RUN AS LOCALSYSTEM USER
Please use this script to configure security settings in google chrome,microsoft edge and mozilla firefox.
this script has been scanned with virustotal.com and xcitium verdict cloud.
PYTHON SCRIPT FILE SHA1 VALUE - a732aaa4ddbf576547024a973b9b7a36aa98c643
JSON FILE SHA1 VALUE - 94950539910ce324960cf4f1bafaa353fda651f1
NOTE:
GOOGLE CHROME:
1. safe browsing
give 0 in the chrome_safe_browsing_options if you want to set the safe browsing to "NO PROTECTION"
give 1 in the chrome_safe_browsing_options if you want to set the safe browsing to "STANDARD PROTECTION"
give 2 in the chrome_safe_browsing_options if you want to set the safe browsing to "ENHANCED PROTECTION"
2. Always use secure connections
give 0 in the chrome_HTTPS_Only_Mode_options if you Do not want to allow users to enable "Always use secure connections"
give 1 in the chrome_HTTPS_Only_Mode_options if you want to enable the "Always use secure connections"
MICROSOFT EDGE:
1) TrackingPrevention:
give 0 in the TrackingPrevention_options if you want to set the TrackingPrevention to "disable"
give 1 in the TrackingPrevention_options if you want to set the TrackingPrevention to "Basic"
give 2 in the TrackingPrevention_options if you want to set the TrackingPrevention to "Balanced"
give 3 in the TrackingPrevention_options if you want to set the TrackingPrevention to "Strict"
2) Enhance your security on the web:
give 0 in the EnhanceSecurityMode_options if you want to set the "Enhance your security on the web" to "disable"
give 1 in the EnhanceSecurityMode_options if you want to set the "Enhance your security on the web" to "Balanced"
give 2 in the EnhanceSecurityMode_options if you want to set the "Enhance your security on the web" to "Strict"
3) Microsoft Defender SmartScreen:
give 0 in the MD_SmartScreen_options if you want disable "Microsoft Defender SmartScreen"
give 1 in the MD_SmartScreen_options if you want to enable "Microsoft Defender SmartScreen"
4) block potentially unwanted apps:
you need to enable Microsoft Defender SmartScreen in order to use this option.
give 0 in the BlockPotentiallyUnwantedApps_options if you want disable "block potentially unwanted apps"
give 1 in the BlockPotentiallyUnwantedApps_options if you want to enable "block potentially unwanted apps"
5) Website typo protection:
give 0 in the WebsiteTypoProtection_options if you want disable "Website typo protection"
give 1 in the WebsiteTypoProtection_options if you want to enable "Website typo protection"
6) SiteSafetyServices:
give 0 in the SiteSafetyServices_options if you want to Turn off site safety services to get more info about the sites you visit
give 1 in the SiteSafetyServices_options if you want to Turn on site safety services to get more info about the sites you visit
7) Scareware Blocker:
give 0 in the Scareware_Blocker_options if you want to disable "Scareware Blocker"
give 1 in the Scareware_Blocker_options if you want to enable "Scareware Blocker"
MOZILLA FIREFOX:
1. TrackingProtection:
give 0 in the EnableTrackingProtection_options if you want to disable the Enhanced Tracking Protection
give 1 in the EnableTrackingProtection_options if you want to enable the Enhanced Tracking Protection
2. HTTPS-Only Mode:
give 0 in the Https_Only_Mode_options if you want to disable the HTTPS-Only Mode
give 1 in the Https_Only_Mode_options if you want to enable the HTTPS-Only Mode
3. SafeBrowsing:
give 0 in SafeBrowsing_options if you want the following things to be disabled,
|*| Block dangerous and deceptive content
|*| Block dangerous downloads
|*| Warn you about unwanted and uncommon software
give 1 in SafeBrowsing_options if you want the following things to be enabled,
|*| Block dangerous and deceptive content
|*| Block dangerous downloads
|*| Warn you about unwanted and uncommon software
4. PrivateBrowsing:
Use the value 0 in PrivateBrowsing_options if you want to enable private browsing
Use the value 1 in PrivateBrowsing_options if you want to disable private browsing
#--------------------------------
#GOOGLE CHROME SECURITY SETTINGS
#--------------------------------
chrome_safe_browsing_options = 2 #edit here
"""
give 0 in the chrome_safe_browsing_options if you want to set the safe browsing to "NO PROTECTION"
give 1 in the chrome_safe_browsing_options if you want to set the safe browsing to "STANDARD PROTECTION"
give 2 in the chrome_safe_browsing_options if you want to set the safe browsing to "ENHANCED PROTECTION"
"""
chrome_HTTPS_Only_Mode_options = 1 #edit here
"""
give 0 in the chrome_HTTPS_Only_Mode_options if you Do not want to allow users to enable "Always use secure connections"
give 1 in the chrome_HTTPS_Only_Mode_options if you want to enable the "Always use secure connections"
"""
#--------------------------------
#MICROSOFT EDGE SECURITY SETTINGS
#--------------------------------
TrackingPrevention_options = 3 #edit here
"""
give 0 in the TrackingPrevention_options if you want to set the TrackingPrevention to "disable"
give 1 in the TrackingPrevention_options if you want to set the TrackingPrevention to "Basic"
give 2 in the TrackingPrevention_options if you want to set the TrackingPrevention to "Balanced"
give 3 in the TrackingPrevention_options if you want to set the TrackingPrevention to "Strict"
"""
EnhanceSecurityMode_options = 2 #edit here
"""
give 0 in the EnhanceSecurityMode_options if you want to set the "Enhance your security on the web" to "disable"
give 1 in the EnhanceSecurityMode_options if you want to set the "Enhance your security on the web" to "Balanced"
give 2 in the EnhanceSecurityMode_options if you want to set the "Enhance your security on the web" to "Strict"
"""
MD_SmartScreen_options = 1 #edit here
"""
give 0 in the MD_SmartScreen_options if you want disable "Microsoft Defender SmartScreen"
give 1 in the MD_SmartScreen_options if you want to enable "Microsoft Defender SmartScreen"
"""
BlockPotentiallyUnwantedApps_options = 1 #edit here
"""
give 0 in the BlockPotentiallyUnwantedApps_options if you want disable "block potentially unwanted apps"
give 1 in the BlockPotentiallyUnwantedApps_options if you want to enable "block potentially unwanted apps"
"""
WebsiteTypoProtection_options = 1 #edit here
"""
give 0 in the WebsiteTypoProtection_options if you want disable "Website typo protection"
give 1 in the WebsiteTypoProtection_options if you want to enable "Website typo protection"
"""
SiteSafetyServices_options = 1 #edit here
"""
give 0 in the SiteSafetyServices_options if you want to Turn off site safety services to get more info about the sites you visit
give 1 in the SiteSafetyServices_options if you want to Turn on site safety services to get more info about the sites you visit
"""
Scareware_Blocker_options = 1 #edit here
"""
give 0 in the Scareware_Blocker_options if you want to disable "Scareware Blocker"
give 1 in the Scareware_Blocker_options if you want to enable "Scareware Blocker"
"""
#--------------------------------
#FIREFOX SECURITY SETTINGS
#--------------------------------
EnableTrackingProtection_options = 1 #edit here
"""
give 0 in the EnableTrackingProtection_options if you want to disable the Enhanced Tracking Protection
give 1 in the EnableTrackingProtection_options if you want to enable the Enhanced Tracking Protection
"""
Https_Only_Mode_options = 1 #edit here
"""
give 0 in the Https_Only_Mode_options if you want to disable the HTTPS-Only Mode
give 1 in the Https_Only_Mode_options if you want to enable the HTTPS-Only Mode
"""
SafeBrowsing_options = 1 #edit here
"""
give 0 in SafeBrowsing_options if you want the following things to be disabled,
|*| Block dangerous and deceptive content
|*| Block dangerous downloads
|*| Warn you about unwanted and uncommon software
give 1 in SafeBrowsing_options if you want the following things to be enabled,
|*| Block dangerous and deceptive content
|*| Block dangerous downloads
|*| Warn you about unwanted and uncommon software
"""
PrivateBrowsing_options = 1 #edit here
"""
Use the value 0 in PrivateBrowsing_options if you want to enable private browsing
Use the value 1 in PrivateBrowsing_options if you want to disable private browsing
"""
import os
from subprocess import PIPE, Popen
import ctypes
import re
BatchScript = r"""
@echo off
set "user="
for /f "skip=1 tokens=1,* delims=\" %%A in ('
wmic computersystem get username ^|
powershell -noprofile -command "$input.trim()"
') do set "user=%%~B"
echo %user%
"""
class BrowserSettings:
class disable_file_system_redirection:
_disable = ctypes.windll.kernel32.Wow64DisableWow64FsRedirection
_revert = ctypes.windll.kernel32.Wow64RevertWow64FsRedirection
def __enter__(self):
self.old_value = ctypes.c_long()
self.success = self._disable(ctypes.byref(self.old_value))
def __exit__(self, type, value, traceback):
if self.success:
self._revert(self.old_value)
def ecmd(self,command):
with self.disable_file_system_redirection():
obj = Popen(command, shell = True, stdout = PIPE, stderr = PIPE)
out, err = obj.communicate()
return out,err
def chrome_settings(self):
print(self.ecmd('REG ADD HKLM\Software\Policies\Google\Chrome /v SafeBrowsingProtectionLevel /t REG_DWORD /d %s /f'%(chrome_safe_browsing_options)))
if chrome_HTTPS_Only_Mode_options==0:
print(self.ecmd('REG ADD HKLM\Software\Policies\Google\Chrome /v HttpsOnlyMode /t REG_SZ /d disallowed /f'))
elif chrome_HTTPS_Only_Mode_options==1:
print(self.ecmd('REG ADD HKLM\Software\Policies\Google\Chrome /v HttpsOnlyMode /t REG_SZ /d force_enabled /f'))
def Edge_settings(self):
print(self.ecmd('REG ADD HKLM\Software\Policies\Microsoft\Edge /v TrackingPrevention /t REG_DWORD /d %s /f'%(TrackingPrevention_options)))
print(self.ecmd('REG ADD HKLM\Software\Policies\Microsoft\Edge /v EnhanceSecurityMode /t REG_DWORD /d %s /f'%(EnhanceSecurityMode_options)))
print(self.ecmd('REG ADD HKLM\Software\Policies\Microsoft\Edge /v TyposquattingCheckerEnabled /t REG_DWORD /d %s /f'%(WebsiteTypoProtection_options)))
print(self.ecmd('REG ADD HKLM\Software\Policies\Microsoft\Edge /v SiteSafetyServicesEnabled /t REG_DWORD /d %s /f'%(SiteSafetyServices_options)))
print(ecmd('REG ADD HKLM\Software\Policies\Microsoft\Edge /v ScarewareBlockerProtectionEnabled /t REG_DWORD /d %s /f'%(Scareware_Blocker_options)))
batch_script_path = os.path.join(os.environ["TEMP"], "currentuser.bat")
with open(batch_script_path, "w") as f:
f.write(BatchScript)
with self.disable_file_system_redirection():
curusername = os.popen(batch_script_path).read().strip()
users=os.popen("wmic UserAccount get Name").read().strip().splitlines()
fil_users=[i.strip() for i in users if i.strip()!="Administrator" and i.strip()!="DefaultAccount" and i.strip()!="Guest" and i.strip()!="WDAGUtilityAccount"]
curcheck = list(filter(lambda x: x.lower()==curusername.lower(),fil_users))
if curcheck:
try:
sid = os.popen("wmic useraccount where name=\"%s\" get sid"%(curusername)).read().splitlines()[1].strip()
print(self.ecmd('REG ADD "HKEY_USERS\%s\Software\Microsoft\Edge\SmartScreenEnabled" /v "" /t REG_DWORD /d %s /f'%(sid,MD_SmartScreen_options)))
print(self.ecmd('REG ADD "HKEY_USERS\%s\Software\Microsoft\Edge\SmartScreenPuaEnabled" /v "" /t REG_DWORD /d %s /f'%(sid,BlockPotentiallyUnwantedApps_options)))
except Exception as err:
print(err)
else:
fil_users.remove(curcheck[0])
for i in fil_users:
if os.path.exists("C:\\Users\\%s\\ntuser.dat"%(i)):
out,err = self.ecmd('reg load "HKU\\%s" "C:\\Users\\%s\\ntuser.dat"'%(i,i))
if out:
try:
print(self.ecmd('REG ADD "HKEY_USERS\%s\Software\Microsoft\Edge\SmartScreenEnabled" /v "" /t REG_DWORD /d %s /f'%(i,MD_SmartScreen_options)))
print(self.ecmd('REG ADD "HKEY_USERS\%s\Software\Microsoft\Edge\SmartScreenPuaEnabled" /v "" /t REG_DWORD /d %s /f'%(i,BlockPotentiallyUnwantedApps_options)))
except Exception as err:
print(err)
else:
unLoad = os.popen('reg unload "HKU\\%s"'%(i)).read()
else:
print(err)
def Firefox_settings(self):
print(self.ecmd('REG ADD HKLM\Software\Policies\Mozilla\Firefox\EnableTrackingProtection /v Value /t REG_DWORD /d %s /f'%(EnableTrackingProtection_options)))
print(self.ecmd('REG ADD HKLM\Software\Policies\Mozilla\Firefox\Preferences /v dom.security.https_only_mode /t REG_DWORD /d %s /f'%(Https_Only_Mode_options)))
print(self.ecmd('REG ADD HKLM\Software\Policies\Mozilla\Firefox\Preferences /v browser.safebrowsing.phishing.enabled /t REG_DWORD /d %s /f'%(SafeBrowsing_options)))
print(self.ecmd('REG ADD HKLM\Software\Policies\Mozilla\Firefox\Preferences /v browser.safebrowsing.malware.enabled /t REG_DWORD /d %s /f'%(SafeBrowsing_options)))
print(self.ecmd('REG ADD HKLM\Software\Policies\Mozilla\Firefox\Preferences /v browser.safebrowsing.downloads.enabled /t REG_DWORD /d %s /f'%(SafeBrowsing_options)))
print(self.ecmd('REG ADD HKLM\Software\Policies\Mozilla\Firefox\Preferences /v browser.safebrowsing.downloads.remote.block_uncommon /t REG_DWORD /d %s /f'%(SafeBrowsing_options)))
print(self.ecmd('REG ADD HKLM\Software\Policies\Mozilla\Firefox\Preferences /v browser.safebrowsing.downloads.remote.block_potentially_unwanted /t REG_DWORD /d %s /f'%(SafeBrowsing_options)))
print(self.ecmd('REG ADD HKLM\Software\Policies\Mozilla\Firefox /v DisablePrivateBrowsing /t REG_DWORD /d %s /f'%(PrivateBrowsing_options)))
def change_settings(self):
self.chrome_settings()
self.Edge_settings()
self.Firefox_settings()
browserOBJ = BrowserSettings()
browserOBJ.change_settings()
Comments