Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Windows file Checksums
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Created
Created
Modified
Modified
Summary
Checks the checksums (MD5 or SHA1) of specified files in Windows
Detection Method
Detection Method
This script transfers the application rehash.exe v0.2 to the target encoded in a VB Script. This is done via a WMI connection (win_cmd_exec()) as Base64 code. The script will then execute the VB Script over WMI, with the command 'cscript //nologo %temp%\\greenbone_base64_to_exe.vbs' to decode the Base64 code of the rehash.exe program. After decoding the VB Script will be deleted with the command 'del %temp%\\greenbone_base64_to_exe.vbs'. Subsequently, the application rehash.exe will be started. It will verify checksums based on the data supplied through the option 'Target checksum File'. If configured, the application rehash.exe will be deleted afterwards with the command 'del rehash.exe'. License of the application rehash.exe: BSD 2-Clause License Sourcecode and Binary for the application rehash.exe are linked within the references.