Using Symantec Endpoint Recovery Tool and want to bypass the PIN requirement ?

Introduction

Note: This post is nothing to do with ConfigMgr and I’m only posting it for those of you who happen to want to automate getting NBRT to run without having to do manual things.

If you are doing offline antivirus scanning using Symantec’s Endpoint Recovery Tool (NBRT) you’ll probably be very familiar with the annoying need to enter a 13 character PIN.

sert_pin_prompt

Symantec themselves document that requirement here and that’s been pretty much debunked by Chris here.

Problem

Having to enter a 13 character PIN every time you run the tool seems counterintuitive, having a switch to bypass it would be great, except there’s no documented switches for NBRT anywhere and NBRT.EXE /? does not reveal any switches.

Solution

My colleague Magnus suggested we open the EXE in notepad and see if it revealed anything. So that’s exactly what we did. By renaming NBRT.EXE to NBRT.TXT and searching through the text file in notepad the following was revealed.

switches hiddenAnd those hidden switches are revealed below

/undo   /key:{value}   /lang:{value}   /skipglp   /ignorenorton   /fixlowrisk   /apply   /OnReboot   /uninstall   /install   /usedefs:{value}   /help   /?   /dontautoremediate   /dontremediate   /skipdefupdates   /skipallupdates   /reportfile:{value}   /silent   /scan-file:{value}   /scan-none   /scan-quick   /scan-full

so there you have it, launching nbrt with the following switch (where XXXXXXXXXXXXX is your PIN supplied by Symantec) will bypass the need to enter the pin.

nbrt.exe /key:XXXXXXXXXXXXX

you can also bypass the language selection screen with /lang:1033

until next time, adios !

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.