Question Hash of Official KTS 21.3 exe (installer)

Please provide comments and solutions that are helpful to the author of this topic.

S

Studynxx

Level 3
Thread author
Jan 20, 2023
209
Does Kaspersky store the hash of the official KTS 21.3 (installer) exe somewhere? I've written a script that pulls the installer from a CDN server of Kaspersky, runs it, simulates keystrokes to go thru with the installation and then exit it when installed. However I don't want to download a spoofed installer ie malware accidentally in case that CDN server ever gets hacked into

So I'd need to compare the checksum of this pulled installer executable against the officially disclosed one, and abort the script if they don't match
 
  • Like
Reactions: Khushal
S

Studynxx

Level 3
Thread author
Jan 20, 2023
209
harlan4096 said:
Since there is no longer offline installer for a while, You should get the online installer... the problem is that 21.3 is already a bit (quite) obsolete version, and will be difficult to find it.
Click to expand...
Not sure what the difference between the 2 is. I'm not even sure I fetch the offline installer via my script and the CDN server. If you're referring to Kaspersky Plus, then I remember telling you prior on Kaspersky's forum I cannot use it because its GUI is terrible to me, very hard to navigate. I'm not sure which dev's idea it was to reform the GUI to THAT, but it's absolutely horrid imo.
 
  • Like
Reactions: Khushal
lokamoka820

lokamoka820

Level 21
Mar 1, 2024
1,060
Why you want the hash? If you download it from Kaspersky official website you don't need to check the hash, hash checking usually needed for open source projects like Linux ISOs because the mostly published on outsource servers, so they ask users to check the hash to be sure that their products didn't modify, but big companies have their own servers and must be trusted for you as a user as much as you trust their products.
 
  • Like
Reactions: roger_m, simmerskool, Khushal and 1 other person
S

Studynxx

Level 3
Thread author
Jan 20, 2023
209
lokamoka820 said:
Why you want the hash? If you download it from Kaspersky official website you don't need to check the hash, hash checking usually needed for open source projects like Linux ISOs because the mostly published on outsource servers, so they ask users to check the hash to be sure that their products didn't modify, but big companies have their own servers and must be trusted for you as a user as much as you trust their products.
Click to expand...
To make sure that the CDN / FTP server wasn't hacked into and the installer exe is the official one, not malware masquerading itself as such.
harlan4096 said:
Version 21.3 will probably soon stop having support, also it causes many issues (even with lots of patches) that were fixed in the new product line.

There is no offline installer anymore for some time now.
Click to expand...
Sure but I haven't had any issues with it other than 1 issue but I solved it using Kaspersky's official forum and I have documented the solution in my internal wiki so I'm good.
 
  • Like
Reactions: Khushal
lokamoka820

lokamoka820

Level 21
Mar 1, 2024
1,060
Studynxx said:
To make sure that the CDN / FTP server wasn't hacked into and the installer exe is the official one, not malware masquerading itself as such.
Click to expand...
So you will trust Kaspersky to keep you safe from malware if they can't keep their own servers safe? And even after installation, how will you be sure that no one can hack the servers and send malware with the updates, as happen with CCleaner for example? It is all about trust.

If you want you can use the online installer, security products now use it to give the latest version and to get the official version from their own servers, to avoid modifying source code like in offline installer.
 
  • Like
  • +Reputation
Reactions: roger_m, simmerskool and Khushal
S

Studynxx

Level 3
Thread author
Jan 20, 2023
209
lokamoka820 said:
So you will trust Kaspersky to keep you safe from malware if they can't keep their own servers safe? And even after installation, how will you be sure that no one can hack the servers and send malware with the updates, as happen with CCleaner for example? It is all about trust.

If you want you can use the online installer, security products now use it to give the latest version and to get the official version from their own servers, to avoid modifying source code like in offline installer.
Click to expand...
But where's the online installer at? Isn't it this

Download Kaspersky Total Security | Kaspersky

Download latest Kaspersky Total Security software to update your current product versio. Get maximum protection against computer viruses, worms & other internet security threats.
www.kaspersky.com

?
 
  • Like
Reactions: Khushal
S

Studynxx

Level 3
Thread author
Jan 20, 2023
209
harlan4096 said:
Yes, You still can download global KTS online installer there, but probably the installed product sooner or later can auto-update to the new product line...
Click to expand...
I mean I don't mind that, let that be. But it IS the online installer I'm fetching thru my script then?
 
  • Like
Reactions: Khushal
lokamoka820

lokamoka820

Level 21
Mar 1, 2024
1,060
Studynxx said:
But where's the online installer at? Isn't it this

Download Kaspersky Total Security | Kaspersky

Download latest Kaspersky Total Security software to update your current product versio. Get maximum protection against computer viruses, worms & other internet security threats.
www.kaspersky.com

?
Click to expand...
Yes it is, and if you noticed they modified the page 3 days ago, so the installer checked constantly.
 
  • Like
Reactions: harlan4096
S

Studynxx

Level 3
Thread author
Jan 20, 2023
209
It's funny as hell to me how the mods on Kaspersky's official forums removed my totally valid post.
 
S

Studynxx

Level 3
Thread author
Jan 20, 2023
209
Btw they've changed the CDN server since, not like I couldn't just change it to the current one in my script, but it's always a gamble so I'll just pull it from my own file server instead.

It's a shame v21.3 of KTS can't be scripted via batch, as the best I've been able to do is just simulation of keyboard strokes via powershell. And AVPUI.exe cannot be terminated at the end of the process so I'm stuck with having to manually close out the Kaspersky Window at the end of the script as the final step.
 

Similar threads

Welldone
    • Like
  • Locked
NoVirusThanks EXE Radar Pro turns Freeware
Replies
312
Views
101,656
Other security for Windows, Mac, Linux
shmu26
shmu26
Jack
Remove Vista Home Security 2012
Replies
0
Views
5,505
Malware Removal Guides
Jack
Jack
Jack
Remove Internet Security 2012 (Fake AV)
Replies
0
Views
5,155
Malware Removal Guides
Jack
Jack

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top