Jump to content

How to set network state private or public using AutoIt ?


Recommended Posts

Hi to all, I was wondering how to do something like this powershell command:

Get-NetConnectionProfile -InterfaceAlias "Ethernet" | Set-NetConnectionProfile -NetworkCategory Private -Confirm:$false -PassThru

natively, or bypassing powershell, in AutoIt.

My goal is to change the state of the current network connection from public to private and viceversa.

And looking beyond, to enable/disable network discovery, network crypt properties, sharing options etc....

 

Edited by t0nZ
Link to post
Share on other sites

You could set the registry values directly at 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles\<guid>

Category will be a DWORD with one of the following values:

0 for Public network

1 for Private network 

2 for Domain network

Link to post
Share on other sites

Thank you @rsn.

I am exploring also the registry way, it's seems interesting, and maybe easier.

My final goal is to have a solution to execute a script on a "random" machine and have:

  1. current connected network to private
  2. allow sharing without password 
  3. set up a folder shared to everyone R/W
  4. transfer some data
  5. revert all this.

I have already solutions for points 3 and 4.. working on 1 and 2.

Returning to powershell way, I come up with this :

Func _Set_Network_Private() ; 
    ShellExecuteWait("powershell.exe", "start-process -verb runas 'powershell.exe' " & _
            "-argumentlist @('-executionpolicy unrestricted',' -command Get-NetConnectionProfile -InterfaceAlias Ethernet | Set-NetConnectionProfile -NetworkCategory Private -Confirm:$false -PassThru')", '', '', @SW_SHOW)
EndFunc

This can be run inside a non admin script, and it asks for elevation. Moreover, if you want to set private/public the current active connection, you can change this

-InterfaceAlias Ethernet

with this:

-IPv4Connectivity Internet

...quick and dirty.... keeping in mind this command output in powershell :

Quote

PS C:\Windows\system32> powershell.exe -executionpolicy unrestricted -command 'Get-NetConnectionProfile -IPv4Connectivity Internet| Set-NetConnectionProfile -NetworkCategory Private -Confirm:$false -PassThru'


Name             : guest
InterfaceAlias   : Wi-Fi
InterfaceIndex   : 6
NetworkCategory  : Private
IPv4Connectivity : Internet
IPv6Connectivity : NoTraffic
 

 

Link to post
Share on other sites

If you're an admin on the remote PC, you don't have to set up sharing. The admin share will be accessible by either IP or hostname:

\\<hostname>\c$\path\to\whatever or \\<IPAddress>\c$\path\to\whatever

If you aren't an admin, you probably shouldn't be doing  this kind of stuff... :think:

Link to post
Share on other sites
Quote

If you aren't an admin, you probably shouldn't be doing  this kind of stuff... :think:

@rsn I am improving 2 existing scripts of mine capable of moving data between two PCs, and these scripts are working one on the source and one on the destination, and they use a shared folder to pass files.

In my typical scenario, I have to move data between heterogeneous machines (one in domain one not, or different domains, or no domain at all, user already admin or not, or admin disabled) so c$ it's not an option, and for years I went through shared folders...

But 🤔 ... I should  create two identical hidden admin users on both machines, to work like you suggest...

Link to post
Share on other sites

Here is a way to do it without using any external command (just use COM objects)

#RequireAdmin ; Needed

_NetSetCategory("LAN", 1) ; Sets the Private category to the network connection called "LAN"


; #FUNCTION# ====================================================================================================================
; Name...........: _NetSetCategory
; Description....: Sets the category of a network. Changes made take effect immediately
; Syntax.........: _NetSetCategory($sNetworkId, $iNetCategory)
; Parameters.....: $sNetworkId     - Name of the network connection
;                  $iNetCategory   - New category of the network. Can be one of :
;                   0 : Public
;                   1 : Private
;                   2 : Domain
; Return values..: Success  - 1
;                  Failure  - 0 and sets the @error flag to non-zero
; Remarks........: The function requires administrator privileges
; ===============================================================================================================================
Func _NetSetCategory($sNetworkId, $iNetCategory)
    Local $iRet = 1, $iNetFound = 0, $oNetwork, $oNetConnection
    If Not IsAdmin() Then Return SetError(4, 0, 0)
    If Not IsInt($iNetCategory) Or $iNetCategory < 0 Or $iNetCategory > 2 Then Return SetError(5, 0, 0)
    Local $INetListManager = ObjCreate("{DCB00C01-570F-4A9B-8D69-199FDBA5723B}")
    If Not IsObj($INetListManager) Then Return SetError($iRet, 0, 0)
    Local $oNetConnections = $INetListManager.GetNetworkConnections()
    If IsObj($oNetConnections) Then
        For $oNetConnection In $oNetConnections
            $oNetwork = $oNetConnection.GetNetwork
            If $oNetwork.GetName = $sNetworkId Then
                $iNetFound = 1
                Execute("$oNetwork.SetCategory($iNetCategory)")
                $iRet = (@error ? 2 : 0)
            EndIf
        Next
        If Not $iNetFound Then $iRet = 3
    EndIf
    $INetListManager = 0
    If $iRet Then Return SetError($iRet, 0, 0)
    Return 1
EndFunc ; ===> _NetSetCategory

Inspired from @Danyfirex code (thanks)

Link to post
Share on other sites

Hi.

 

As you write, that you have a mixture of stand alone PCs and Domain PCs I'd like to mention, that there is another registry value that can be a bad constraint:

 

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"lmcompatibilitylevel"=dword:00000005

 

If the destination computer providing the share has this value set to 5, and a computer from a different domain or a stand alone PC is set to 0, 1 or 2 trying to use this share, then this will only work, if specifying a AD-user account with access rights from the domain, the sharing computer is a member of.

Using a local user account of the PC/Win-Server presenting the share will not work. The error message will give you an "invalid username or password" error. Any AD account will work smoothly (but that was not possible for my scenario)

https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level

 

Seting both sides to "2" solves this issue immediately, a reboot is not required.

 

If this should switch back to 5 check for the GPO pushing the value and exclude the sharing server from receiving that particular GPO.

 

Regards, Rudi.

Earth is flat, pigs can fly, and Nuclear Power is SAFE!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By tarretarretarre
      Version 2.x.x and 3.x.x has been moved to branch 3.x
      About Autoit-Socket-IO
      Autoit-Socket-IO is a event driven TCP/IP wrapper heavily inspired from Socket.IO with focus on user friendliness and long term sustainability.
      I constantly want to make this UDF faster and better, so if you have any suggestions or questions (beginner and advanced) Do not hesitate to ask them, I will gladly help!
      Key features
      Simple API 99% data-type serialization thanks to Autoit-Serialize Can easily be extended with your own functionality thanks to Autoit-Events "Educational" examples Data encryption thanks to _<Crypt.au3> Limitations
      Speed. This UDF will sacrifice some speed for convenience Read more in the official thread
    • By Raywando
      Hello,
      This is my first post. So I’ve worked on a script for a while and I’m planning to publish it but the problem is that it connects to an FTP server at some point, and as you probably know FTP credentials are easily captured by a MITM attack or Wireshark (not sure if Wireshark does). So I thought if i can detect data capturing in the user’s network the script would stop. Any idea?.
      If there’s another workaround I’m happy to hear it. 
    • By kingjacob90
      Hay guys
      Just had an idea and wanted to know where to start. I want to download a screenshot of a website automatically into a .png .jpg ect format so I can then set it as my desktop background.
      This might be for for news: When the latest news is added to a website a screenshot of that website is saved and added to my desktop background.
      I have tried using website that already do the screenshot but you have to open the website and click the button for it to generate one and thus InetGet does not help.
      Any Ideas?
    • By simy8891
      Hi guys,
      It's been a while since I wrote my last message here and a while since I used AutoIt. I'm currently sort of desperate and I'm trying to find some help in regards of getting the network usage per process!
      I'm not interested in the total network usage of the NIC, but only on a specific PID's network utilization. They idea is to collect the amount of traffic uploaded and downloaded by a list of specific processes. So far Process Hacker and Process Explorer are capable of getting what I need, but I need to use these numbers in another script so they're sort of useless to me. I can't seem to find a way around it.
      Any idea, help is greatly appreciated.
      Thanks
    • By ModemJunki
      Hello,
      I solved it - only had to add a sleep for 10 seconds or so to make sure the shell could see the I.P. address change.
      I'm working in Windows PE environment (10.0.10586). I think I have some permissions issue related to AutoIT
      I've tried with Net Share and with DriveMapAdd - neither work.
      So finally I made the script output a batch file with a pause and what I found is that in WinPE, the batch file behaves differently if it's run at the command prompt or if it is spawned by AutoIT.
      If spawned by AutoIT, the net use command gives error 1231 "The network location cannot be reached". I assume this is the same problem that DriveMapAdd is having.
      But if I run the same batch file under the command shell in the Windows PE instance, it works.
      I also made a simple test with Ping() and it always returns 1 (host is offline) but I can ping it from the command line in the same PE session.
      Are there service dependencies for this to work? What is preventing AutoIT from accessing the network?
      Below sample is kind of dirty but illustrates what I'm doing. Could use a lot more refinement for error checking etc.
      ;~ #RequireAdmin #include <Array.au3> #include <AutoItConstants.au3> _SetUpPEIP() Func _SetUpPEIP() Local $s_user = "USER" Local $s_pass = "PASS" Local $s_RMTIP = "10.1.1.4" Local $s_RMTSHR = "SHARED_FOLDER" Local $s_IPPrefix = "10.1.1." Local $s_netMask = "255.255.255.0" Local $s_StartIP = 20 Local $a_NICs[1] Local $objWMIService = ObjGet("winmgmts:\\localhost\root\CIMV2") Local $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapter", "WQL") If IsObj($colItems) Then ; gather network card names For $objItem In $colItems If $objItem.NetConnectionStatus == "2" Or $objItem.NetConnectionStatus == "9" Then _ArrayAdd($a_NICs, $objItem.NetConnectionID) EndIf Next EndIf If IsArray($a_NICs) Then ; assign them I.P. addresses For $i = 1 To UBound($a_NICs) - 1 $s_setIP = "netsh interface IP set address name=""" & $a_NICs[$i] & """ static " & $s_IPPrefix & $i + $s_StartIP - 1 & " " & $s_netMask $s_ipRes = RunWait(@ComSpec & " /c " & $s_setIP, @ScriptDir, @SW_HIDE) ; expect 0 Sleep(100) ConsoleWrite($s_setIP & " result is: " & $s_ipRes & @CRLF) Next Sleep(10000) ; wait for the shell to catch up and enum the I.P. $sres = DriveMapAdd("Z:", "\\" & $s_RMTIP & "\" & $s_RMTSHR, $DMA_PERSISTENT, $s_user, $s_pass) ; now map a drive Else ; error! No cards found! EndIf EndFunc ;==>_SetUpPEIP  
×
×
  • Create New...