Posted scripts to return browser extensions installed in Firefox, Google Chrome, and Windows Edge at https://github.com/krypted/extensionsmanager/tree/main/Windows%20Extensions. There’s a python and a VBscript version of each. The VBScript uses a Set objShell = CreateObject(“WScript.Shell”) statement to create a new instance of the WScript.Shell object and the strExtensionsPath = objShell.ExpandEnvironmentStrings(“%APPDATA%\Mozilla\Firefox\Profiles\%USERNAME%\extensions”) statement gets the path to the extensions directory, so if it’s different for a given environment, make sure to change that per-script. The Set colExtensions = objShell.EnumFiles(strExtensionsPath, “*.xpi”) statement gets a collection of all the extensions in the extensions directory. The Chrome version looks for crx, etc. Might be a way to do these with custom extension types that I’m not aware…
-
-
It’s not wget or curl, it’s iwr in Windows
Powershell comes with a handy little cmdlet to download files from the internet called Invoke-WebRequest which is documented at https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/invoke-webrequest?view=powershell-7.2. There’s an alias for it so it can be called as just iwr. Let’s say there’s a file at https://pathtothefile/myfile.txt and we want to download it to the working directory as simply myfile.txt. That could be done with the following command: iwr -uri https://pathtothefile/myfile.txt -OutFile ./myfile.txt -UseBasicParsing -UseDefaultCredentials In the above example, we used the -uri to identify the target resource and -OutFile to list the local location. The above command used basic parsing as we were accessing a resource from an older server, although that wouldn’t be required for…
-
C++ Program To Decode A JWT
Just posted a visual studio 2017 project at https://github.com/krypted/jwttools that includes an .exe file that, when run directly, extracts json out of an encoded jwt (and checks the signature). The encodedString variable in the jwt.cpp is a jwt that is used for extraction: £include "pch.h" £include £include £include "jwt/jwt.hpp" int main() ¨ using namespace jwt::params; std::string encodedString = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImp0aSI6ImY4ZWQ0OTM2LTBlN2ItNDlmYi05YTkxLWM2MDQyZDEzODMzNiIsImlhdCI6MTU1NTUxODk4NSwiZXhwIjoxNTU1NTIyNTg1fQ.rsyE_KzLO99zKXC7TNFD1RkU6HYF2Y7XJuIkFKumt20"; jwt::jwt_object decoded = jwt::decode( encodedString, algorithms(¨ "hs256" ¼), false ); std::cout
-
Install Python On Windows With A One-Liner
The msiexec command can be used to run an installer on Windows in a zero touch fashion. To do so, run the following command: msiexec /i "python-2.7.14.amd64.msi" /passive TARGETDIR="C:\python"
-
Query Tomcat Logs On Windows Servers
Tomcat logs events into the system log. You can use the get-wmiobject commandlet to see events. Here, we’ll look at a JSS and view only system events: Get-WmiObject Win32_NTLogEvent -ComputerName $jss -Filter "LogFile='system' We can then use AND to further constrain to specific messages, in this case those containing Tomcat: Get-WmiObject Win32_NTLogEvent -ComputerName $jss -Filter "LogFile='system' AND (Message like '%Tomcat%') We can then further constrain output to those with a specific EventCode with another compound statement: Get-WmiObject Win32_NTLogEvent -ComputerName $jss -Filter "LogFile='system' AND (Message like '%Tomcat%') AND (EventCode=1024) For a comprehensive list of Windows event codes, see https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/default.aspx. You could instead use get-eventlog to see system logs. For example, the…
-
Enable Modern Authentication for Office 365
I covered managing devices based on policy in http://https://krypted.com//microsoft-exchange-server/manage-activesync-policies-on-ios-using-powershell-in-exchange-2016/. One of those policies is “modern authentication”, Azure Passthrough Authentication, or OAuth if you will. To enable it, log into Exchange Online via PowerShell and run the set-OrganizationConfig to set -OAuth2ClientProfileEnabled to True: Set-OrganizationConfig -OAuth2ClientProfileEnabled $true If you’re using Skype, do an override: Set-CsOAuthConfiguration -ClientAdalAuthOverride Allowed Now check that OAuth was enabled properly: Get-CsOAuthConfiguration And viola, you’ve caught up to where WordPress was at with OAuth 8 years ago! Next, check the global ADFS authentication rule: Get-AdfsAdditionalAuthenticationRule And you can use Set-AdfsAdditionalAuthenticationRule. Now, you should be able to check the ADFS rules required for a given MFA requirement: Get-AdfsRelyingPartyTrust –Name "Krypted" And…
-
Allow Connections From Other Hosts With IIS Express
IIS Express is a simple web server that can run on Windows with a couple of easy features for developers of Windows applications. This includes things like, webhooks, a modern way of accepting POST requests and responding to them. Each IIS Express site is managed on a user basis, as it’s written as a tool to assist with development. Many web applications will attempt to communicate with one another via a specific port. And when you’re using IIS Express, you’ll need to create a socket binding to that port and allow external users to connect (again, by default, IIS Express is configured for developers to test code on their own machines). To do…
-
Quick And Dirty Windows Firewall Scripting
Here ya’ go! netsh advfirewall firewall add rule name=”KryptedWebhook” dir=in protocol=tcp localport=8443 profile=private remoteip=any action=allow Wait, what’s that?!?! Let’s break down the options I used here: advfirewall: Yup, it’s the new firewall. firewall: Yup, it’s a firewall. add: I’m adding a new rule. I also could have used delete along with the rule name and removed one. Or show to see one. Or set to augment one. rule: It’s all about rules. Each rule allows for a port and/or an action. name: Every rule needs a unique name. Namespace conflicts will result in errors. If programmatically creating rules, I’ve found it undesirable to use a counter and instead moved to…
-
Disable Notification Center & Action Center in Windows 10
A number of environments need to disable the Notification Center and Action Center features in Windows 10. This can be done using the registry editor or using a Group Policy Object (GPO). First let’s look at doing so with the registry. As with any mucking around with the registry, when editing, I strongly recommend backing up the registry and/or creating a restore point first. Once done, click Run, enter regedit and hit Enter to open the Registry Editor. Next, right-click on the HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer registry key and create a new DWORD (32-bit) key. Call the key DisableNotificationCenter and provide the number 1 as the value. Then quit the Registry Editor and…
-
Enable and Disable the GUI in Windows Server 2012
I’ve now installed Windows Server 2012 without a GUI a number of times. And I always seem to end up needing that GUI eventually. So, to get Windows as a feature in Windows Server, use the following command to fire up a powershell environment, entering the admin password when prompted: runas /user:administrator powershell.exe Then let’s install all the Windows Features with the word GUI in them: Get-WindowsFeature -Name *gui* | Install-WindowsFeature -Restart The server will then reboot and you’ll be looking at a login window. To remove, you can just enter the following: Get-WindowsFeature -Name *gui* | Remove-WindowsFeature -Restart