Hash Updater



This one is mainly useful for people working in Russian banks, but can be used by others as a basis, too.

Central Bank of Russia requires that a set of files need to be validated before running clearing software (and thus operations in it). Recommended software to do that is hashfile.exe by Validata (provided along with their crypto-software). Unfortunately, it's not really convenient to use it to get file hashes for a hundreds of files. This HTA code will solve this issue.

First of all it requires a .cfg file like below:


[Users]

Admin=admin


[Paths]

HTA_Log=\\path\logs\


[Files]

hashfileexe=\\path\hashfile.exe

hashinfile=\\path\hashin.txt

hashoutfile=\\path\hashout.txt

hashlistshort=\\path\filelistshort.txt

hashlistfull=\\path\filelistfull.txt

;partialfilnames below

prochashes=\\path\hashes\prochashes_

systhashes=\\path\hashes\systhashes_


When everything is setup you simply launch the file under designated user (recommended to have admin rights due to access restrictions to some system libraries). Script will be parse the filelists and write 2 sets of hashlists like this


C:\Program Files\MDPREI\spki\scs.exe,000E640034EE05770C512D0A6FA1A0ED4675E4FC4515854EEABC0EB995F927B15FB70C32

C:\Program Files\MDPREI\spki\scsref.exe,000BE60012B66C90BCFF6BB9F5624C504C50B57FABA2FFA63DCA863759FB7035806B6FBD


These hashlists can then be used to validate the files later on (check my Hash Checker).

Example of "full" list (contains all the Windows' files recommended for checking by Central Bank) is below:


C:\Windows\apppatch\acgenral.dll

C:\Windows\explorer.exe

C:\Windows\system32\activeds.dll

C:\Windows\system32\actxprxy.dll

C:\Windows\system32\adsldpc.dll

C:\Windows\system32\advapi32.dll

C:\Windows\system32\advpack.dll

C:\Windows\system32\alg.exe

C:\Windows\system32\apphelp.dll

C:\Windows\system32\atl.dll

C:\Windows\system32\audiosrv.dll

C:\Windows\system32\authz.dll

C:\Windows\system32\autochk.exe

C:\Windows\system32\basesrv.dll

C:\Windows\system32\batmeter.dll

C:\Windows\system32\bootvid.dll

C:\Windows\system32\browser.dll

C:\Windows\system32\browseui.dll

C:\Windows\system32\cabinet.dll

C:\Windows\system32\certcli.dll

C:\Windows\system32\clbcatq.dll

C:\Windows\system32\clusapi.dll

C:\Windows\system32\colbact.dll

C:\Windows\system32\comctl32.dll

C:\Windows\system32\comdlg32.dll

C:\Windows\system32\comres.dll

C:\Windows\system32\comsvcs.dll

C:\Windows\system32\credui.dll

C:\Windows\system32\crypt32.dll

C:\Windows\system32\cryptdll.dll

C:\Windows\system32\cryptsvc.dll

C:\Windows\system32\cryptui.dll

C:\Windows\system32\cscdll.dll

C:\Windows\system32\cscui.dll

C:\Windows\system32\csrsrv.dll

C:\Windows\system32\csrss.exe

C:\Windows\system32\davclnt.dll

C:\Windows\system32\dhcpcsvc.dll

C:\Windows\system32\dmusic.dll

C:\Windows\system32\dnsapi.dll

C:\Windows\system32\dnsrslvr.dll

C:\Windows\system32\drivers\vdcrydrv.sys

C:\Windows\system32\drprov.dll

C:\Windows\system32\dssenh.dll

C:\Windows\system32\es.dll

C:\Windows\system32\esent.dll

C:\Windows\system32\framebuf.dll

C:\Windows\system32\gdbm.dll

C:\Windows\system32\gdi32.dll

C:\Windows\system32\hal.dll

C:\Windows\system32\hnetcfg.dll

C:\Windows\system32\icaapi.dll

C:\Windows\system32\icmp.dll

C:\Windows\system32\iconv.dll

C:\Windows\system32\imagehlp.dll

C:\Windows\system32\inetpp.dll

C:\Windows\system32\intl3.dll

C:\Windows\system32\iphlpapi.dll

C:\Windows\system32\ipnathlp.dll

C:\Windows\system32\kbdru.dll

C:\Windows\system32\kbdus.dll

C:\Windows\system32\kdcom.dll

C:\Windows\system32\kerberos.dll

C:\Windows\system32\kernel32.dll

C:\Windows\system32\libxml2.dll

C:\Windows\system32\lmhsvc.dll

C:\Windows\system32\localspl.dll

C:\Windows\system32\lsasrv.dll

C:\Windows\system32\lsass.exe

C:\Windows\system32\mfc42.dll

C:\Windows\system32\midimap.dll

C:\Windows\system32\mpr.dll

C:\Windows\system32\mprapi.dll

C:\Windows\system32\msacm32.dll

C:\Windows\system32\msctf.dll

C:\Windows\system32\msi.dll

C:\Windows\system32\msidle.dll

C:\Windows\system32\msimg32.dll

C:\Windows\system32\msisip.dll

C:\Windows\system32\mspatcha.dll

C:\Windows\system32\msprivs.dll

C:\Windows\system32\mstask.dll

C:\Windows\system32\msutb.dll

C:\Windows\system32\msvcp60.dll

C:\Windows\system32\msvcrt.dll

C:\Windows\system32\mswsock.dll

C:\Windows\system32\msxml3.dll

C:\Windows\system32\mtxclu.dll

C:\Windows\system32\ncobjapi.dll

C:\Windows\system32\nddeapi.dll

C:\Windows\system32\netapi32.dll

C:\Windows\system32\netcfgx.dll

C:\Windows\system32\netlogon.dll

C:\Windows\system32\netman.dll

C:\Windows\system32\netmsg.dll

C:\Windows\system32\netshell.dll

C:\Windows\system32\ntdll.dll

C:\Windows\system32\ntdsapi.dll

C:\Windows\system32\ntlanman.dll

C:\Windows\system32\ntmarta.dll

C:\Windows\system32\ntoskrnl.exe

C:\Windows\system32\ntshrui.dll

C:\Windows\system32\odbc32.dll

C:\Windows\system32\odbcint.dll

C:\Windows\system32\ole32.dll

C:\Windows\system32\oleacc.dll

C:\Windows\system32\oleaut32.dll

C:\Windows\system32\pautoenr.dll

C:\Windows\system32\powrprof.dll

C:\Windows\system32\psapi.dll

C:\Windows\system32\psbase.dll

C:\Windows\system32\pstorsvc.dll

C:\Windows\system32\rasapi32.dll

C:\Windows\system32\raschap.dll

C:\Windows\system32\rasdlg.dll

C:\Windows\system32\rasman.dll

C:\Windows\system32\rastls.dll

C:\Windows\system32\rdr.dll

C:\Windows\system32\regapi.dll

C:\Windows\system32\regsvc.dll

C:\Windows\system32\resutils.dll

C:\Windows\system32\riched20.dll

C:\Windows\system32\rpcrt4.dll

C:\Windows\system32\rpcss.dll

C:\Windows\system32\rsaenh.dll

C:\Windows\system32\rtutils.dll

C:\Windows\system32\rundll32.exe

C:\Windows\system32\samlib.dll

C:\Windows\system32\samsrv.dll

C:\Windows\system32\scecli.dll

C:\Windows\system32\scertui.dll

C:\Windows\system32\scesrv.dll

C:\Windows\system32\schannel.dll

C:\Windows\system32\schedsvc.dll

C:\Windows\system32\scrypt.dll

C:\Windows\system32\seclogon.dll

C:\Windows\system32\secur32.dll

C:\Windows\system32\seldll.dll

C:\Windows\system32\sens.dll

C:\Windows\system32\services.exe

C:\Windows\system32\setupapi.dll

C:\Windows\system32\sfc.exe

C:\Windows\system32\sfc_os.dll

C:\Windows\system32\shdocvw.dll

C:\Windows\system32\shell32.dll

C:\Windows\system32\shfolder.dll

C:\Windows\system32\shimeng.dll

C:\Windows\system32\shlwapi.dll

C:\Windows\system32\shsvcs.dll

C:\Windows\system32\smss.exe

C:\Windows\system32\spki.dll

C:\Windows\system32\spki1.dll

C:\Windows\system32\spkicom.dll

C:\Windows\system32\spoolss.dll

C:\Windows\system32\spoolsv.exe

C:\Windows\system32\srvsvc.dll

C:\Windows\system32\ssdpapi.dll

C:\Windows\system32\ssdpsrv.dll

C:\Windows\system32\stobject.dll

C:\Windows\system32\svchost.exe

C:\Windows\system32\sxs.dll

C:\Windows\system32\tapi32.dll

C:\Windows\system32\tcpmon.dll

C:\Windows\system32\termsrv.dll

C:\Windows\system32\themeui.dll

C:\Windows\system32\trkwks.dll

C:\Windows\system32\twext.dll

C:\Windows\system32\umpnpmgr.dll

C:\Windows\system32\upnp.dll

C:\Windows\system32\urlmon.dll

C:\Windows\system32\usbmon.dll

C:\Windows\system32\user32.dll

C:\Windows\system32\userenv.dll

C:\Windows\system32\userinit.exe

C:\Windows\system32\uxtheme.dll

C:\Windows\system32\vcertmsg.dll

C:\Windows\system32\version.dll

C:\Windows\system32\vga.dll

C:\Windows\system32\vssapi.dll

C:\Windows\system32\w32time.dll

C:\Windows\system32\wbem\esscli.dll

C:\Windows\system32\wbem\fastprox.dll

C:\Windows\system32\wbem\ncprov.dll

C:\Windows\system32\wbem\repdrvfs.dll

C:\Windows\system32\wbem\wbemcons.dll

C:\Windows\system32\wbem\wbemcore.dll

C:\Windows\system32\wbem\wbemess.dll

C:\Windows\system32\wbem\wbemprox.dll

C:\Windows\system32\wbem\wbemsvc.dll

C:\Windows\system32\wbem\wmiprvsd.dll

C:\Windows\system32\wbem\wmisvc.dll

C:\Windows\system32\wbem\wmiutils.dll

C:\Windows\system32\wdigest.dll

C:\Windows\system32\webcheck.dll

C:\Windows\system32\webclnt.dll

C:\Windows\system32\win32k.sys

C:\Windows\system32\winhttp.dll

C:\Windows\system32\winlogon.exe

C:\Windows\system32\winmm.dll

C:\Windows\system32\winrnr.dll

C:\Windows\system32\winscard.dll

C:\Windows\system32\winsrv.dll

C:\Windows\system32\winsta.dll

C:\Windows\system32\wintrust.dll

C:\Windows\system32\wkssvc.dll

C:\Windows\system32\wldap32.dll

C:\Windows\system32\wmi.dll

C:\Windows\system32\ws2_32.dll

C:\Windows\system32\ws2help.dll

C:\Windows\system32\wscsvc.dll

C:\Windows\system32\wshext.dll

C:\Windows\system32\wshnetbs.dll

C:\Windows\system32\wshtcpip.dll

C:\Windows\system32\wsock32.dll

C:\Windows\system32\wtsapi32.dll

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\wuaueng.dll

C:\Windows\system32\wups.dll

C:\Windows\system32\zlib1.dll

C:\Windows\SysWOW64\activeds.dll

C:\Windows\SysWOW64\actxprxy.dll

C:\Windows\SysWOW64\adsldpc.dll

C:\Windows\SysWOW64\advapi32.dll

C:\Windows\SysWOW64\advpack.dll

C:\Windows\SysWOW64\apphelp.dll

C:\Windows\SysWOW64\atl.dll

C:\Windows\SysWOW64\authz.dll

C:\Windows\SysWOW64\autochk.exe

C:\Windows\SysWOW64\batmeter.dll

C:\Windows\SysWOW64\bootvid.dll

C:\Windows\SysWOW64\browseui.dll

C:\Windows\SysWOW64\cabinet.dll

C:\Windows\SysWOW64\certcli.dll

C:\Windows\SysWOW64\clbcatq.dll

C:\Windows\SysWOW64\clusapi.dll

C:\Windows\SysWOW64\colbact.dll

C:\Windows\SysWOW64\comctl32.dll

C:\Windows\SysWOW64\comdlg32.dll

C:\Windows\SysWOW64\comres.dll

C:\Windows\SysWOW64\comsvcs.dll

C:\Windows\SysWOW64\credui.dll

C:\Windows\SysWOW64\crypt32.dll

C:\Windows\SysWOW64\cryptdll.dll

C:\Windows\SysWOW64\cryptsvc.dll

C:\Windows\SysWOW64\cryptui.dll

C:\Windows\SysWOW64\cscdll.dll

C:\Windows\SysWOW64\davclnt.dll

C:\Windows\SysWOW64\dhcpcsvc.dll

C:\Windows\SysWOW64\dmusic.dll

C:\Windows\SysWOW64\dnsapi.dll

C:\Windows\SysWOW64\drprov.dll

C:\Windows\SysWOW64\dssenh.dll

C:\Windows\SysWOW64\es.dll

C:\Windows\SysWOW64\esent.dll

C:\Windows\SysWOW64\gdi32.dll

C:\Windows\SysWOW64\hnetcfg.dll

C:\Windows\SysWOW64\icmp.dll

C:\Windows\SysWOW64\imagehlp.dll

C:\Windows\SysWOW64\iphlpapi.dll

C:\Windows\SysWOW64\kbdru.dll

C:\Windows\SysWOW64\kbdus.dll

C:\Windows\SysWOW64\kerberos.dll

C:\Windows\SysWOW64\kernel32.dll

C:\Windows\SysWOW64\mfc42.dll

C:\Windows\SysWOW64\midimap.dll

C:\Windows\SysWOW64\mpr.dll

C:\Windows\SysWOW64\mprapi.dll

C:\Windows\SysWOW64\msacm32.dll

C:\Windows\SysWOW64\msctf.dll

C:\Windows\SysWOW64\msi.dll

C:\Windows\SysWOW64\msidle.dll

C:\Windows\SysWOW64\msimg32.dll

C:\Windows\SysWOW64\msisip.dll

C:\Windows\SysWOW64\mspatcha.dll

C:\Windows\SysWOW64\mstask.dll

C:\Windows\SysWOW64\msutb.dll

C:\Windows\SysWOW64\msvcp60.dll

C:\Windows\SysWOW64\msvcrt.dll

C:\Windows\SysWOW64\mswsock.dll

C:\Windows\SysWOW64\msxml3.dll

C:\Windows\SysWOW64\mtxclu.dll

C:\Windows\SysWOW64\ncobjapi.dll

C:\Windows\SysWOW64\nddeapi.dll

C:\Windows\SysWOW64\netapi32.dll

C:\Windows\SysWOW64\netcfgx.dll

C:\Windows\SysWOW64\netlogon.dll

C:\Windows\SysWOW64\netmsg.dll

C:\Windows\SysWOW64\netshell.dll

C:\Windows\SysWOW64\ntdll.dll

C:\Windows\SysWOW64\ntdsapi.dll

C:\Windows\SysWOW64\ntlanman.dll

C:\Windows\SysWOW64\ntmarta.dll

C:\Windows\SysWOW64\ntoskrnl.exe

C:\Windows\SysWOW64\ntshrui.dll

C:\Windows\SysWOW64\odbc32.dll

C:\Windows\SysWOW64\odbcint.dll

C:\Windows\SysWOW64\ole32.dll

C:\Windows\SysWOW64\oleacc.dll

C:\Windows\SysWOW64\oleaut32.dll

C:\Windows\SysWOW64\pautoenr.dll

C:\Windows\SysWOW64\powrprof.dll

C:\Windows\SysWOW64\psapi.dll

C:\Windows\SysWOW64\psbase.dll

C:\Windows\SysWOW64\pstorsvc.dll

C:\Windows\SysWOW64\rasapi32.dll

C:\Windows\SysWOW64\raschap.dll

C:\Windows\SysWOW64\rasdlg.dll

C:\Windows\SysWOW64\rasman.dll

C:\Windows\SysWOW64\rastls.dll

C:\Windows\SysWOW64\rdr.dll

C:\Windows\SysWOW64\regapi.dll

C:\Windows\SysWOW64\resutils.dll

C:\Windows\SysWOW64\riched20.dll

C:\Windows\SysWOW64\rpcrt4.dll

C:\Windows\SysWOW64\rsaenh.dll

C:\Windows\SysWOW64\rtutils.dll

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\SysWOW64\samlib.dll

C:\Windows\SysWOW64\scecli.dll

C:\Windows\SysWOW64\scesrv.dll

C:\Windows\SysWOW64\schannel.dll

C:\Windows\SysWOW64\scrypt.dll

C:\Windows\SysWOW64\secur32.dll

C:\Windows\SysWOW64\seldll.dll

C:\Windows\SysWOW64\sens.dll

C:\Windows\SysWOW64\setupapi.dll

C:\Windows\SysWOW64\sfc.exe

C:\Windows\SysWOW64\sfc_os.dll

C:\Windows\SysWOW64\shdocvw.dll

C:\Windows\SysWOW64\shell32.dll

C:\Windows\SysWOW64\shfolder.dll

C:\Windows\SysWOW64\shimeng.dll

C:\Windows\SysWOW64\shlwapi.dll

C:\Windows\SysWOW64\shsvcs.dll

C:\Windows\SysWOW64\ssdpapi.dll

C:\Windows\SysWOW64\stobject.dll

C:\Windows\SysWOW64\svchost.exe

C:\Windows\SysWOW64\sxs.dll

C:\Windows\SysWOW64\tapi32.dll

C:\Windows\SysWOW64\themeui.dll

C:\Windows\SysWOW64\twext.dll

C:\Windows\SysWOW64\upnp.dll

C:\Windows\SysWOW64\urlmon.dll

C:\Windows\SysWOW64\user32.dll

C:\Windows\SysWOW64\userenv.dll

C:\Windows\SysWOW64\userinit.exe

C:\Windows\SysWOW64\uxtheme.dll

C:\Windows\SysWOW64\version.dll

C:\Windows\SysWOW64\vssapi.dll

C:\Windows\SysWOW64\wbem\esscli.dll

C:\Windows\SysWOW64\wbem\fastprox.dll

C:\Windows\SysWOW64\wbem\wbemprox.dll

C:\Windows\SysWOW64\wbem\wbemsvc.dll

C:\Windows\SysWOW64\wbem\wmiutils.dll

C:\Windows\SysWOW64\wdigest.dll

C:\Windows\SysWOW64\webcheck.dll

C:\Windows\SysWOW64\webclnt.dll

C:\Windows\SysWOW64\winhttp.dll

C:\Windows\SysWOW64\winmm.dll

C:\Windows\SysWOW64\winrnr.dll

C:\Windows\SysWOW64\winscard.dll

C:\Windows\SysWOW64\winsta.dll

C:\Windows\SysWOW64\wintrust.dll

C:\Windows\SysWOW64\wldap32.dll

C:\Windows\SysWOW64\wmi.dll

C:\Windows\SysWOW64\ws2_32.dll

C:\Windows\SysWOW64\ws2help.dll

C:\Windows\SysWOW64\wshext.dll

C:\Windows\SysWOW64\wshtcpip.dll

C:\Windows\SysWOW64\wsock32.dll

C:\Windows\SysWOW64\wtsapi32.dll

C:\Windows\SysWOW64\wups.dll


"Short" one can be found below and it contains files of Central Bank Software, which are required to be validated on each software run:


C:\Program Files\MDPREI\spki\scs.exe

C:\Program Files\MDPREI\spki\scsref.exe

C:\Program Files\MDPREI\spki\spki1utl.exe

C:\Program Files\MDPREI\spki\supdatefromdisk.dll

C:\Program Files\MDPREI\spki\suserdisk2ra.dll

C:\Program Files\MDPREI\spki\suserpost2ra.dll

C:\Program Files\Validata\VDCSP\etsdkx64.dll

C:\Program Files\Validata\VDCSP\hashfile.exe

C:\Program Files\Validata\VDCSP\testcsp.exe

C:\Program Files\Validata\VDCSP\vdcsp.dll

C:\Program Files\Validata\VDCSP\vdcsp_cfg.exe

C:\Program Files\Validata\VDCSP\vdcspe.dll

C:\Program Files\Validata\VDCSP\vdkdevs.dll

C:\Program Files\Validata\VDCSP\vdkeys02.dll

C:\Program Files\Validata\VDCSP\vdkeys11.dll

C:\Program Files\Validata\VDCSP\vdkeys52.dll

C:\Program Files\Validata\VDCSP\vdkeys61.dll

C:\Program Files\Validata\VDCSP\vdrand01.dll

C:\Program Files (x86)\Validata\VDCSP\etsdk.dll

C:\Program Files (x86)\Validata\VDCSP\hashfile.exe

C:\Program Files (x86)\Validata\VDCSP\testcsp.exe

C:\Program Files (x86)\Validata\VDCSP\vdcsp.dll

C:\Program Files (x86)\Validata\VDCSP\vdcsp_cfg.exe

C:\Program Files (x86)\Validata\VDCSP\vdcspe.dll

C:\Program Files (x86)\Validata\VDCSP\vdkdevs.dll

C:\Program Files (x86)\Validata\VDCSP\vdkeys02.dll

C:\Program Files (x86)\Validata\VDCSP\vdkeys11.dll

C:\Program Files (x86)\Validata\VDCSP\vdkeys52.dll

C:\Program Files (x86)\Validata\VDCSP\vdkeys61.dll

C:\Program Files (x86)\Validata\VDCSP\vdrand01.dll

C:\uarm3\bin\rcmnSec.dll

C:\uarm3\bin\uarm.exe

C:\uarm3\bin\uarmCfg.dll

C:\uarm3\bin\uarmCommon.Tools.dll

C:\uarm3\bin\uarmCommon.UI.dll

C:\uarm3\bin\uarmCore.dll

C:\uarm3\bin\uarmLog.dll

C:\uarm3\bin\uarmLog.UI.dll

C:\uarm3\bin\uarmMon.dll

C:\uarm3\bin\uarmStg.dll

C:\uarm3\bin\uarmUsr.dll

C:\amur3\bin\rcmnSec.dll

C:\amur3\bin\amur.exe

C:\amur3\bin\uarmCfg.dll

C:\amur3\bin\uarmCommon.Tools.dll

C:\amur3\bin\uarmCommon.UI.dll

C:\amur3\bin\uarmCore.dll

C:\amur3\bin\uarmLog.dll

C:\amur3\bin\uarmLog.UI.dll

C:\amur3\bin\uarmMon.dll

C:\amur3\bin\uarmStg.dll

C:\amur3\bin\uarmUsr.dll


Of course, each list can be modified according to production needs, but either way if a file is missing in the system it will be silently skipped.


<meta http-equiv="content-type" content="text/html; charset=cp866" />


<html>

<head>

<title>Universal UARM - Hash updater</title>

<script language="JavaScript">

function SortVBArray(arrVBArray, desc) {

newdb = arrVBArray.split("[dbmerg2]");

if (desc == 1) {

return newdb.sort().join('\b');

} else {

return newdb.sort().reverse().join('\b');

}

}

</script>

<script language="vbscript">


'*****************************************************************************************************

' Declarations

'*****************************************************************************************************


Option explicit

Public AllowedUsers,logFile,logFile2

Public adminuser,hashfileexe,hashinfile,hashoutfile

Public objFSO,curstatus,hashfail,objnet,oShell,PathToLogs

Public datedfolder,inlogFile,outlogFile,Configs,mappingPath,commWs

Public errflg, curuserl

Public logfilearr, logproc

Public hashlistshort, hashlistfull, prochashes, systhashes

Set oShell = CreateObject("WScript.Shell")

Set objNet = CreateObject("WScript.Network")

Set objFSO = CreateObject("Scripting.FileSystemObject")

curuserl = objnet.UserDomain & "\" & objnet.UserName

public radbutact

radbutact = ""

logfilearr=Array(1)

Dim inipath, Root_Server

Root_Server = "\\root_server"

inipath = Root_Server & "\hta.cfg"


'*****************************************************************************************************

' Users

'*****************************************************************************************************


adminuser = ReadIni("Users", "Admin")

AllowedUsers=Array(adminuser)


'*****************************************************************************************************

' Paths

'*****************************************************************************************************


logproc = ReadIni("Paths", "HTA_Log")

hashfileexe = ReadIni("Files", "hashfileexe")

hashinfile = ReadIni("Files", "hashinfile")

hashoutfile = ReadIni("Files", "hashoutfile")

hashlistshort = ReadIni("Files", "hashlistshort")

hashlistfull = ReadIni("Files", "hashlistfull")

prochashes = ReadIni("Files", "prochashes") & objNet.ComputerName & ".txt"

systhashes = ReadIni("Files", "systhashes") & objNet.ComputerName & ".txt"


'*****************************************************************************************************

' Functions

'*****************************************************************************************************

'%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

' INI reader

'%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


Function ReadIni(mySection, myKey)

' This function returns a value read from an INI file

'

' Arguments:

' mySection [string] the section in the INI file to be searched

' myKey [string] the key whose value is to be returned

'

' Returns:

' the [string] value for the specified key in the specified section

Dim intEqualPos

Dim objIniFile

Dim strFilePath, strKey, strLeftString, strLine, strSection

Set objFSO = CreateObject( "Scripting.FileSystemObject" )

ReadIni = ""

strFilePath = Trim( inipath )

strSection = Trim( mySection )

strKey = Trim( myKey )

If objFSO.FileExists( strFilePath ) Then

Set objIniFile = objFSO.OpenTextFile( strFilePath, 1, False )

Do While objIniFile.AtEndOfStream = False

strLine = Trim( objIniFile.ReadLine )

' Check if section is found in the current line

If LCase( strLine ) = "[" & LCase( strSection ) & "]" Then

strLine = Trim( objIniFile.ReadLine )

' Parse lines until the next section is reached

Do While Left( strLine, 1 ) <> "["

' Find position of equal sign in the line

intEqualPos = InStr( 1, strLine, "=", 1 )

If intEqualPos > 0 Then

strLeftString = Trim( Left( strLine, intEqualPos - 1 ) )

' Check if item is found in the current line

If LCase( strLeftString ) = LCase( strKey ) Then

ReadIni = Trim( Mid( strLine, intEqualPos + 1 ) )

' Abort loop when item is found

Exit Do

End If

End If

' Abort if the end of the INI file is reached

If objIniFile.AtEndOfStream Then Exit Do

' Continue with next line

strLine = Trim( objIniFile.ReadLine )

Loop

Exit Do

End If

Loop

objIniFile.Close

Else

ReadIni = ""

End If

End Function


'%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

' User check

'%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


Function UserCheck(Somestring)

Dim iLoop, bolFound

bolFound = False


For iLoop = LBound(AllowedUsers) to UBound(AllowedUsers)

If CStr(AllowedUsers(iLoop)) = CStr(SomeString) then

bolFound = True

Exit For

End If

Next

if bolFound=False Then

msgbox "Script is being run under non-allowed user!" & vbCRLF & "Script will exit!", 16, "Wrong user!"

window.close

End if


End Function


'%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

' Hash update

'%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


function hashupdate(hashlist, hashtoup)

dim failedfiles, itterh, flog, strnextline, infile, check, flog2, hashline, flog3

failedfiles = ""

itterh = 1

if objFSO.fileexists(hashtoup) Then

objFSO.DeleteFile hashtoup,1

end if

Set fLog=objFSO.openTextfile(hashlist)

Do Until fLog.AtEndOfStream

strNextLine = fLog.Readline

if Len(strNextLine)>0 then

if objFSO.fileexists(strNextLine) Then

statusbar.value = "Hashing " & strNextLine

set inFile=objFSO.CreateTextfile(hashinfile,true)

inFile.WriteLine strNextLine

inFile.Close

check=oShell.Run(hashfileexe & " -F " & hashinfile & " " & hashoutfile, 0, True)

if check=0 then

objFSO.DeleteFile hashinfile,1

Set fLog2=objFSO.openTextfile(hashoutfile, 1, false, 0)

hashline = fLog2.readline & ","

hashline = hashline & fLog2.readline

flog2.close

objFSO.DeleteFile hashoutfile,1

set fLog3=objFSO.openTextfile(hashtoup, 8, true, 0)

flog3.writeline hashline

flog3.close

call writeinfile (logproc & Year(Now()) & Right("0" &Month(Now()),2) & Right("0" & Day(Now()), 2) & ".log", "[HashOK ] [" & Right("00" & Hour(time()), 2) & ":" & Right("00" & Minute(time()), 2) & ":" & Right("00" & Second(time()), 2) & ":" & Right("0" & replace(cstr(timer * 100), ",", "0"), "2") & "] [" & objNet.ComputerName & "] [" & curuserl & "] " & strNextLine & " successfully hashed", strNextLine & " successfully hashed", 8, 0)

Else

call writeinfile (logproc & Year(Now()) & Right("0" &Month(Now()),2) & Right("0" & Day(Now()), 2) & ".log", "[HashErr] [" & Right("00" & Hour(time()), 2) & ":" & Right("00" & Minute(time()), 2) & ":" & Right("00" & Second(time()), 2) & ":" & Right("0" & replace(cstr(timer * 100), ",", "0"), "2") & "] [" & objNet.ComputerName & "] [" & curuserl & "] " & strNextLine & " failed to get hashed", strNextLine & " failed to get hashed", 8, 0)

If (itterh Mod 2) = 0 Then

failedfiles = failedfiles & strNextLine & vbcrlf

else

failedfiles = failedfiles & strNextLine & "; "

end if

itterh = itterh + 1

End if

else

call writeinfile (logproc & Year(Now()) & Right("0" &Month(Now()),2) & Right("0" & Day(Now()), 2) & ".log", "[HashWar] [" & Right("00" & Hour(time()), 2) & ":" & Right("00" & Minute(time()), 2) & ":" & Right("00" & Second(time()), 2) & ":" & Right("0" & replace(cstr(timer * 100), ",", "0"), "2") & "] [" & objNet.ComputerName & "] [" & curuserl & "] " & strNextLine & " was not found", strNextLine & " was not found", 8, 0)

End if

End If

Loop

fLog.close

if failedfiles = "" then

hashupdate=true

else

msgbox "Following files failed to get hashed! Note, that list may be incomplete. For complete list refer to log (HashErr and HashWar message types)" & vbcrlf & vbcrlf & failedfiles, vbCritical, "Error"

hashupdate=false

end if

end function


'%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

' Writing to file

'%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


Function writeinfile(logfile, logline, gui, append, msgtype)

On Error Resume Next

If cstr(gui) = "1" Then

statusbar.value = logline

elseif cstr(gui) = "0" Then

'Do Nothing

else

statusbar.value = gui

End if

On Error GoTo 0

dim flog

Set fLog=objFSO.openTextfile(logfile, append, true)

fLog.WriteLine logline

fLog.close

On Error Resume Next

if cstr(gui) <> "0" Then

if msgtype = 1 Then

msgbox statusbar.value, vbOKOnly+vbInformation, "Info"

elseif msgtype = 2 Then

msgbox statusbar.value, vbOKOnly+vbExclamation, "Warning"

elseif msgtype = 3 Then

msgbox statusbar.value, vbOKOnly+vbCritical, "Error"

End if

End if

On Error GoTo 0

End Function



'*****************************************************************************************************

' GUI drawing / Start page

'*****************************************************************************************************


Function CreateStartPage()

dim i,HTML

HTML = "<TABLE cellSpacing=0 cellPadding=7 style=""border: ridge 3px"" id = 'tbl'><tr><td unselectable='on' onselectstart='return false;' onmousedown='return false;' colspan=2><center><h2>Launcher v4.0<br>Hash updater</h2></center></td></tr>"

HTML = HTML & "<tr><td colspan=2><center><input style=""background=#F8F8FF;"" type=""text"" name=""statusbar"" id=""statusbar"" size=""125%"" value=""Idle..."" readonly></center>"

HTML = HTML & "</td></tr></table>"

astra_page.innerHTML = HTML

End Function



'*****************************************************************************************************

' Onload operations

'*****************************************************************************************************


On Error Resume Next

dim objWMISvc, colItems, objItem

Set objWMISvc = GetObject( "winmgmts:\\.\root\cimv2" )

Set colItems = objWMISvc.ExecQuery( "Select * from Win32_ComputerSystem", , 48 )

For Each objItem in colItems

userCurrent = objItem.UserName

call writeinfile (HTA_Log & dateyyymmdd() & ".log", "[Info ]" & logstartline() & "Launcher launched with " & objItem.UserName & " as Windows' user", 0, ForAppending, 0)

Next

Dim objService, Process, Process2, Process3, strNameOfUser, Return, iLoop, processtokill

call writeinfile (HTA_Log & dateyyymmdd() & ".log", "[Info ]" & logstartline() & "Launcher launched with " & objnet.UserDomain & "\" & objnet.UserName & " as active user", 0, ForAppending, 0)

set objService = getobject("winmgmts:")

call writeinfile (HTA_Log & dateyyymmdd() & ".log", "[Info ]" & logstartline() & "Checking for killable parent processes...", 0, ForAppending, 0)

for each Process in objService.InstancesOf("Win32_process")

If Process.name = "mshta.exe" Then

Return = Process.GetOwner(strNameOfUser)

if return = 0 Then

For iLoop = LBound(AllowedUsers) to UBound(AllowedUsers)

If CStr(AllowedUsers(iLoop)) = CStr(strNameOfUser) then

processtokill=Process.ParentProcessid

Exit For

End If

Next

End if

for each Process2 in objService.InstancesOf("Win32_process")

If Process2.ProcessId = processtokill And Process2.Name = "cmd.exe" Then

call writeinfile (HTA_Log & dateyyymmdd() & ".log", "[Action ]" & logstartline() & "Killing " & Process2.Name & " with ID=" & Process2.ProcessId, 0, ForAppending, 0)

Process2.Terminate

call writeinfile (HTA_Log & dateyyymmdd() & ".log", "[OK ]" & logstartline() & "Kill confirmed for " & Process2.Name & " with ID=" & Process2.ProcessId, 0, ForAppending, 0)

exit for

End if

next

End If

Next

On Error Goto 0

call writeinfile (logproc & Year(Now()) & Right("0" &Month(Now()),2) & Right("0" & Day(Now()), 2) & ".log", "[Info ] [" & Right("00" & Hour(time()), 2) & ":" & Right("00" & Minute(time()), 2) & ":" & Right("00" & Second(time()), 2) & ":" & Right("0" & replace(cstr(timer * 100), ",", "0"), "2") & "] [" & objNet.ComputerName & "] [" & curuserl & "] Checking user...", 0, 8, 0)

UserCheck(objnet.UserName)

call writeinfile (logproc & Year(Now()) & Right("0" &Month(Now()),2) & Right("0" & Day(Now()), 2) & ".log", "[Info ] [" & Right("00" & Hour(time()), 2) & ":" & Right("00" & Minute(time()), 2) & ":" & Right("00" & Second(time()), 2) & ":" & Right("0" & replace(cstr(timer * 100), ",", "0"), "2") & "] [" & objNet.ComputerName & "] [" & curuserl & "] Checking workstation...", 0, 8, 0)


'*****************************************************************************************************

' End of scripts, start of HTML code

'*****************************************************************************************************

</script>



<style>

body {

font: 10pt Tahoma;

color: #000000;

background-color:#e4eae4;

-webkit-touch-callout: none;

-webkit-user-select: none;

-khtml-user-select: none;

-moz-user-select: none;

-ms-user-select: none;

user-select: none;

cursor: default;

}

table {

font: 10pt Tahoma;

color: #000000;

background-color:#e4eae4;

}

INPUT {

font: 10pt Tahoma;

color:#000000;

}

</style>



<HTA:APPLICATION ID="noApp" APPLICATIONNAME="Launcher" BORDER="thin" CAPTION="yes" ICON="app.ico"

SHOWINTASKBAR="yes" SINGLEINSTANCE="yes" SYSMENU="yes" WINDOWSTATE="normal" SCROLL="yes" SCROLLFLAT="no"

VERSION="4.0" INNERBORDER="yes" SELECTION="yes" MAXIMIZEBUTTON="no" MINIMIZEBUTTON="no" NAVIGABLE="no"

CONTEXTMENU="no" BORDERSTYLE="normal">

</head>


<body onkeydown="cobswitch()">

<center><div id = "astra_page" name = "astra_page"></div></center>

<script language = "vbscript" >

CreateStartPage()

Dim content

Set content = document.getElementById("tbl")

window.resizeTo content.offsetWidth * 1.1, content.offsetHeight + 75

call hashupdate(hashlistshort, prochashes)

call hashupdate(hashlistfull, systhashes)

if objFSO.fileexists(prochashes) and objFSO.fileexists(systhashes) Then

call writeinfile (logproc & Year(Now()) & Right("0" &Month(Now()),2) & Right("0" & Day(Now()), 2) & ".log", "[OK ] [" & Right("00" & Hour(time()), 2) & ":" & Right("00" & Minute(time()), 2) & ":" & Right("00" & Second(time()), 2) & ":" & Right("0" & replace(cstr(timer * 100), ",", "0"), "2") & "] [" & objNet.ComputerName & "] [" & curuserl & "] Hash update completed", "Hash update successful!", 8, 1)

else

call writeinfile (logproc & Year(Now()) & Right("0" &Month(Now()),2) & Right("0" & Day(Now()), 2) & ".log", "[Warning] [" & Right("00" & Hour(time()), 2) & ":" & Right("00" & Minute(time()), 2) & ":" & Right("00" & Second(time()), 2) & ":" & Right("0" & replace(cstr(timer * 100), ",", "0"), "2") & "] [" & objNet.ComputerName & "] [" & curuserl & "] Hash update completed", "Some hash-lists were not created during update! Refer to logs!", 8, 2)

end if

window.close

</script>

</body>

</html>


[Snippets]