The usage of VBScript in the detection and remediation section of a custom vulnerability add a lot of versatility to the vulnerability detection and remediation features of LANDesk enabling the user to perform complex tasks.
Time to time to decide if a vulnerability applies or to fix it may be necessary to download some 'helper' files on the client to perform some tasks.
Normally is possible to download the file in the remediation process but there are some limitation:
- The file to download will the unique and will be the file to be used to remediate the vulnerability.
- The file can be downloaded only during the reparation proces. And the reparation process happens only if the device is vulnerable.
But what if the file is needed to decide if the device is vulnerable?
Having one or more files downloaded outside the remediation process can be handy in these example situation:
- The file is needed to make a comparison between the file present on the device.
- The file is a DLL that we want to register on the client and then use through the script. (with CreateObject and then calling its methods)
To download files outside the remediation process we need to use there three function predefined in the VBScript engine used in LANDesk:
- GetFileHashCoreString GetFileHashCore(String filename)
String GetFileHashLocal(String filename)
Boolean DownloadFile(String httpsource, String destinationPath, string hash)
NOTE: *VBScript is not a 'strongly typed' language but the definition used above is only to clarify the data type to use for the parameters
GetFileHashCore: returns the hash of the file, passed as argument, that resides on the Core server.
The file needs to be located in the ldlogon share.
We will need to use the hash obtained to invoke the DownloadFile function.
GetFileHashLocal: returns the hash of a file, passed as argument, that resides on the local client.
We can use the hash returned to compare it with the hash of the file on the core so we can decide if the files differs and if if necessary to download the file that is on the core.
DownloadFile: downloads a file from a URL to a destination and compares the hash of the file to determine if the download was successful.
It accepts three parameters and all of them are mandatory:
- httpsource: is a string that represent the URL of the file to download (ex: http://mycore/ldlogon/myfile.exe )
- destinationPath: is a string the represent the complete path and file name where the file needs to be saved (ex: c:\mylocation\myfile.exe)
- hash: is a string that represent the hash of the file. We need to obtain it through the function GetFileHashCore
Sub DownloadMyFile Dim hash, httpSource, destinationPath, localHash remoteHash=GetFileHashCore("myfile.exe") localHash=GetFileHashLocal("c:\mydir\myfile.exe") 'Is the local file hash the same of the remote file hash?? If remoteHash = localHash Then 'no need to download then... Log "the file is already ok" Else httpSource = "http://mycore/ldlogon/myfile.exe" downloadStatus=DownloadFile(httpSource,"c:\mydir\myfile.exe",remoteHash) if downloadStatus = True Log "Download succeded" Else Log "Download unsuccessfull" End if End if
After adding the file(s) needed in the ldlogon share, to force the calculation of the hash of them press the button "Rebuild all" in the Agent Configuration window.
To have more information on how to use the scripting in the Patch Installation & Removal (repair) section of a Custom Vulnerability please refer to this community article:
To have information on how to use VBScript in the detection logic of a Custom Vulnerability please refer to this article: