer(_bstr_t(L"ROOT\\CIMV2"), NULL, NULL, 0, NULL, 0, 0, &WbemServices);
  77.     if (FAILED(hResult)) goto Exit;
  78.  
  79.     //
  80.     // Set the IWbemServices proxy so that impersonation
  81.     // of the user (client) occurs.
  82.     //
  83.     hResult = CoSetProxyBlanket(WbemServices, RPC_C_AUTHN_WINNT, RPC_C_AUTHZ_NONE, NULL,
  84.                                 RPC_C_AUTHN_LEVEL_CALL, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE);
  85.     if (FAILED(hResult)) goto Exit;
  86.  
  87.     //
  88.     // Use the IWbemServices pointer to make requests of WMI.
  89.     // Make requests here:
  90.     //
  91.     _snprintf(Buffer, sizeof(Buffer)-1, "SELECT * FROM Win32_QuickFixEngineering WHERE HotFixID=\"KB%s\"", KbNumber);
  92.     hResult = WbemServices->ExecQuery(bstr_t("WQL"), bstr_t(Buffer),WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY,
  93.                                      NULL, &WbemEnumerator);
  94.     if (FAILED(hResult)) goto Exit;
  95.  
  96.     hResult = WbemEnumerator->Next(WBEM_INFINITE, 1, &WbemClassObject, &NumberOfObjects);
  97.     if (FAILED(hResult)) goto Exit;
  98.  
  99.     if (NumberOfObjects != 0) Status = TRUE;
  100.  
  101. Exit:
  102.     if (WbemServices) WbemServices->Release();
  103.     if (WbemLocator) WbemLocator->Release();
  104.     CoUninitialize();
  105.  
  106.     return Status;
  107. }
  108.  
  109. int main(int argc, char *argv[])
  110. {
  111.     if(argc != 2)
  112.     {
  113.         printf("[-] Usage is : %s <KB patch number>\n", argv[0]);
  114.         return FALSE;
  115.     }
  116.  
  117.     printf("KB%s is %s\n", argv[1], IsKBInstalled(argv[1]) ? "PRESENT" : "NOT PRESENT");
  118.  
  119.     return TRUE;
  120. }

advertising

Update the Post

Either update this post and resubmit it with changes, or make a new post.

You may also comment on this post.

update paste below
details of the post (optional)

Note: Only the paste content is required, though the following information can be useful to others.

Save name / title?

(space separated, optional)



Please note that information posted here will not expire by default. If you do not want it to expire, please set the expiry time above. If it is set to expire, web search engines will not be allowed to index it prior to it expiring. Items that are not marked to expire will be indexable by search engines. Be careful with your passwords. All illegal activities will be reported and any information will be handed over to the authorities, so be good.

comments powered by Disqus
worth-right
worth-right