Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
[windows上检查MS13-098是否已修复] #golang
// CheckWintrustConfig check if MS13-098 fix is not installed (KB2893294),
// Keep in mind IT COULD BE INSTALLED BUT REGISTRY KEYS ARE NOT PROPERLY SET, WHICH RENDERS THE PATCH USELESS
func CheckWintrustConfig() (bool, error) {
var _check = false
pSubkey1, err := syscall.UTF16PtrFromString(`\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config`)
if err != nil {
return false, err
}
pSubkey2, err := syscall.UTF16PtrFromString(`\Software\Microsoft\Cryptography\Wintrust\Config`)
if err != nil {
return false, err
}
var h windows.Handle
if errors.Is(windows.RegOpenKeyEx(windows.HKEY_LOCAL_MACHINE, pSubkey1, 0, windows.KEY_READ, &h), windows.ERROR_SUCCESS) ||
errors.Is(windows.RegOpenKeyEx(windows.HKEY_LOCAL_MACHINE, pSubkey2, 0, windows.KEY_READ, &h), windows.ERROR_SUCCESS) {
var dwType uint32
name, err := syscall.UTF16PtrFromString(`EnableCertPaddingCheck`)
if err != nil {
return false, err
}
if _nResult := windows.RegQueryValueEx(h, name, nil, &dwType, nil, nil); _nResult == windows.ERROR_SUCCESS {
_check = true
}
windows.RegCloseKey(h)
}
return _check, nil
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment