Forgotten Scripts

Came across a script I wrote some time ago. Sitting there in my user directory was patch.cmd. As I find my scripts, I’m putting them in Git for historical purposes… and for a good laugh.

What in the actual fuck are you, patch.cmd? –Rich

One thing I learned;  document the damn things.  I had no idea what this was, but I knew it was mine because of some of the commentary in the batch script.

Anyway, this script was used to patch atmfd.dll (see: MS15-078 Bulletin).

@echo off

if NOT %~n0==patch IF NOT %~n0==unpatch goto FAILINIT

reg Query HKLMHardwareDescriptionSystemCentralProcessor | find /i x86 > NUL && set ARCH=32BIT || set ARCH=64BIT

for /f tokens=2* %%a in ('REG QUERY HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersion /v CurrentVersion') do set WINV=%%~b

REM Operating system              Version number
REM ----------------------------  --------------
REM Windows 10 Tech.Preview       10.0
REM Windows Server Techn.Preview  10.0
REM Windows 8.1                    6.3
REM Windows Server 2012 R2         6.3
REM Windows 8                      6.2
REM Windows Server 2012            6.2
REM Windows 7                      6.1
REM Windows Server 2008 R2         6.1
REM Windows Server 2008            6.0
REM Windows Vista                  6.0
REM Windows Server 2003 R2         5.2
REM Windows Server 2003            5.2
REM Windows XP 64-Bit Edition      5.2
REM Windows XP                     5.1
REM Windows 2000                   5.0


REM check to see if goto label is there.  if it's not, then we're not on a supported
REM system or Rich is a dork.
findstr /r /i /c:^:%~n0_%WINV%_%ARCH% %0>nul
if errorlevel 1 (
echo.
echo Looks like this system is not supported.  %ARCH% - Windows - %WINV%
goto EOF
)


goto %~n0_%WINV%_%ARCH%

REM catchall - shouldn't get here.
goto EOF

pause

:patch_6.0_32BIT
goto patch_1_32BIT

:patch_6.0_64BIT
goto patch_1_64BIT

:patch_6.1_32BIT
goto patch_1_32BIT

:patch_6.1_64BIT
goto patch_1_64BIT

:patch_6.2_32BIT
goto patch_2_32BIT

:patch_6.2_64BIT
goto patch_2_64BIT

:patch_6.3_32BIT
goto patch_2_32BIT

:patch_6.3_64BIT
goto patch_2_64BIT

:patch_10.0_32BIT
goto patch_2_32BIT

:patch_10.0_64BIT
goto patch_2_64BIT

REM unpatch routines

:unpatch_6.0_32BIT
goto unpatch_1_32BIT

:unpatch_6.0_64BIT
goto unpatch_1_64BIT

:unpatch_6.1_32BIT
goto unpatch_1_32BIT

:unpatch_6.1_64BIT
goto unpatch_1_64BIT

:unpatch_6.2_32BIT
goto unpatch_2_32BIT

:unpatch_6.2_64BIT
goto unpatch_2_64BIT

:unpatch_6.3_32BIT
goto unpatch_2_32BIT

:unpatch_6.3_64BIT
goto unpatch_2_64BIT

:unpatch_10.0_32BIT
goto unpatch_2_32BIT

:unpatch_10.0_64BIT
goto unpatch_2_64BIT



:patch_1_32BIT
cd %windir%system32
takeown.exe /f atmfd.dll
icacls.exe atmfd.dll /save atmfd.dll.acl
icacls.exe atmfd.dll /grant Administrators:(F)
rename atmfd.dll x-atmfd.dll
echo.
echo Done patching Windows %WINV% (%ARCH%)
echo.
goto EOF

:patch_1_64BIT
cd %windir%system32
takeown.exe /f atmfd.dll
icacls.exe atmfd.dll /save atmfd.dll.acl
icacls.exe atmfd.dll /grant Administrators:(F)
rename atmfd.dll x-atmfd.dll
cd %windir%syswow64
takeown.exe /f atmfd.dll
icacls.exe atmfd.dll /save atmfd.dll.acl
icacls.exe atmfd.dll /grant Administrators:(F)
rename atmfd.dll x-atmfd.dll
echo.
echo Done patching Windows %WINV% (%ARCH%)
echo.
goto EOF

:patch_2_32BIT
REM I'm not using the registry modification - I planned to, but backed out.  I'll
REM stick to just renaming the file for now.
goto patch_1_32BIT

:patch_2_64BIT
REM I'm not using the registry modification - I planned to, but backed out.  I'll
REM stick to just renaming the file for now.
goto patch_1_64BIT

REM unpatch routines

:unpatch_1_32BIT
cd %windir%system32
rename x-atmfd.dll atmfd.dll
icacls.exe atmfd.dll /setowner NT SERVICETrustedInstaller
icacls.exe . /restore atmfd.dll.acl
echo.
echo Done unpatching Windows %WINV% (%ARCH%)
echo.
goto EOF

:unpatch_1_64BIT
cd %windir%system32
rename x-atmfd.dll atmfd.dll
icacls.exe atmfd.dll /setowner NT SERVICETrustedInstaller
icacls.exe . /restore atmfd.dll.acl
cd %windir%syswow64
rename x-atmfd.dll atmfd.dll
icacls.exe atmfd.dll /setowner NT SERVICETrustedInstaller
icacls.exe . /restore atmfd.dll.acl
echo.
echo Done unpatching Windows %WINV% (%ARCH%)
echo.
goto EOF

:unpatch_2_32BIT
REM I'm not using the registry modification - I planned to, but backed out.  I'll
REM stick to just renaming the file for now.
goto unpatch_1_32BIT

:unpatch_2_64BIT
REM I'm not using the registry modification - I planned to, but backed out.  I'll
REM stick to just renaming the file for now.
goto unpatch_1_64BIT

:FAILINIT
echo Script needs to be named patch or unpatch.

:EOF

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.