Project: WinSec (Firefly) Alpha 1 Timothy Ferro http://anchuan.org Table of Contents 1. Legal 2. Overview 3. Code a. Forms/Modules b. Menus/Buttons/Options c. Functions d. Variables e. Output 4. Help 1. Legal Project: WinSec (Firefly) WinSec (Firefly) checks for and applies Microsoft© Windows© updates automatically. Copyright © 2006 Timothy Ferro. http://www.timferro.com, http://www.anchuan.org. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. http://www.gnu.org/copyleft/gpl.html 2. Overview Project WinSec, codenamed Firefly, is a GNU GPL licensed security program for checking and applying Microsoft© Windows© updates automatically. The program is written using Microsoft© Visual Studios© .NET 2005. The language chosen for this project is Visual Basic .NET 2005. The development environment is Microsoft© Windows© Server 2003. The program, however, will secure both Microsoft© Windows© Server 2003 and Microsoft© Windows© XP. This is done for 2 reasons, 1. These are the 2 main operating systems in use right now, and will continue to be for quite a while, and 2. The author has already authored a program that does this for Microsoft© Windows© 2000 and its code is not owned by the author. The author, Timothy Ferro, of http://www.timferro.com and http://www.anchuan.org has extensive experience in the area of computer security. Please consult his personal website for a list of certifications. This project is the author.s first open source program. All comments, criticisms, etc. are greatly encouraged. Email to anchuan.org@gmail.com or use the forums on sourceforge.net for this project. This program, basically, determines the operating system of the user. Then checks for all Microsoft© Windows© updates that need to be applied. Then checks if the updates are available and finally attempts to apply the updates properly. The updates need to be downloaded by the user and stored on in the same location as the executable in a folder with the name of the KB number associated with the update from Microsoft. The author of this program will not redistribute ANY proprietary patches without explicit written permission. Patches without KB numbers will be included in a help section to tell the user what folder name to use. 3. Code a. Forms and Modules Form1 is the main form of this project. Visually it includes a main menu, 2 buttons (check and exit), the apply updates option, a text box that shows output, and other information about the project with a picture. The global variables are declared at the top while local variables are declared throughout the code. Next is the .onload. section. This is the code that runs when the executable is first executed. This code gets and sets some variables, changes screen output, and determines where it is running from. Mod1 is currently the only module associated with this project. Its main purpose is for registry interaction. Right now it can only read and set registry values but more functions are in the works. b. Menus, Buttons, and Options The main menu currently has only 2 choices: file and help. The file choice only has 1 option: exit. The help choice only has 1 option: about. About displays basic information about the program: name, license, version, author, etc. The option apply updates is a check box which tells the program whether or not to apply the missing updates, when the check button is pressed. The check button is the main button for this program. It checks for all Microsoft© Windows© updates that need to be applied and in conjunction with the check box, applies the updates. Upon click, the program first sets the output string that is displayed, then it checks the apply updates check box. Finally it uses a case statement to determine what operating system is running on the host computer and then it calls the appropriate functions. c. Functions The functions are listed in the order that they appear in the code. Private Function apply(ByVal kbnum As String) If apply updates is set to true then this function parses, what will be a long case statement for the corresponding Microsoft© KB number. When it finds the number it then calls the exec function to apply the update. Then it calls the status function to out put the status as having now been applied. If apply updates is set to false then this function does nothing. Private Function execs(ByVal kbnum As String, ByVal exec As String, ByVal params As String) This is the function that gets called to actually execute the update executable file with all the proper parameters or with no parameters if .none. is passed in as the parameter variable. Private Function compare(ByVal str1 As String) Compares the passed in variable str1 to the variable var that is in Mod1. Private Function status(ByVal kbnum As String, ByVal statuschk As String) This function is called with the status of each update. It appends the output string with the status. If the status is .not. then it calls the function apply. Private Function oscheck() This function gets the host computer name then sends it through a case statement to truncate it down to either .Microsoft Windows Server 2003. or .Microsoft Windows XP.. If it does not recognize the operating system then it disables the ability to apply the updates as this may cause harm to the host computer. Private Function winxp() If the host computer is running Windows XP then this function is called to check each Windows XP update and call the status function for each. Private Function win2k3() If the host computer is running Windows 2003 then this function is called to check each Windows 2003 update and call the status function for each. Private Function com() To eliminate redundancy, this function exists to call all updates that are common to both operating systems, Microsoft only though. Examples include Internet Explorer©, and the malware removal tool. Private Function other() To eliminate redundancy, this function exists to call all updates that are common to both operating systems, not Microsoft updates. Examples include Firefox and Antivirus. Private Function filecheck(ByVal id As String) Currently only checks each update to see if the folder with the corresponding KB number exists. It is called for each update so it will do more in the future. Private Function getver(ByVal file As String, ByVal ver As Integer) Gets the version number of a file, file, and compares it to a passed in integer, ver. Private Function writefile(ByVal filename As String, ByVal words As String) Accepts the file name, filename, and words, words, to write to the file and creates the file with the words passed in. Private Function prereq() This function checks for prerequisite requirements for this program to function properly. The prerequisites are all major releases of Microsoft products, ex. Internet Explorer 6, the latest service packs, Media Player 10, etc. d. Variables Dim names As String = "WinSec (Alpha 0)" 'Program name and developement version Dim version As String = "0.0.1" 'Developement version number Dim logfile As String = "c:\winsec.log" 'Logfile where output is written Dim applyupdates As Boolean = False 'Set by apply update check box Dim comp As String 'Computer name Dim dates As Date = Now 'Current date and time Dim output As String 'Output string Dim val As String 'Used in the compare function Dim os As String 'Operating System name Dim compares As Boolean = False 'Used in the compare function Dim dlet As String 'Drive letter and path to wherer the program and updates reside e. Output This program outputs the string variable output to the textbox and to the file .c:\winsec.log.. It will contain information about all the updates that could apply to the host machine. 4. Help The basic framework is set for this program to work. It is completely non-functional right now, though, as no updates are being checked for. The checks being done are for testing purposes only. The program needs work in the following areas: 1. Major help is needed to research each and every update that needs to be applied to both operating systems. Assume that the latest service pack is installed as the program will check for that first then apply it if needed. We now have a developer that is concentrating on the Microsoft updates. Other developers are now being called for to try out. 2. The Mod1 module needs some work in dealing with registry entries. The delete does not work and anything else that can be done should be in there. 3. The program does not take in any parameters to work in a script. If this program could be modified to take in variables either for command line or just to automate something, this would be useful. 4. Other security checks outside of Microsoft updates can also be included, such as: Antivirus, Office, Firefox, Media Player etc. 5. For release 2.0, the program should be able to automatically download the needed, or all, patches for each system. Although derivative works are both allowed and flattering, the author requests that updates made to this program are also sent to him so that they may be reviewed and possibly included in future releases.