Forgotten Scripts

This content 3 years old. Please, read this page keeping its age in mind along with the fact technology changes fast and the information on this page me be outdated, not best practice, or plain wrong.

Came across a script I wrote some time ago. Sitting there in my user directory was patch.cmd. As I find my scripts, I’m putting them in Git for historical purposes… and for a good laugh.

What in the actual fuck are you, patch.cmd? –Rich

One thing I learned;  document the damn things.  I had no idea what this was, but I knew it was mine because of some of the commentary in the batch script.

Anyway, this script was used to patch atmfd.dll (see: MS15-078 Bulletin).

@echo off

if NOT %~n0==patch IF NOT %~n0==unpatch goto FAILINIT

reg Query HKLMHardwareDescriptionSystemCentralProcessor | find /i x86 > NUL && set ARCH=32BIT || set ARCH=64BIT

for /f tokens=2* %%a in ('REG QUERY HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersion /v CurrentVersion') do set WINV=%%~b

REM Operating system              Version number
REM ----------------------------  --------------
REM Windows 10 Tech.Preview       10.0
REM Windows Server Techn.Preview  10.0
REM Windows 8.1                    6.3
REM Windows Server 2012 R2         6.3
REM Windows 8                      6.2
REM Windows Server 2012            6.2
REM Windows 7                      6.1
REM Windows Server 2008 R2         6.1
REM Windows Server 2008            6.0
REM Windows Vista                  6.0
REM Windows Server 2003 R2         5.2
REM Windows Server 2003            5.2
REM Windows XP 64-Bit Edition      5.2
REM Windows XP                     5.1
REM Windows 2000                   5.0


REM check to see if goto label is there.  if it's not, then we're not on a supported
REM system or Rich is a dork.
findstr /r /i /c:^:%~n0_%WINV%_%ARCH% %0>nul
if errorlevel 1 (
echo.
echo Looks like this system is not supported.  %ARCH% - Windows - %WINV%
goto EOF
)


goto %~n0_%WINV%_%ARCH%

REM catchall - shouldn't get here.
goto EOF

pause

:patch_6.0_32BIT
goto patch_1_32BIT

:patch_6.0_64BIT
goto patch_1_64BIT

:patch_6.1_32BIT
goto patch_1_32BIT

:patch_6.1_64BIT
goto patch_1_64BIT

:patch_6.2_32BIT
goto patch_2_32BIT

:patch_6.2_64BIT
goto patch_2_64BIT

:patch_6.3_32BIT
goto patch_2_32BIT

:patch_6.3_64BIT
goto patch_2_64BIT

:patch_10.0_32BIT
goto patch_2_32BIT

:patch_10.0_64BIT
goto patch_2_64BIT

REM unpatch routines

:unpatch_6.0_32BIT
goto unpatch_1_32BIT

:unpatch_6.0_64BIT
goto unpatch_1_64BIT

:unpatch_6.1_32BIT
goto unpatch_1_32BIT

:unpatch_6.1_64BIT
goto unpatch_1_64BIT

:unpatch_6.2_32BIT
goto unpatch_2_32BIT

:unpatch_6.2_64BIT
goto unpatch_2_64BIT

:unpatch_6.3_32BIT
goto unpatch_2_32BIT

:unpatch_6.3_64BIT
goto unpatch_2_64BIT

:unpatch_10.0_32BIT
goto unpatch_2_32BIT

:unpatch_10.0_64BIT
goto unpatch_2_64BIT



:patch_1_32BIT
cd %windir%system32
takeown.exe /f atmfd.dll
icacls.exe atmfd.dll /save atmfd.dll.acl
icacls.exe atmfd.dll /grant Administrators:(F)
rename atmfd.dll x-atmfd.dll
echo.
echo Done patching Windows %WINV% (%ARCH%)
echo.
goto EOF

:patch_1_64BIT
cd %windir%system32
takeown.exe /f atmfd.dll
icacls.exe atmfd.dll /save atmfd.dll.acl
icacls.exe atmfd.dll /grant Administrators:(F)
rename atmfd.dll x-atmfd.dll
cd %windir%syswow64
takeown.exe /f atmfd.dll
icacls.exe atmfd.dll /save atmfd.dll.acl
icacls.exe atmfd.dll /grant Administrators:(F)
rename atmfd.dll x-atmfd.dll
echo.
echo Done patching Windows %WINV% (%ARCH%)
echo.
goto EOF

:patch_2_32BIT
REM I'm not using the registry modification - I planned to, but backed out.  I'll
REM stick to just renaming the file for now.
goto patch_1_32BIT

:patch_2_64BIT
REM I'm not using the registry modification - I planned to, but backed out.  I'll
REM stick to just renaming the file for now.
goto patch_1_64BIT

REM unpatch routines

:unpatch_1_32BIT
cd %windir%system32
rename x-atmfd.dll atmfd.dll
icacls.exe atmfd.dll /setowner NT SERVICETrustedInstaller
icacls.exe . /restore atmfd.dll.acl
echo.
echo Done unpatching Windows %WINV% (%ARCH%)
echo.
goto EOF

:unpatch_1_64BIT
cd %windir%system32
rename x-atmfd.dll atmfd.dll
icacls.exe atmfd.dll /setowner NT SERVICETrustedInstaller
icacls.exe . /restore atmfd.dll.acl
cd %windir%syswow64
rename x-atmfd.dll atmfd.dll
icacls.exe atmfd.dll /setowner NT SERVICETrustedInstaller
icacls.exe . /restore atmfd.dll.acl
echo.
echo Done unpatching Windows %WINV% (%ARCH%)
echo.
goto EOF

:unpatch_2_32BIT
REM I'm not using the registry modification - I planned to, but backed out.  I'll
REM stick to just renaming the file for now.
goto unpatch_1_32BIT

:unpatch_2_64BIT
REM I'm not using the registry modification - I planned to, but backed out.  I'll
REM stick to just renaming the file for now.
goto unpatch_1_64BIT

:FAILINIT
echo Script needs to be named patch or unpatch.

:EOF

Speak Your Mind

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.