Jump to content

How to create an application category from a list of SHA-256 hashes [Kaspersky Security Center]


Recommended Posts

Egor Erastov
Posted

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.

Windows

  1. Unpack the archive (add_category.rar) on any device that has access to the Administration Console port of the Administration Server.
  2. Create a text file with needed hashes, by default the script expects it to be sha256.txt in script's working directory.
  3. Edit add_category.cmd with specified KSC username, password, server address, name of the text file with hashes (file should be saved in UTF-8 encoding)
  4. If a category with the specified name already exists, it keeps unique SHA256 hashes in the category.
    List of arguments:
    /Server     Server address, 127.0.0.1 by default
    /User       Username, current user by default
    /Pass       Password
    /File       Path to the file with hashes, input.txt by default. File should be saved in UTF-8
    /Category   Category name, New custom category by default

Linux/macOS/Windows

  1. Unpack the archive (app_category_from_hashlist.zip) on any device that has access to the Administration Console port of the Administration Server.
  2. Create a text file with needed hashes, by default the script expects it to be hashes.txt in script's working directory.
  3. On Windows, run  app_category_from_hashlist.exe in a terminal (cmd or powershell) with specified KSC username, password and other arguments, if needed
    On Linux/macOS, run
    pip install -r requirements.txt
    chmod +x ./app_category_from_hashlist.py
    ./app_category_from_hashlist.py --username <user> --password <password> <other arguments>
  4. If a category with the specified name already exists, the script overrides it, unless --append flag is set, then it keeps unique SHA256 hashes in the category.
    List of arguments:
    -h, --help            show this help message and exit
     --internal            If set, the script tries to login with supplied credentials an internal KSC user
     --append              Chooses to append or overwrite the hash list, if category with specified name already exists
     --address [ADDRESS]   KSC server address, default is 127.0.0.1
     --port [PORT]         KSC OpenAPI port, default port is 13299
     --username [USERNAME]
                           KSC user name
     --password [PASSWORD]
                           KSC user password
     --hash_file [HASH_FILE]
                           path to the file with hashes, hashes.txt in the working directory, the file should contain only the hashes and separators, which can be anything except digits and letters A through F, case insensitive
     --category_name [CATEGORY_NAME]
                           Name of the category to be created, default name is "New application category"

     

  • Thanks 1
  • 2 weeks later...
shustov.dm
Posted (edited)

I can't download the add_category.rar file from the link, the page is loading endlessly. Is it possible to duplicate it on any file sharing service?

Edited by shustov.dm
получилось скачать с vpn

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...