Best posts made by rnz

rnz

TightVNC can be upgraded using the Custom Software feature in VulnDetect - Corporate:
https://corporate.vulndetect.com/#/deployment/custom-create-job

Download the latest installers from the official website:
https://www.tightvnc.com/download.html

The parameters used in this guide are present in TightVNC's official documentation:
https://www.tightvnc.com/doc/win/TightVNC_2.7_for_Windows_Installing_from_MSI_Packages.pdf

To install TightVNC with its default settings use /quiet /norestart, this will install (or upgrade) both Viewer and Server.

If you would like to install a specific component of TightVNC, use the standard MSI property
named ADDLOCAL. The following three commands install only the server part, only the client part
and both parts, correspondingly:

• msiexec /i tightvnc-2.8.63-gpl-setup-64bit.msi /quiet /norestart ADDLOCAL=Server
• msiexec /i tightvnc-2.8.63-gpl-setup-64bit.msi /quiet /norestart ADDLOCAL=Viewer
• msiexec /i tightvnc-2.8.63-gpl-setup-64bit.msi /quiet /norestart ADDLOCAL="Server,Viewer"

Note that running the installer with e.g., ADDLOCAL=Server, on a system with both Viewer and Server, will remove the Viewer.

TightVNC with the Server component only.

rnz

It is possible to deploy AutoCAD LT with Custom Software.

The Custom Deployment Configuration should be the following:

The AutoCADLT.zip that is seen in the configuration is a modified ZIP. Please see the following screenshot on how to create it:

installer.exe and Collection.xml have been left out as this would allow customization without generating a new ZIP file.

After the task has been completed, we confirm seeing the following installed in the Autodesk folder on the target hosts:
AdODIS
AdskIdentitManager
AutoCAD Activity Insights
AutoCAD LT 2024
Genuine Service

rnz

You may be able to use the Custom Software feature to assist you with FortiClient VPN-only.

Please be mindful when deploying FortiClient over existing installations as there may be conflicts. To find out more about the upgrade paths check the URL below:
https://docs.fortinet.com/document/forticlient/7.2.0/upgrade-path

However, there is a number of different ways in which FortiClient can be configured during distribution, thus we can't predict if the approach you decide upon is compatible with the functionality currently provided in Custom Software.

We did make Proof-of-Concept deployments of Foxit products using MST files.
https://vulndetect.org/topic/2382/vulndetect-custom-software-upgrading-foxit-phantompdf-to-foxit-pdf-editor

The documents for FortiClient suggests that it also supports MST files.

It also suggests that XML files can be used.

Please see the full docs here:
https://docs.fortinet.com/document/forticlient/6.0.0/configurator-tool/343622/forticlient-configurator-tool
https://docs.fortinet.com/document/forticlient/6.0.0/configurator-tool/754658/deploying-forticlient-windows-installation-packages

Quote: "Starting with FortiClient 5.6.0, an account for the Fortinet Developer Network is required to access the free tool. No license key is required to use the tool."
This indicates that you need to login to the Fortinet portal to find the latest tool and possibly documentation, the above links refer to 6.0.0, however, FortiClient is currently at 7.2.x.

We suggest that you configure FortiClient as required, based on the vendors guidelines, and test it using Custom Software.

If for some reason it fails using Custom Software, but works with local tests, please provide us access to the files you created, and we will test this and help with adjusting any parameters supplied to the installer through Custom Software.

Note that the files you share with us most likely will contain some sort of credentials and license information. We will naturally delete any sensitive files after testing and documenting our findings.

You can find the latest installer here:
https://www.fortinet.com/support/product-downloads#vpn

A simple Custom Software configuration should look like this:

Enter a title e.g. "FortiClientVPN"
Select the installer: FortiClientVPN-7.0.5.0238.msi
Enter the silent Argument: /qn
Enter the never restart option Argument: /norestart

And then click "Save".

The dialogue will now upload the files to the VulnDetect back-end.

After saving the Job, you can now select to deploy it to groups or hosts.
Remember to inspect the host or group, if you want the job to run right away, else it'll apply after the next scheduled inspection.

rnz

You can use the Snagit Uninstaller Tool with Custom Software in order uninstall specific or all versions of Snagit.
Please read the official documentation here:
https://support.techsmith.com/hc/en-us/articles/360022581532-Snagit-Windows-Use-the-UninstallerTool-exe-as-Command-Line-Tool

Start by creating your new Custom Software here:
https://corporate.vulndetect.com/#/deployment/custom-create-job

The arguments used will keep the 2023 version and uninstall all the previous yearly releases.

Parameters

-product <insert product_name> - Remove all versions of Snagit.

UninstallerTool.exe -product snagit

-keep <insert comma-separated version list> - Remove all versions of Snagit except specific versions.

UninstallerTool.exe -product snagit -keep 23,22

-remove <insert comma-separated version list> - Remove only specific versions of Snagit.

UninstallerTool.exe -product snagit -remove 20,21

rnz

The installer(s) of GlobalProtect are not publicly available for download. You will need to acquire them through the GlobalProtect portal as stated in the official documentation from the vendor's website.

You can read the full article here:
https://docs.paloaltonetworks.com/globalprotect/6-1/globalprotect-app-user-guide/globalprotect-app-for-windows/download-and-install-the-globalprotect-app-for-windows

Once you have acquired the installer, you can upload it to VulnDetect using the Custom Software feature, use the documented silent parameters and run the inspection on the Hosts you have deployed the Custom Software job.

Additionally, the installer can be configured with the following arguments:

configure the portal address

/quiet /norestart PORTAL=”portal.acme.com”

prevent users from connecting to the portal if the certificate is not valid

/quiet /norestart CANCONTINUEIFPORTALCERTINVALID=”no”

rnz

CodeMeter Runtime can be deployed/updated using the Custom Software feature in VulnDetect - Corporate:

You can download official installers from here:
https://www.wibu.com/us/support/developer/downloads-developer-software.html
We have used the CodeMeter Runtime Kit for Distribution x64 MSI installer for our tests.

Upload the MSI and insert the following silent arguments: /qn /norestart

You are now ready to deploy or upgrade CodeMeter Runtime.

rnz

OpenVPN can be deployed/updated using the Custom Software feature in VulnDetect - Corporate:

Note: Updating has worked on our internal systems without an active VPN configuration. We expect that the update will kill active VPN connections.

You can download official installers from here:
https://openvpn.net/community-downloads/

Upload the installer and insert the following silent arguments: /qn /norestart

You are now ready to deploy or upgrade OpenVPN.

rnz

AnyConnect can be deployed/updated using the Custom Software feature in VulnDetect - Corporate:

Note: Updating has worked on our internal systems without an active VPN configuration. We expect that the update will kill active VPN connections.

You can download official installers from here:
https://www.cisco.com/c/en/us/support/security/anyconnect-secure-mobility-client-v4-x/model.html#~tab-downloads

Upload the installer and insert the following silent arguments: /qn /norestart

You are now ready to deploy or upgrade AnyConnect.

rnz

(Updating should also work, but we can't test this, as we don't have a license for the software)

In order to create a custom deployment for WorkPoint Express, please navigate to:
https://corporate.vulndetect.com/#/deployment/custom-create-job

Enter a title e.g. "WorkPoint Express 6"
Select the installer: WorkPoint Express x64 6.2.1.3 Setup.msi
Enter the silent Argument: /qn
Enter the never restart option Argument: /norestart

For more information about relevant (and required arguments) see:
https://support.workpoint.dk/hc/en-us/articles/206486658-WorkPoint-Express-Scripted-Installation-use-this-for-installing-journalize-flag-

And then click "Save".
The dialogue will now upload the files to the VulnDetect back-end.

After saving the Job, you can now select to deploy it to groups or hosts.
Remember to inspect the host or group, if you want the job to run right away, else it'll apply after the next scheduled
inspection.
After the Job is "Completed" on a host, VulnDetect will automatically conduct a new inspection and update the results for
each host:
https://corporate.vulndetect.com/#/deployment/activity
And you should be able to find the updated results on the hosts or applications page moments later.

rnz

SeaMonkey can be upgraded using the Custom Software feature in VulnDetect - Corporate:

Note: Upgrading will require the same language installer to be applied to the existing installation in order for the process to be silent.

You can download official installers from here:
https://www.seamonkey-project.org/releases/
Make sure to select the right architecture: Windows x64/Windows x86

Upload the installer and insert the following silent arguments: /VERYSILENT /NORESTART /S /quiet

After uploading the file, you need to select the groups or hosts to which you wish to deploy the package / updates.

rnz