2020-06-28 14:22:57 +00:00
|
|
|
////////////////////////////////////////////////////////////////////////
|
2022-11-06 08:49:06 +00:00
|
|
|
// Security Policy API
|
2020-06-28 14:22:57 +00:00
|
|
|
////////////////////////////////////////////////////////////////////////
|
2020-07-20 18:57:53 +00:00
|
|
|
|
2022-11-06 08:49:06 +00:00
|
|
|
var SYS = require("lib/system");
|
|
|
|
var FILE = require("lib/file");
|
2020-07-19 17:50:24 +00:00
|
|
|
var REG = require("lib/registry");
|
2020-06-28 14:22:57 +00:00
|
|
|
|
2022-11-06 08:49:06 +00:00
|
|
|
var DISABLED = 0x00000001;
|
|
|
|
var ENABLED = 0x00000000;
|
2020-07-20 18:57:53 +00:00
|
|
|
|
2022-11-06 08:49:06 +00:00
|
|
|
function __BOOL_TO_DWORD__(x) {
|
|
|
|
return x ? DISABLED : ENABLED;
|
|
|
|
}
|
2020-06-28 14:22:57 +00:00
|
|
|
|
2022-11-06 08:49:06 +00:00
|
|
|
// Check 'Run as administrator'
|
|
|
|
function isElevated = function() {
|
2020-06-28 14:22:57 +00:00
|
|
|
try {
|
2022-11-06 08:49:06 +00:00
|
|
|
CreateObject("WScript.Shell").RegRead("HKEY_USERS\\s-1-5-19\\");
|
2020-07-03 09:15:23 +00:00
|
|
|
return true;
|
|
|
|
} catch (e) {
|
2020-06-28 14:22:57 +00:00
|
|
|
return false;
|
|
|
|
}
|
2022-11-06 08:49:06 +00:00
|
|
|
}
|
2020-06-28 14:22:57 +00:00
|
|
|
|
2022-11-06 08:49:06 +00:00
|
|
|
// Turn on/off Windows Defender
|
|
|
|
function setDisableAntiSpyware(x) {
|
2020-06-28 14:22:57 +00:00
|
|
|
var path = "SOFTWARE\\Policies\\Microsoft\\Windows Defender";
|
|
|
|
var key = "DisableAntiSpyware";
|
2022-11-06 08:49:06 +00:00
|
|
|
REG.write(REG.HKLM, path, key, __BOOL_TO_DWORD__(x), REG.DWORD);
|
2020-07-19 17:49:26 +00:00
|
|
|
};
|
2020-06-28 14:22:57 +00:00
|
|
|
|
2022-11-06 09:55:28 +00:00
|
|
|
function getDisableAntiSpyware() {
|
|
|
|
var path = "SOFTWARE\\Policies\\Microsoft\\Windows Defender";
|
|
|
|
var key = "DisableAntiSpyware";
|
|
|
|
return REG.read(REG.HKLM, path, key, REG.DWORD);
|
|
|
|
}
|
|
|
|
|
2022-11-06 08:49:06 +00:00
|
|
|
// Trun on/off Registry Editor (regedit)
|
|
|
|
function setDisableRegistryTools(x) {
|
2020-06-28 14:22:57 +00:00
|
|
|
var path = "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System";
|
|
|
|
var key = "DisableRegistryTools";
|
2022-11-06 08:49:06 +00:00
|
|
|
REG.write(REG.HKLM, path, key, __BOOL_TO_DWORD__(x), REG.DWORD);
|
|
|
|
}
|
2020-06-28 14:22:57 +00:00
|
|
|
|
2022-11-06 08:49:06 +00:00
|
|
|
// Turn on/off Task Manager (taskmgr)
|
|
|
|
function setDisableTaskMgr(x) {
|
2020-06-28 14:22:57 +00:00
|
|
|
var path = "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System";
|
|
|
|
var key = "DisableTaskMgr";
|
2022-11-06 08:49:06 +00:00
|
|
|
REG.write(REG.HKLM, path, key, __BOOL_TO_DWORD__(x), REG.DWORD);
|
|
|
|
}
|
2020-07-19 17:49:26 +00:00
|
|
|
|
2022-11-06 08:49:06 +00:00
|
|
|
// Get antivirus products list from the security center
|
|
|
|
function getAntiVirusProducts() {
|
2020-07-19 21:47:20 +00:00
|
|
|
var displayNames = [];
|
2020-07-19 17:49:26 +00:00
|
|
|
|
|
|
|
var objWMIService = GetObject("winmgmts:\\.\root\SecurityCenter2");
|
|
|
|
var colItems = objWMIService.ExecQuery("SELECT * FROM AntiVirusProduct");
|
|
|
|
var enumItems = new Enumerator(colItems);
|
|
|
|
for (; !enumItems.atEnd(); enumItems.moveNext()) {
|
|
|
|
var objItem = enumItems.item();
|
2020-07-19 21:47:20 +00:00
|
|
|
displayNames.push(objItem.displayName);
|
2020-07-19 17:49:26 +00:00
|
|
|
}
|
|
|
|
|
2020-07-19 21:47:20 +00:00
|
|
|
return displayNames;
|
2022-11-06 08:49:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Open the threat setting window on Windows Defender
|
|
|
|
function OpenThreatSettings() {
|
|
|
|
var FN_MSASCui = SYS.getEnvString("%ProgramFiles%") + "\\Windows Defender\\MSASCui.exe";
|
|
|
|
if (!FILE.fileExists(FN_MSASCui)) {
|
2022-11-06 08:56:41 +00:00
|
|
|
SHELL.runAs("windowsdefender://Threatsettings"); // Windows 10
|
2022-11-06 08:56:10 +00:00
|
|
|
} else {
|
2022-11-06 08:56:41 +00:00
|
|
|
SHELL.runAs(FN_MSASCui); // old Windows
|
2022-11-06 08:49:06 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
exports.DISABLED = DISABLED;
|
|
|
|
exports.ENABLED = ENABLED;
|
|
|
|
exports.setDisableAntiSpyware = setDisableAntiSpyware;
|
2022-11-06 09:59:07 +00:00
|
|
|
exports.getDisableAntiSpyware = getDisableAntiSpyware;
|
2022-11-06 08:49:06 +00:00
|
|
|
exports.setDisableRegistryTools = setDisableRegistryTools;
|
|
|
|
exports.setDisableTaskMgr = setDisableTaskMgr;
|
|
|
|
exports.getAntiVirusProducts = getAntiVirusProducts;
|
|
|
|
exports.OpenThreatSettings = OpenThreatSettings;
|
|
|
|
|
2022-11-06 09:59:07 +00:00
|
|
|
exports.VERSIONINFO = "Security Policy Module (security.js) version 0.2.2";
|
2022-11-25 14:11:37 +00:00
|
|
|
exports.AUTHOR = "abuse@catswords.net";
|
2022-11-06 08:49:06 +00:00
|
|
|
exports.global = global;
|
|
|
|
exports.require = global.require;
|