BEQLEUNXP1NB103 - Windows - Files: Difference between revisions
Jump to navigation
Jump to search
(First template for bash script in %USERPROFILE%) |
(→%USERPROFILE%\StartFunctions.sh: Stable version) |
||
| Line 5: | Line 5: | ||
{{#fileanchor: fstab}} |
{{#fileanchor: fstab}} |
||
<source lang="bash"> |
<source lang="bash"> |
||
# Function handy for the start script |
|||
# |
|||
# include with |
|||
# |
|||
# . "$USERPROFILE/StartFunctions.sh" |
|||
function kill_win_process_pid() |
|||
{ |
|||
WINPID=$1 |
|||
/bin/kill -f $WINPID # Don't use bash's kill built-in ! |
|||
} |
|||
function kill_win_process_name() |
|||
{ |
|||
WINPROC=$1 |
|||
WINPID=$(ps -sW | grep "$WINPROC" | sed -re "s/^ +([0-9]*) .*$/\1/") |
|||
/bin/kill -f $WINPID # Don't use bash's kill built-in ! |
|||
} |
|||
function kill_win_service () |
|||
{ |
|||
WIN_SVC=$1 |
|||
cmd /c "tasklist /svc >%TEMP%\\$$" |
|||
WINPID=$(grep "$WIN_SVC" "$TEMP/$$" | sed -re "s/^.* ([0-9]*) .*$/\1/") |
|||
rm "$TEMP/$$" |
|||
/bin/kill -f $WINPID # Don't use bash's kill built-in ! |
|||
} |
|||
function hijack () |
|||
{ |
|||
EXENAME="$1" |
|||
[ $DEBUG ] && echo "Hijacking executable \"${EXENAME}\"..." >/dev/stderr |
|||
regtool set -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\${EXENAME}\\Debugger" '"C:\BIN\WIJACK.EXE"' |
|||
regtool remove -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\${EXENAME}\\AutorunsDisabled" |
|||
} |
|||
function disable_hijack () |
|||
{ |
|||
EXENAME="$1" |
|||
[ $DEBUG ] && echo "Disabling hijack for executable \"${EXENAME}\"..." >/dev/stderr |
|||
regtool add -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\${EXENAME}\\AutorunsDisabled" |
|||
regtool set -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\${EXENAME}\\AutorunsDisabled\\Debugger" '"C:\BIN\WIJACK.EXE"' |
|||
regtool unset -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\${EXENAME}\\Debugger" |
|||
} |
|||
#Usage: if ( is_service_enabled "wuauserv" ) ; then echo service is enabled; fi |
|||
function is_service_enabled () |
|||
{ |
|||
SERVICE="$1" |
|||
regtool list -l "\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\${SERVICE}" | grep -q "AutorunsDisabled" |
|||
return $(( ! $? )) |
|||
} |
|||
#Usage: if ( is_service_disabled "wuauserv" ) ; then echo service is disabled; fi |
|||
function is_service_disabled () |
|||
{ |
|||
SERVICE="$1" |
|||
regtool list -l "\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\${SERVICE}" | grep -q "AutorunsDisabled" |
|||
} |
|||
#Usage: if ( is_service_started "Automatic Updates" ) ; then echo service is started; fi |
|||
function is_service_started () |
|||
{ |
|||
SERVICE="$1" |
|||
net start | grep -q "${SERVICE}" |
|||
} |
|||
#Usage: if ( is_service_stopped "Automatic Updates" ) ; then echo service is stopped; fi |
|||
function is_service_stopped () |
|||
{ |
|||
SERVICE="$1" |
|||
net start | grep -q "${SERVICE}" |
|||
return $(( ! $? )) |
|||
} |
|||
#Usage: enable_service "wuauserv" |
|||
function enable_service () |
|||
{ |
|||
# Will restore a service that was disabled through Autoruns (Service is set to Automatic again) |
|||
SERVICE="$1" |
|||
[ $DEBUG ] && echo "Restoring service \"${SERVICE}\"..." >/dev/stderr |
|||
regtool unset -q "\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\${SERVICE}\\AutorunsDisabled" |
|||
regtool set -q "\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\${SERVICE}\\Start" 2 |
|||
} |
|||
#Usage: disable_service "wuauserv" |
|||
function disable_service () |
|||
{ |
|||
# Will disable a service as if it was disabled through Autoruns (Service will be listed in Autoruns disabled entries) |
|||
SERVICE="$1" |
|||
[ $DEBUG ] && echo "Disabling service \"${SERVICE}\"..." >/dev/stderr |
|||
regtool set -q "\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\${SERVICE}\\AutorunsDisabled" 1 |
|||
regtool set -q "\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\${SERVICE}\\Start" 4 |
|||
} |
|||
#Usage: start_service "wuauserv" OR start_service "Automatic Updates" |
|||
function start_service () |
|||
{ |
|||
SERVICE="$1" |
|||
[ $DEBUG ] && echo -n "Starting service \"${SERVICE}\"..." >/dev/stderr |
|||
net start "${SERVICE}" >/dev/null 2>&1 |
|||
RES=$? |
|||
[ $DEBUG ] && ( [ $RES -eq 0 ] && echo "Success" || echo "Failed" ) |
|||
} |
|||
function stop_service () |
|||
{ |
|||
SERVICE="$1" |
|||
[ $DEBUG ] && echo -n "Stopping service \"${SERVICE}\"..." >/dev/stderr |
|||
net stop "${SERVICE}" >/dev/null 2>&1 |
|||
RES=$? |
|||
[ $DEBUG ] && ( [ $RES -eq 0 ] && echo "Success" || echo "Failed" ) |
|||
} |
|||
function enable_hkcu_run () |
|||
{ |
|||
REGVALUE=$1 |
|||
REGDATA=$(regtool get -q "\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled\\${REGVALUE}") || return $? |
|||
[ $DEBUG ] && echo -n "Restoring HKCU run ${REGVALUE}=${REGDATA}" >/dev/stderr |
|||
regtool set -q "\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\${REGVALUE}" "${REGDATA}" |
|||
regtool unset -q "\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled\\${REGVALUE}" |
|||
} |
|||
function disable_hkcu_run () |
|||
{ |
|||
REGVALUE=$1 |
|||
REGDATA=$(regtool get -q "\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\${REGVALUE}") || return $? |
|||
[ $DEBUG ] && echo -n "Disabling HKCU run ${REGVALUE}=${REGDATA}" >/dev/stderr |
|||
regtool add -q "\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled" |
|||
regtool set -q "\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled\\${REGVALUE}" "${REGDATA}" |
|||
regtool unset -q "\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\${REGVALUE}" |
|||
} |
|||
function enable_hklm_run () |
|||
{ |
|||
REGVALUE=$1 |
|||
REGDATA=$(regtool get -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled\\${REGVALUE}") || return $? |
|||
[ $DEBUG ] && echo -n "Restoring HKLM run ${REGVALUE}=${REGDATA}" >/dev/stderr |
|||
regtool set -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\${REGVALUE}" "${REGDATA}" |
|||
regtool unset -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled\\${REGVALUE}" |
|||
} |
|||
function disable_hklm_run () |
|||
{ |
|||
REGVALUE=$1 |
|||
REGDATA=$(regtool get -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\${REGVALUE}") || return $? |
|||
[ $DEBUG ] && echo -n "Disabling HKLM run ${REGVALUE}=${REGDATA}" >/dev/stderr |
|||
regtool add -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled" |
|||
regtool set -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled\\${REGVALUE}" "${REGDATA}" |
|||
regtool unset -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\${REGVALUE}" |
|||
} |
|||
function parse_parameters () |
|||
{ |
|||
# Evaluate command-line parameters |
|||
until [[ ! "$*" ]]; do |
|||
if [[ ${1:0:2} = '--' ]]; then |
|||
local PAIR=${1:2} |
|||
local PARAMETER=$(echo ${PAIR%=*} | tr [:lower:]- [:upper:]_) |
|||
eval P_$PARAMETER="${PAIR##*=}" |
|||
else |
|||
if [[ $1 = '-d' ]]; then DEBUG=$((DEBUG+1)); fi |
|||
fi |
|||
shift |
|||
done |
|||
} |
|||
</source> |
</source> |
||
Revision as of 09:43, 13 October 2009
%USERPROFILE%\StartFunctions.sh
(cygwin bash script)
Download [{{#filelink: StartFunctions.sh}} this file]. {{#fileanchor: fstab}}
# Function handy for the start script
#
# include with
#
# . "$USERPROFILE/StartFunctions.sh"
function kill_win_process_pid()
{
WINPID=$1
/bin/kill -f $WINPID # Don't use bash's kill built-in !
}
function kill_win_process_name()
{
WINPROC=$1
WINPID=$(ps -sW | grep "$WINPROC" | sed -re "s/^ +([0-9]*) .*$/\1/")
/bin/kill -f $WINPID # Don't use bash's kill built-in !
}
function kill_win_service ()
{
WIN_SVC=$1
cmd /c "tasklist /svc >%TEMP%\\$$"
WINPID=$(grep "$WIN_SVC" "$TEMP/$$" | sed -re "s/^.* ([0-9]*) .*$/\1/")
rm "$TEMP/$$"
/bin/kill -f $WINPID # Don't use bash's kill built-in !
}
function hijack ()
{
EXENAME="$1"
[ $DEBUG ] && echo "Hijacking executable \"${EXENAME}\"..." >/dev/stderr
regtool set -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\${EXENAME}\\Debugger" '"C:\BIN\WIJACK.EXE"'
regtool remove -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\${EXENAME}\\AutorunsDisabled"
}
function disable_hijack ()
{
EXENAME="$1"
[ $DEBUG ] && echo "Disabling hijack for executable \"${EXENAME}\"..." >/dev/stderr
regtool add -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\${EXENAME}\\AutorunsDisabled"
regtool set -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\${EXENAME}\\AutorunsDisabled\\Debugger" '"C:\BIN\WIJACK.EXE"'
regtool unset -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\${EXENAME}\\Debugger"
}
#Usage: if ( is_service_enabled "wuauserv" ) ; then echo service is enabled; fi
function is_service_enabled ()
{
SERVICE="$1"
regtool list -l "\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\${SERVICE}" | grep -q "AutorunsDisabled"
return $(( ! $? ))
}
#Usage: if ( is_service_disabled "wuauserv" ) ; then echo service is disabled; fi
function is_service_disabled ()
{
SERVICE="$1"
regtool list -l "\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\${SERVICE}" | grep -q "AutorunsDisabled"
}
#Usage: if ( is_service_started "Automatic Updates" ) ; then echo service is started; fi
function is_service_started ()
{
SERVICE="$1"
net start | grep -q "${SERVICE}"
}
#Usage: if ( is_service_stopped "Automatic Updates" ) ; then echo service is stopped; fi
function is_service_stopped ()
{
SERVICE="$1"
net start | grep -q "${SERVICE}"
return $(( ! $? ))
}
#Usage: enable_service "wuauserv"
function enable_service ()
{
# Will restore a service that was disabled through Autoruns (Service is set to Automatic again)
SERVICE="$1"
[ $DEBUG ] && echo "Restoring service \"${SERVICE}\"..." >/dev/stderr
regtool unset -q "\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\${SERVICE}\\AutorunsDisabled"
regtool set -q "\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\${SERVICE}\\Start" 2
}
#Usage: disable_service "wuauserv"
function disable_service ()
{
# Will disable a service as if it was disabled through Autoruns (Service will be listed in Autoruns disabled entries)
SERVICE="$1"
[ $DEBUG ] && echo "Disabling service \"${SERVICE}\"..." >/dev/stderr
regtool set -q "\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\${SERVICE}\\AutorunsDisabled" 1
regtool set -q "\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\${SERVICE}\\Start" 4
}
#Usage: start_service "wuauserv" OR start_service "Automatic Updates"
function start_service ()
{
SERVICE="$1"
[ $DEBUG ] && echo -n "Starting service \"${SERVICE}\"..." >/dev/stderr
net start "${SERVICE}" >/dev/null 2>&1
RES=$?
[ $DEBUG ] && ( [ $RES -eq 0 ] && echo "Success" || echo "Failed" )
}
function stop_service ()
{
SERVICE="$1"
[ $DEBUG ] && echo -n "Stopping service \"${SERVICE}\"..." >/dev/stderr
net stop "${SERVICE}" >/dev/null 2>&1
RES=$?
[ $DEBUG ] && ( [ $RES -eq 0 ] && echo "Success" || echo "Failed" )
}
function enable_hkcu_run ()
{
REGVALUE=$1
REGDATA=$(regtool get -q "\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled\\${REGVALUE}") || return $?
[ $DEBUG ] && echo -n "Restoring HKCU run ${REGVALUE}=${REGDATA}" >/dev/stderr
regtool set -q "\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\${REGVALUE}" "${REGDATA}"
regtool unset -q "\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled\\${REGVALUE}"
}
function disable_hkcu_run ()
{
REGVALUE=$1
REGDATA=$(regtool get -q "\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\${REGVALUE}") || return $?
[ $DEBUG ] && echo -n "Disabling HKCU run ${REGVALUE}=${REGDATA}" >/dev/stderr
regtool add -q "\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled"
regtool set -q "\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled\\${REGVALUE}" "${REGDATA}"
regtool unset -q "\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\${REGVALUE}"
}
function enable_hklm_run ()
{
REGVALUE=$1
REGDATA=$(regtool get -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled\\${REGVALUE}") || return $?
[ $DEBUG ] && echo -n "Restoring HKLM run ${REGVALUE}=${REGDATA}" >/dev/stderr
regtool set -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\${REGVALUE}" "${REGDATA}"
regtool unset -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled\\${REGVALUE}"
}
function disable_hklm_run ()
{
REGVALUE=$1
REGDATA=$(regtool get -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\${REGVALUE}") || return $?
[ $DEBUG ] && echo -n "Disabling HKLM run ${REGVALUE}=${REGDATA}" >/dev/stderr
regtool add -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled"
regtool set -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\AutorunsDisabled\\${REGVALUE}" "${REGDATA}"
regtool unset -q "\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\${REGVALUE}"
}
function parse_parameters ()
{
# Evaluate command-line parameters
until [[ ! "$*" ]]; do
if [[ ${1:0:2} = '--' ]]; then
local PAIR=${1:2}
local PARAMETER=$(echo ${PAIR%=*} | tr [:lower:]- [:upper:]_)
eval P_$PARAMETER="${PAIR##*=}"
else
if [[ $1 = '-d' ]]; then DEBUG=$((DEBUG+1)); fi
fi
shift
done
}
%USERPROFILE%\Start.sh
(cygwin bash script)
Download [{{#filelink: StartFunctions.sh}} this file]. {{#fileanchor: fstab}}
%USERPROFILE%\BlueTooth.sh
(cygwin bash script)
Download [{{#filelink: StartFunctions.sh}} this file]. {{#fileanchor: fstab}}
%USERPROFILE%\ManageSoft.sh
(cygwin bash script)
Download [{{#filelink: StartFunctions.sh}} this file]. {{#fileanchor: fstab}}
%USERPROFILE%\McAfee.sh
(cygwin bash script)
Download [{{#filelink: StartFunctions.sh}} this file]. {{#fileanchor: fstab}}
%USERPROFILE%\Miscellaneous.sh
(cygwin bash script)
Download [{{#filelink: StartFunctions.sh}} this file]. {{#fileanchor: fstab}}
%USERPROFILE%\Outlook.sh
(cygwin bash script)
Download [{{#filelink: StartFunctions.sh}} this file]. {{#fileanchor: fstab}}