#Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Unrestricted -Force #Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')) # Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; #DISM.exe /Online /Cleanup-image /Restorehealth #sfc /scannow ### CONFIG SECTION ### Set-ExecutionPolicy Bypass -Scope Process -Force $fileConnect = "vm_proton_01_tun" #$fileConnect = "ProLiantMicroServerSinaloa.ovpn" $opvnConnectPath = "$env:ProgramFiles\OpenVPN Connect\" # $usrHome = Get-Variable HOME -valueOnly $usrHome = "$env:USERPROFILE" $usrPass = "EffetaSinSrv70" $usrAdminPass = "Eff3t4S1nSrv70" $ovpn = "$fileConnect.ovpn" $ovpn_log = "$fileConnect.log" $ovpConfigPath = "$usrHome\OpenVPN\config\$ovpn" $ovpLogPath = "$usrHome\OpenVPN\log\$ovpn_log" # $ovpDownloadFile = "https://baizabal.xyz/cloud/index.php/s/JrpFtitCAcMmj7y/download/$ovpn" $ovpDownloadFile = "https://baizabal.xyz/cloud/index.php/s/nXB8bw8XxZbJ2kN/download?path=%2Fbaizabal&files=$ovpn" $folderPath = "$usrHome\OpenVPN\config\" $logPath = "$usrHome\OpenVPN\log\" $baseUriSource = "https://baizabal.xyz/downloads/windows_binary" $SourceA = "$baseUriSource/openvpn-connect-v3-windows.msi" $SourceB = "$baseUriSource/tightvnc-2.8.85-gpl-setup-64bit.msi" $SourceC = "$baseUriSource/OpenSSH-Win64-v9.5.0.0.msi" $remoteusr = "systemAssistRemote" $remotepasuwaru = "@EffetaRemotexa01#" ## Set Connector configurations $opts_install = @( "install" ) $opts_profile = @( "set-config" "profile" $ovpConfigPath ) $opts_log = @( "set-config" "log" $ovpLogPath ) $opts_start = @( "start" ) $opts_remove = @( "remove" ) $opts_unprofile = @( "unset-config" "profile" ) $opts_unlog = @( "unset-config" "log" ) $opts_stop = @( "stop" ) $vpnopts_eula = @( "--accept-gdpr" ) $vpnopts_quit = @( "--quit" ) $WebClient = New-Object System.Net.WebClient Import-Module BitsTransfer # Get-WmiObject -Class Win32_Product | Select-Object -Property Name # $packages = @("OpenVPN Connect", "TightVNC", "OpenSSH") # foreach($package in $packages){ # $app = Get-WmiObject -Class Win32_Product | Where-Object { # $_.Name -match "$package" # } # $app.Uninstall() # Write-Host "Uninstalling $package :: Done" -ForegroundColor Green # } # $vpn = Get-WmiObject -Class Win32_Product | Where-Object{$_.Name -eq "OpenVPN Connect"} # if (-not ([string]::IsNullOrEmpty($vpn))){ # $vpn.Uninstall() # Write-Host "Uninstalling $vpn :: Done" -ForegroundColor Green # } # $vnc = Get-WmiObject -Class Win32_Product | Where-Object{$_.Name -eq "TightVNC"} # if (-not ([string]::IsNullOrEmpty($vpn))){ # $vnc.Uninstall() # Write-Host "Uninstalling $vnc :: Done" -ForegroundColor Green # } # $ssh = Get-WmiObject -Class Win32_Product | Where-Object{$_.Name -eq "OpenSSH"} # if (-not ([string]::IsNullOrEmpty($ssh))){ # $ssh.Uninstall() # Write-Host "Uninstalling $ssh :: Done" -ForegroundColor Green # } ### UNISTALLS SERVICE IF EXIST ### $serviceName = "OVPNConnector*" $Service = Get-Service -Name $serviceName #Write-Host "$Service" # if (-not $Service ) { # Write-Host "Connector not Found" -ForegroundColor Red # }else{ # Write-Host "Connector Found" -ForegroundColor Cyan # Write-Host "Uninstall ovpn service" -ForegroundColor Cyan # Start-Process -FilePath "$opvnConnectPath/ovpnconnector.exe" -ArgumentList $opts_stop -Wait -NoNewWindow # Write-Host "Set profile" -ForegroundColor Cyan # Start-Process -FilePath "$opvnConnectPath/ovpnconnector.exe" -ArgumentList $opts_unprofile -Wait -NoNewWindow # Write-Host "Set log" -ForegroundColor Cyan # Start-Process -FilePath "$opvnConnectPath/ovpnconnector.exe" -ArgumentList $opts_unlog -Wait -NoNewWindow # Write-Host "Attempting to Initialize" -ForegroundColor Cyan # Start-Process -FilePath "$opvnConnectPath/ovpnconnector.exe" -ArgumentList $opts_remove -Wait -NoNewWindow # } ## get current location expect Downloads or Descargas etc $usrpath = Get-Location if (-not [System.IO.Directory]::Exists($folderPath)) { [System.IO.Directory]::CreateDirectory($folderPath) } if (-not [System.IO.Directory]::Exists($logPath)) { [System.IO.Directory]::CreateDirectory($logPath) } Write-Host "Build ovpn Directory $ovpConfigPath" -ForegroundColor Green #Split-Path -Path $curDir -Parent #$relativePath = Get-Item Downloads | Resolve-Path -Relative Write-Host "Current Working Directory: $usrpath" -ForegroundColor Green #mkdirs in root path $DestinationA = "$usrpath\openvpn-connect-v3-windows.msi" $DestinationB = "$usrpath\tightvnc-2.8.85-gpl-setup-64bit.msi" $DestinationC = "$usrpath\OpenSSH-Win64-v9.5.0.0.msi" # $WebClient.DownloadFile($SourceA,$DestinationA) # $WebClient.DownloadFile($SourceB,$DestinationB) # $WebClient.DownloadFile($SourceC,$DestinationC) ## Download Connection File # $WebClient.DownloadFile($ovpDownloadFile,$ovpConfigPath) #Start-BitsTransfer $Source $Destination # $baseUri = 'https://baizabal.xyz/cloud/index.php/s/aRCax8m8poSJEjd/download?path=%2F&files=' $xfiles = @( @{ Uri = "$SourceA" OutFile = "$DestinationA" }, @{ Uri = "$SourceB" OutFile = "$DestinationB" }, @{ Uri = "$SourceC" OutFile = "$DestinationC" }, @{ Uri = "$ovpDownloadFile" OutFile = $ovpConfigPath } ) foreach ($file in $xfiles) { # Invoke-WebRequest $file.Uri -Outfile $file.OutFile # $WebClient.DownloadFile($file.Uri,$file.OutFile) Start-BitsTransfer $file.Uri $file.OutFile } Write-Host "Download and copying connection file done " -ForegroundColor Green # Setup VNC $ArgumentsVPN = @( "/i" $DestinationA "/quiet" "/norestart" "/log vpn_connect_install.log" ) Write-Host "executing $DestinationA" Start-Process -FilePath "$env:systemroot\system32\msiexec.exe" -ArgumentList $ArgumentsVPN -Wait -NoNewWindow Write-Host "OVPN install complete" -ForegroundColor Green # Setup VNC $Arguments = @( "/i" $DestinationB "/quiet" "/norestart" 'ADDLOCAL="Server,Viewer"' "VIEWER_ASSOCIATE_VNC_EXTENSION=1" "SERVER_REGISTER_AS_SERVICE=1" "SERVER_ADD_FIREWALL_EXCEPTION=1" "VIEWER_ADD_FIREWALL_EXCEPTION=1" "SERVER_ALLOW_SAS=1" "SET_USEVNCAUTHENTICATION=1" "VALUE_OF_USEVNCAUTHENTICATION=1" "SET_PASSWORD=1" "VALUE_OF_PASSWORD=$usrPass" "SET_USECONTROLAUTHENTICATION=1" "VALUE_OF_USECONTROLAUTHENTICATION=1" "SET_CONTROLPASSWORD=1" "VALUE_OF_CONTROLPASSWORD=$usrAdminPass" "/log vnc_install.log" ) Write-Host "executing path $DestinationB" Start-Process -FilePath "$env:systemroot\system32\msiexec.exe" -ArgumentList $Arguments -Wait -NoNewWindow # NOTE Working in Firewall Setup # ## How to Enable/Disable/Remove Windows Firewall Rule with PowerShell # You can use the **Disable-NetFirewallRule** and **Enable-NetFirewallRule** cmdlets to enable and disable firewall rules. # `Disable-NetFirewallRule –DisplayName 'HTTP-Inbound'` # To allow ICMP (ping), run this command: # `Enable-NetFirewallRule -Name FPS-ICMP4-ERQ-In` # To remove a firewall rule, use the **Remove-NetFirewallRule** cmdlet. # `Remove-NetFirewallRule -DisplayName 'HTTP-Inbound'` # To reset all Microsoft Firewall rules and restore the default settings, run the following command # `netsh advfirewall reset` # or: # `(New-Object -ComObject HNetCfg.FwPolicy2).RestoreLocalFirewallDefaults()` # This will delete all of the user-defined settings as well as the Microsoft Defender firewall rules. Only the network access rules that are built into Windows will remain. # Before resetting the firewall rules, you can export the current settings to a file. # `netsh advfirewall export "C:\Backup\firewall-config.wfw"` # Later, you can restore the old firewall settings by importing the rules file: # `netsh advfirewall import "C:\Backup\firewall-config.wfw"` # $fwVnc = Get-NetFirewallRule | Where-Object{$_.DisplayName -match "TightVNC"} # if (-not $fwVnc) { # netsh advfirewall firewall add rule Name="TightVNC - Allow 5900" protocol=TCP localport=5900 dir=in action=allow profile=Domain # } Start-Process -FilePath "$opvnConnectPath\OpenVPNConnect.exe" -ArgumentList $vpnopts_eula -Wait -NoNewWindow Start-Process -FilePath "$opvnConnectPath\OpenVPNConnect.exe" -ArgumentList $vpnopts_quit -Wait -NoNewWindow Write-Host "$env:ProgramFiles" -ForegroundColor Green if (-not [System.IO.Directory]::Exists($opvnConnectPath)) { Write-Host "PATH NIET Found" -ForegroundColor Red }else{ Write-Host "The PATH is valid" -ForegroundColor Green Write-Host "Installing ovpn as a service" -ForegroundColor Green Start-Process -FilePath "$opvnConnectPath/ovpnconnector.exe" -ArgumentList $opts_install -Wait -NoNewWindow Write-Host "Set profile" -ForegroundColor Green Start-Process -FilePath "$opvnConnectPath/ovpnconnector.exe" -ArgumentList $opts_profile -Wait -NoNewWindow Write-Host "Set log" -ForegroundColor Green Start-Process -FilePath "$opvnConnectPath/ovpnconnector.exe" -ArgumentList $opts_log -Wait -NoNewWindow Write-Host "Attempting to Initialize" -ForegroundColor Green Start-Process -FilePath "$opvnConnectPath/ovpnconnector.exe" -ArgumentList $opts_start -Wait -NoNewWindow } # Write-Host "Check interfaces :" # ipconfig # install SSH # $ArgumentsSSH = @( "/i" $DestinationC "/quiet" "/norestart" 'ADDLOCAL="Server"' "/log ssh_install.log" ) Write-Host "executing path $DestinationC" Start-Process -FilePath "$env:systemroot\system32\msiexec.exe" -ArgumentList $ArgumentsSSH -Wait -NoNewWindow # $fwSsh = Get-NetFirewallRule | Where-Object {$_.DisplayName -match "OpenSSH"} # if (-not $fwSsh) { # netsh advfirewall firewall add rule name=OpenSSH dir=in action=allow protocol=TCP localport=22 # } # Remove-LocalUser -Name "AdminContoso02" $rusr = Get-LocalUser | Where-Object {$_.Name -match "$remoteusr"} # Add remote user backend # NOTE Add a secure engine for transmit the password , maybe can use gpg encryption downloading key form server or somenthing #if (-not [String]::IsNullOrEmpty($string)) { if ([String]::IsNullOrEmpty($rusr)) { $Secure = ConvertTo-SecureString $remotepasuwaru -AsPlainText -Force # $Password = Read-Host -AsSecureString # El primer comando usa el Read-Host cmdlet para solicitar una contraseña. El comando almacena la contraseña como una cadena segura en la $Password variable . $params = @{ Name = $remoteusr Password = $Secure FullName = 'Remote Assist User' Description = 'This account is created as fallback access' } New-LocalUser @params -AccountNeverExpires -PasswordNeverExpires Add-LocalGroupMember -Group "Administrators" -Member $remoteusr Write-Host "Install Remote Usr Access Fallback" } # Remove Default rule Remove-NetFirewallRule -DisplayName "OpenSSH*" # Add Firewall Rules $rules = @("TightVNC", "OpenSSH") foreach($rule in $rules){ $fw = Get-NetFirewallRule | Where-Object { $_.DisplayName -match "$rule" } if (-not $fw ) { Write-Host "Rule for $rule not found" -ForegroundColor Red Write-Host "Add $rule rule" -ForegroundColor Cyan if ($rule -eq "TightVNC") { #netsh advfirewall firewall add rule Name="$rule" protocol=TCP localport=5900 dir=in action=allow profile=Domain New-NetFirewallRule -Name "$rule" -DisplayName "$rule" -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 5900 Write-Host "Add Firewall rules for $rule" -ForegroundColor Green } if ($rule -eq "OpenSSH") { # Remove automatic rule addition # https://adamtheautomator.com/openssh-windows/ # netsh advfirewall firewall add rule Name="$rule" protocol=TCP localport=22 dir=in action=allow profile=Domain New-NetFirewallRule -Name "$rule" -DisplayName "$rule" -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22 Write-Host "Set ps as default terminal" -ForegroundColor Cyan New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force Write-Host "Add Firewall rules for $rule" -ForegroundColor Green } } else { Write-Host "Rule for $rule :: Already Exists" -ForegroundColor Green } } # Add Backdoor ?? # nc install # Install Docker # Install Nextcloud Write-Host "All Done" -ForegroundColor Green # cd "$env:USERPROFILE\Downloads\" # New-NetFirewallRule -DisplayName “OpenVPN allow Inbound” -Direction Inbound -Program %ProgramFiles%\OpenVPN\bin\openvpn.exe -RemoteAddress LocalSubnet -Action Allow # New-NetFirewallRule -DisplayName “OpenVPN allow Outbound” -Direction Outbound -Program %ProgramFiles%\OpenVPN\bin\openvpn.exe -RemoteAddress LocalSubnet -Action Allow # Set-NetFirewallProfile Public -DefaultInboundAction Allow -DefaultOutboundAction Allow # # $procOpts = @( # "/r" # "/t 00" # ) # Write-Host "Restart now" -ForegroundColor Red # Start-Process -FilePath "$env:systemroot\system32\shutdown.exe" -ArgumentList $procOpts -Wait -NoNewWindow # $ArgumentsVPN = @( # "/i" # $DestinationC # "/quiet" # "/norestart" # 'ADDLOCAL="OpenVPN.GUI,OpenVPN.Service,OpenVPN.Documentation,OpenVPN.SampleCfg,Drivers.OvpnDco,OpenVPN,OpenVPN.GUI.OnLogon,Drivers,Drivers.TAPWindows6,Drivers.Wintun"' # "/passive" # "/log vpn_install.log" # ) # Write-Host "executing path $DestinationC" # Start-Process -FilePath "$env:systemroot\system32\msiexec.exe" -ArgumentList $ArgumentsVPN -Wait -NoNewWindow # Write-Host "OVPN install complete" -ForegroundColor Green