Fix-Summer-Of-Sam
Paquet d’installation silencieuse pour Fix-Summer-Of-Sam
1.0-3
- package: tis-fix-summer-of-sam
- name: Fix-Summer-Of-Sam
- version: 1.0-3
- maintainer: WAPT Team,Tranquil IT,Denis CARDON
- locale: all
- target_os: windows
- architecture: all
- signature_date:
- size: 4.94 Ko
package : tis-fix-summer-of-sam
version : 1.0-3
architecture : all
section : base
priority : optional
name : Fix-Summer-Of-Sam
categories :
maintainer : WAPT Team,Tranquil IT,Denis CARDON
description : Package for tis-fix-summer-of-sam
depends :
conflicts :
maturity : PROD
locale : all
target_os : windows
min_wapt_version :
sources :
installed_size :
impacted_process :
description_fr : Paquet pour tis-fix-summer-of-sam
description_pl : Pakiet dla tis-fix-summer-of-sam
description_de : Paket für tis-fix-summer-of-sam
description_es : Paquete para tis-fix-summer-of-sam
description_pt : Pacote para tis-fix-summer-of-sam
description_it : Pacchetto per tis-fix-summer-of-sam
description_nl : Pakket voor tis-fix-summer-of-sam
description_ru : Пакет для tis-fix-summer-of-sam
audit_schedule :
editor :
keywords :
licence :
homepage :
package_uuid : 0f10e561-8165-4465-8d8b-2e52515a30a5
valid_from :
valid_until :
forced_install_on :
changelog :
min_os_version :
max_os_version :
icon_sha256sum :
signer : Tranquil IT
signer_fingerprint: 8c5127a75392be9cc9afd0dbae1222a673072c308c14d88ab246e23832e8c6bb
signature_date : 2026-01-03T16:08:18.000000
signed_attributes : package,version,architecture,section,priority,name,categories,maintainer,description,depends,conflicts,maturity,locale,target_os,min_wapt_version,sources,installed_size,impacted_process,description_fr,description_pl,description_de,description_es,description_pt,description_it,description_nl,description_ru,audit_schedule,editor,keywords,licence,homepage,package_uuid,valid_from,valid_until,forced_install_on,changelog,min_os_version,max_os_version,icon_sha256sum,signer,signer_fingerprint,signature_date,signed_attributes
signature : AbuwIvpsieWweJGS7gpGXkcqWHnERoMQCIGrY7v96LiKzAWG2DbQm1PNkY/Q0AwaNEz8Tqklpfg1ascweoc8P5LedN8UE8IoJuM5C+2+auTcq2I4qg02M+uOkZrBQYWgyU53fEwbJUcYlB8OtBGWkaGI0vTwA+Vo1hFnajpaM/A1pRC0ZBc88jBymZOe7e94FJ7hKQgUk7/4FCZiMZrPvR3HQBeqarWF+bubXXlDqWm7TylcZmYaxLVtRXpIaRU+jRgCRPrv6e/fQS6z7fGFgqGANTlRr8cULeH+S8dEQHU/tBxxb3i3I9Aw5qVP4mISigtm0IyEH/RkVO/uNJierg==# -*- coding: utf-8 -*-
from setuphelpers import *
import tempfile
# Fix for CVE-2021-36934: Summer of SAM : https://t.co/kz3eWzVAu4
# Vulnerability are found only in windows server version 2019 freshly installed and windows computers 1809 or more freshly installed, if upgraded from earlier version the vulnerability shouldn't be present. We check for builtin\users and if present we delete the shadow copy
def install():
Os_Name = get_os_name()
if Os_Name != "Windows":
print("OS is not vulnerable")
else:
output_temp_file = tempfile.mktemp()
print(output_temp_file)
output = run('icacls %%windir%%\system32\config\sam /save "%s"' % output_temp_file)
# beware of localized versions
print(output)
with open(output_temp_file, encoding="utf-16-le") as f:
acl_content = f.read()
acl_content = acl_content.lstrip("sam").strip()
# print("current acl on %%windir%%\system32\config\sam : %s " % acl_content)
if ";BU)" in acl_content:
print(r"ACL on %windir%\system32\config has user inheritence, disabling with cmd : ")
cmd = "icacls %windir%\system32\config\*.* /inheritance:e"
print(cmd)
run(cmd)
else:
print("OK : This machine is not vulnerable")
return
print("we need to delete all volume shadow copy to finish this security bug fix")
print("listing volume shadow before deletion for %s " % os.environ["SYSTEMDRIVE"])
return_output = run(r"vssadmin list shadows /for=%systemdrive%", accept_returncodes=[0, 1])
if return_output.returncode == 1:
print(return_output)
# vssadmin is rubbish and it is localised by default, here we only check for French and English locale
if "Il n'existe aucun élément correspondant à la requête" in return_output or "No items found that satisfy the query." in return_output:
print("no volume shadow to delete")
else:
error("output is different than expected. If the computer is in another locale than French and English, please edit the package")
else:
print("=================================")
print("deleting volume shadow for %s" % os.environ["SYSTEMDRIVE"])
print(run(r"vssadmin delete shadows /for=%systemdrive% /quiet"))
print("=================================")
print("listing volume shadow after deletion for %s" % os.environ["SYSTEMDRIVE"])
return_output = run(r"vssadmin list shadows /for=%systemdrive%", accept_returncodes=[0, 1])
if "Il n'existe aucun élément correspondant à la requête" in return_output or "No items found that satisfy the query." in return_output:
print("OK : shadow copies properly deleted")
else:
error("output is different than expected. If the computer is in another locale than French and English, please edit the package")
def audit():
output_temp_file = tempfile.mktemp()
print(output_temp_file)
output = run('icacls %%windir%%\system32\config\sam /save "%s"' % output_temp_file)
# beware of localized versions
print(output)
with open(output_temp_file, encoding="utf-16-le") as f:
acl_content = f.read()
acl_content = acl_content.lstrip("sam").strip()
# print("current acl on %%windir%%\system32\config\sam : %s " % acl_content)
if ";BU)" in acl_content:
print(r"ACL on %windir%\system32\config has user inheritence, disabling with cmd : ")
cmd = "icacls %windir%\system32\config\*.* /inheritance:e"
print(cmd)
run(cmd)
return "WARNING"
else:
print("OK : This machine is not vulnerable")
return "OK"
38d056ab130f7bf7c481c12636a4e9959de36561d3dfcbe54c6e3571bc0c1dc3 : WAPT/certificate.crt
d134c74e6a59a1f540cbdcd70c510871332241fc99108a2a293151b18ee7cf2a : WAPT/control
8ee977d2bce9de92a0041b7b5c478b8a62e9147184ae66d9c555fa6833ff5561 : luti.json
be8c47ac963a62d8c80b830249db61c889c843e59948459f6c0e43a6ceaf1e02 : setup.py