Category Archives: Scripting

Forgotten Scripts

Came across a script I wrote some time ago. Sitting there in my user directory was patch.cmd. As I find my scripts, I’m putting them in Git for historical purposes… and for a good laugh.

What in the actual fuck are you, patch.cmd? –Rich

One thing I learned;  document the damn things.  I had no idea what this was, but I knew it was mine because of some of the commentary in the batch script.

Anyway, this script was used to patch atmfd.dll (see: MS15-078 Bulletin).

@echo off

if NOT "%~n0"=="patch" IF NOT "%~n0"=="unpatch" goto FAILINIT

reg Query "HKLM\Hardware\Description\System\CentralProcessor\0" | find /i "x86" > NUL && set ARCH=32BIT || set ARCH=64BIT

for /f "tokens=2*" %%a in ('REG QUERY "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v CurrentVersion') do set WINV=%%~b

REM Operating system              Version number
REM ----------------------------  --------------
REM Windows 10 Tech.Preview       10.0
REM Windows Server Techn.Preview  10.0
REM Windows 8.1                    6.3
REM Windows Server 2012 R2         6.3
REM Windows 8                      6.2
REM Windows Server 2012            6.2
REM Windows 7                      6.1
REM Windows Server 2008 R2         6.1
REM Windows Server 2008            6.0
REM Windows Vista                  6.0
REM Windows Server 2003 R2         5.2
REM Windows Server 2003            5.2
REM Windows XP 64-Bit Edition      5.2
REM Windows XP                     5.1
REM Windows 2000                   5.0


REM check to see if goto label is there.  if it's not, then we're not on a supported
REM system or Rich is a dork.
findstr /r /i /c:"^:%~n0_%WINV%_%ARCH%" %0>nul
if errorlevel 1 (
echo.
echo Looks like this system is not supported.  %ARCH% - Windows - %WINV%
goto EOF
)


goto %~n0_%WINV%_%ARCH%

REM catchall - shouldn't get here.
goto EOF

pause

:patch_6.0_32BIT
goto patch_1_32BIT

:patch_6.0_64BIT
goto patch_1_64BIT

:patch_6.1_32BIT
goto patch_1_32BIT

:patch_6.1_64BIT
goto patch_1_64BIT

:patch_6.2_32BIT
goto patch_2_32BIT

:patch_6.2_64BIT
goto patch_2_64BIT

:patch_6.3_32BIT
goto patch_2_32BIT

:patch_6.3_64BIT
goto patch_2_64BIT

:patch_10.0_32BIT
goto patch_2_32BIT

:patch_10.0_64BIT
goto patch_2_64BIT

REM unpatch routines

:unpatch_6.0_32BIT
goto unpatch_1_32BIT

:unpatch_6.0_64BIT
goto unpatch_1_64BIT

:unpatch_6.1_32BIT
goto unpatch_1_32BIT

:unpatch_6.1_64BIT
goto unpatch_1_64BIT

:unpatch_6.2_32BIT
goto unpatch_2_32BIT

:unpatch_6.2_64BIT
goto unpatch_2_64BIT

:unpatch_6.3_32BIT
goto unpatch_2_32BIT

:unpatch_6.3_64BIT
goto unpatch_2_64BIT

:unpatch_10.0_32BIT
goto unpatch_2_32BIT

:unpatch_10.0_64BIT
goto unpatch_2_64BIT



:patch_1_32BIT
cd "%windir%\system32"
takeown.exe /f atmfd.dll
icacls.exe atmfd.dll /save atmfd.dll.acl
icacls.exe atmfd.dll /grant Administrators:(F)
rename atmfd.dll x-atmfd.dll
echo.
echo Done patching Windows %WINV% (%ARCH%)
echo.
goto EOF

:patch_1_64BIT
cd "%windir%\system32"
takeown.exe /f atmfd.dll
icacls.exe atmfd.dll /save atmfd.dll.acl
icacls.exe atmfd.dll /grant Administrators:(F)
rename atmfd.dll x-atmfd.dll
cd "%windir%\syswow64"
takeown.exe /f atmfd.dll
icacls.exe atmfd.dll /save atmfd.dll.acl
icacls.exe atmfd.dll /grant Administrators:(F)
rename atmfd.dll x-atmfd.dll
echo.
echo Done patching Windows %WINV% (%ARCH%)
echo.
goto EOF

:patch_2_32BIT
REM I'm not using the registry modification - I planned to, but backed out.  I'll
REM stick to just renaming the file for now.
goto patch_1_32BIT

:patch_2_64BIT
REM I'm not using the registry modification - I planned to, but backed out.  I'll
REM stick to just renaming the file for now.
goto patch_1_64BIT

REM unpatch routines

:unpatch_1_32BIT
cd "%windir%\system32"
rename x-atmfd.dll atmfd.dll
icacls.exe atmfd.dll /setowner "NT SERVICE\TrustedInstaller"
icacls.exe . /restore atmfd.dll.acl
echo.
echo Done unpatching Windows %WINV% (%ARCH%)
echo.
goto EOF

:unpatch_1_64BIT
cd "%windir%\system32"
rename x-atmfd.dll atmfd.dll
icacls.exe atmfd.dll /setowner "NT SERVICE\TrustedInstaller"
icacls.exe . /restore atmfd.dll.acl
cd "%windir%\syswow64"
rename x-atmfd.dll atmfd.dll
icacls.exe atmfd.dll /setowner "NT SERVICE\TrustedInstaller"
icacls.exe . /restore atmfd.dll.acl
echo.
echo Done unpatching Windows %WINV% (%ARCH%)
echo.
goto EOF

:unpatch_2_32BIT
REM I'm not using the registry modification - I planned to, but backed out.  I'll
REM stick to just renaming the file for now.
goto unpatch_1_32BIT

:unpatch_2_64BIT
REM I'm not using the registry modification - I planned to, but backed out.  I'll
REM stick to just renaming the file for now.
goto unpatch_1_64BIT

:FAILINIT
echo Script needs to be named "patch" or "unpatch".

:EOF

Get All Virtual Machine Guest OS in Powershell

Continuing with learning some Powershell, I cooked this up which will connect to the vCenter server and get all the VM’s and list the name, operating system and power state.

foreach ($vm in get-vm) {
	$os=get-vmguest -vm $vm.name | 	where-object {$_.osfullname -ne $null} | select osfullname;
	write-host ($vm.name.tostring() + "," + $os.osfullname + "," + $vm.powerstate.tostring()) -ErrorAction silentlycontinue
}

Example Output

VM01,Microsoft Windows Server 2008 R2 (64-bit),PoweredOn
VM02,Microsoft Windows Server 2003 (32-bit),PoweredOn
VM03,Microsoft Windows Server 2008 R2 (64-bit),PoweredOn
VM04,Microsoft Windows Server 2003 (32-bit),PoweredOn