How to create an application category from a list of SHA-256 hashes [Kaspersky Security Center]

[Egor Erastov]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.

Windows

1. Unpack the archive (add_category.rar) on any device that has access to the Administration Console port of the Administration Server.
2. Create a text file with needed hashes, by default the script expects it to be sha256.txt in script's working directory.
3. Edit add_category.cmd with specified KSC username, password, server address, name of the text file with hashes (file should be saved in UTF-8 encoding)
4. If a category with the specified name already exists, it keeps unique SHA256 hashes in the category.
   List of arguments:

   /Server     Server address, 127.0.0.1 by default
   /User       Username, current user by default
   /Pass       Password
   /File       Path to the file with hashes, input.txt by default. File should be saved in UTF-8
   /Category   Category name, New custom category by default

Linux/macOS/Windows

1. Unpack the archive (app_category_from_hashlist.zip) on any device that has access to the Administration Console port of the Administration Server.
2. Create a text file with needed hashes, by default the script expects it to be hashes.txt in script's working directory.
3. On Windows, run  app_category_from_hashlist.exe in a terminal (cmd or powershell) with specified KSC username, password and other arguments, if needed
   On Linux/macOS, run

   pip install -r requirements.txt
   chmod +x ./app_category_from_hashlist.py
   ./app_category_from_hashlist.py --username <user> --password <password> <other arguments>

4. If a category with the specified name already exists, the script overrides it, unless --append flag is set, then it keeps unique SHA256 hashes in the category.
   List of arguments:

   -h, --help            show this help message and exit
    --internal            If set, the script tries to login with supplied credentials an internal KSC user
    --append              Chooses to append or overwrite the hash list, if category with specified name already exists
    --address [ADDRESS]   KSC server address, default is 127.0.0.1
    --port [PORT]         KSC OpenAPI port, default port is 13299
    --username [USERNAME]
                          KSC user name
    --password [PASSWORD]
                          KSC user password
    --hash_file [HASH_FILE]
                          path to the file with hashes, hashes.txt in the working directory, the file should contain only the hashes and separators, which can be anything except digits and letters A through F, case insensitive
    --category_name [CATEGORY_NAME]
                          Name of the category to be created, default name is "New application category"