Windows 11 отключить bluetooth гарнитуру

Не отключалась гарнитура блютус.

Нажимаешь удалить устройство, выключаешь, включаешь блютус, оно снова появляется в списке как известное но не подключается.

Помог скрипт отсюад

https://superuser.com/questions/1738244/cant-remove-bluetooth-device-despite-no-entry-in-registry

$Source = @"     [DllImport("BluetoothAPIs.dll", SetLastError = true, CallingConvention = CallingConvention.StdCall)]     [return: MarshalAs(UnmanagedType.U4)]     static extern UInt32 BluetoothRemoveDevice(IntPtr pAddress);       public static UInt32 Unpair(UInt64 BTAddress) {        GCHandle pinnedAddr = GCHandle.Alloc(BTAddress, GCHandleType.Pinned);        IntPtr pAddress     = pinnedAddr.AddrOfPinnedObject();        UInt32 result       = BluetoothRemoveDevice(pAddress);        pinnedAddr.Free();        return result;     }  "@    Function Get-BTDevice {      Get-PnpDevice -class Bluetooth |        ?{$_.HardwareID -match 'DEV_'} |           select Status, Class, FriendlyName, HardwareID,              # Extract device address from HardwareID              @{N='Address';E={[uInt64]('0x{0}' -f $_.HardwareID[0].Substring(12))}}  }    ################## Execution Begins Here ################    $BTR       = Add-Type -MemberDefinition $Source -Name "BTRemover"  -Namespace "BStuff" -PassThru  $BTDevices = @(Get-BTDevice) # Force array if null or single item    Do {     If ($BTDevices.Count) {        "`n******** Bluetooth Devices ********`n" | Write-Host        For ($i=0; $i -lt $BTDevices.Count; $i++) {           ('{0,5} - {1}' -f ($i+1), $BTDevices[$i].FriendlyName) | Write-Host        }        $selected = Read-Host "`nSelect a device to remove (0 to Exit)"        If ([int]$selected -in 1..$BTDevices.Count) {           'Removing device: {0}' -f $BTDevices[$Selected-1].FriendlyName | Write-Host           $Result = $BTR::Unpair($BTDevices[$Selected-1].Address)           If (!$Result) {"Device removed successfully." | Write-Host}           Else {"Sorry, an error occured." | Write-Host}        }     }     Else {        "`n********* No devices found ********" | Write-Host     }  } While (($BTDevices = @(Get-BTDevice)) -and [int]$selected)

Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090

hyper-v saved-critical windows 11

После обновления с 10 на 11 появились в списке ВМ которых на самом деле нет, из менеджера не удаляются

```powershell

$vmname = 'test1'
$VMManagementService = Get-WmiObject -Namespace 'root\virtualization\v2' -Class Msvm_VirtualSystemManagementService
$vmobject = Get-WmiObject -Namespace 'root\virtualization\v2' -Class 'msvm_computersystem' | Where-Object { $_.elementname -match $vmname }
$VMManagementService.DestroySystem($vmobject)

```

Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090

Меняется разрешение при выключении экрана

Идея в том, чтобы виртуальный экран при выключенных реальных был нужного разрешения.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\SIMULATED_8086_46A8_00000000_00020000_800050^1A6FF0E82864B84FCEAD280EFF0E764B\00]
"PrimSurfSize.cx"=dword:00000a00
"PrimSurfSize.cy"=dword:000005a0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\SIMULATED_8086_46A8_00000000_00020000_800050^1A6FF0E82864B84FCEAD280EFF0E764B\00\00]
"ActiveSize.cx"=dword:00000a00
"ActiveSize.cy"=dword:000005a0
"PrimSurfSize.cx"=dword:00000a00
"PrimSurfSize.cy"=dword:000005a0
"DwmClipBox.right"=dword:00000a00
"DwmClipBox.bottom"=dword:000005a0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\SIMULATED_8086_46A8_00000000_00020000_2045^DD31C473FFED3913883A19534512E68D\00]
"PrimSurfSize.cx"=dword:00000a00
"PrimSurfSize.cy"=dword:000005a0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\SIMULATED_8086_46A8_00000000_00020000_2045^DD31C473FFED3913883A19534512E68D\00\00]
"ActiveSize.cx"=dword:00000a00
"ActiveSize.cy"=dword:000005a0
"PrimSurfSize.cx"=dword:00000a00
"PrimSurfSize.cy"=dword:000005a0
"DwmClipBox.right"=dword:00000a00
"DwmClipBox.bottom"=dword:000005a0

Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090

Заменить циферки на циферки в кавычечках

Задача сделать так, чтобы 01 стало '01' иначе ансибл считае что 01 = 1

notepad++

suffix: (\d+),

suffix: '\1',

Ищем циферки: (\d+)

Берём найденое (содержимое скобочек) в кавычечки: '\1'

Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090

Alt linux в WSL

# ALT Linux в WSL

Нам нужен tar файл из архива:
https://ftp.altlinux.org/pub/distributions/ALTLinux/p11/images/cloud/x86_64/alt-p11-rootfs-systemd-x86_64.tar.xz


```powershell
$distro_name = "alt-p11"
$distro_storage = "c:\vm\_wsl\$($distro_name)"
$distro_tarball = "c:\users\public\iso\alt-p11-rootfs-systemd-x86_64.tar"

7z e c:\users\public\iso\alt-p11-rootfs-systemd-x86_64.tar.xz

wsl --unregister $distro_name
wsl --import $distro_name $distro_storage $distro_tarball
wsl -d alt-p11

```

```bash
apt-get update; apt-get install -y passwd sudo

wsluser=appc
adduser -G wheel $wsluser
echo -e "$wsluser ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/$wsluser
passwd $wsluser

cat > /etc/wsl.conf <<EOF
[user]
default=$wsluser

[automount]
enabled = true
mountFsTab = false
root = /mnt/
options = "metadata,umask=22,fmask=11"

[network]
generateHosts = true
generateResolvConf = true
EOF

```

```powershell
wsl --terminate $distro_name
wsl -d $distro_name

```

Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090

Не запускается sshd на Windows 10 The process terminated unexpectedly.

Помогло исправить разрешение на 

C:\ProgramData\ssh\logs

Оставил в списке только System и группу Администраторы и 

Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090

Конвертер Windows DHCP в kea-dhcp4.conf

https://github.com/arsenyratner/Convert-WindowsDHCPToKea

powershell Convert-WindowsDHCPToKea.ps1 \      -in_xml "/var/tmp/win_dhcp.xml" \      -in_template "/etc/kea/kea-dhcp4.conf" \      -out_confdir "/etc/kea" \      -split "all" \      -out_dhcp4_conf "/etc/kea/kea-dhcp4.conf.json" \      -out_confd "/etc/kea/conf.d"

Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090

Полезные фильтры для LDAP запросов в AD

https://podalirius.net/en/articles/useful-ldap-queries-for-windows-active-directory-pentesting/

List all users

To do this we select all the users ((objectClass=user)) and all the people ((objectClass=person)) of the LDAP:

(&(objectCategory=person)(objectClass=user))  

List of all kerberoastables users

To do this we select all the users ((objectClass=user)) having a Service Principal Name (SPN) defined ((servicePrincipalName=*)) and we remove from our results:

• The user krbtgt (which by definition has an SPN) with the filter (!(cn=krbtgt)).
• Disabled users, with the filter (!(userAccountControl:1.2.840.113556.1.4.803:=2)))

Which gives us:

(&(objectClass=user)(servicePrincipalName=*)(!(cn=krbtgt))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))  

List of all asrep-roastables users

To do this we select all the users ((objectClass=user)) that have "Do not require Kerberos preauthentication" flag set in their userAccountControl:

(&(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=4194304))  

Find all Users that need to change password on next login.

(&(objectCategory=user)(pwdLastSet=0))  

Find all Users that are almost Locked-Out

(&(objectCategory=user)(badPwdCount>=4))  

Find all Users with *pass* or *pwd* in their description

(&(objectCategory=user)(|(description=*pass*)(description=*pwd*)))  

List of all users protected by adminCount

The adminCount attribute specifies that a given object has had its access control lists (ACLs) changed to a more secure value by the Active Directory system because it is a member of one of the administrative groups, either directly or transitively.

(&(objectCategory=user)(adminCount=1))  

Groups

List all groups

(objectCategory=group)  

List of all groups protected by adminCount

The adminCount attribute specifies that a given object has had its access control lists (ACLs) changed to a more secure value by the Active Directory system because it is a member of one of the administrative groups, either directly or transitively.

(&(objectCategory=group)(adminCount=1))  

Services

Listing all servicePrincipalName

(servicePrincipalName=*)  

Listing specific services from their servicePrincipalName

To list specific services, we can use the beginning of the servicePrincipalName attribute:

(servicePrincipalName=http/*)  

Here is a few examples of servicePrincipalName:

• ldap/DC01.LAB.local
• kadmin/changepw (of kerberos service CN=krbtgt,CN=Users,DC=LAB,DC=local)
• MSSQLSvc/DC01.LAB.local

Computers

Listing all computers with a given Operating System

For example to list all the machines under Windows XP:

(&(objectCategory=Computer)(operatingSystem=Windows XP*))  

With operatingSystem in:

• Windows Server 2022*
• Windows Server 2019*
• Windows Server 2016*
• Windows Server 2008*
• Windows 11*
• Windows 10*
• Windows 8*
• Windows 7*
• Windows Vista*
• Windows XP*
• Windows Server 2003*
• Windows 2000*

Find all Workstations

(sAMAccountType=805306369)  

Find all computers having a KeyCredentialLink

This is useful to check for shadow credentials on machine accounts:

(&(objectClass=computer)(msDS-KeyCredentialLink=*))  

Find all computers having an Obsolete OS

(&(objectCategory=Computer)(|(operatingSystem=Windows 2000*)(operatingSystem=Windows Vista*)(operatingSystem=W

Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090

WSL ansible и правильные права на локальные диски

Linux права на диске C или D
Create this file in your wsl: /etc/wsl.conf

Content:

[automount]
enabled = true
mountFsTab = false
root = /mnt/
options = "metadata,umask=22,fmask=11"

[network]
generateHosts = true
generateResolvConf = true

After that all /mnt/c/foo will have different folder permissions (not 777 any more) and you will be able to use chmod.
It requires you to have the latest WSL as far as I know.

Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090

Анало ipconfig registerdns в Linux

COMP=$(hostname -s)

DOM=$(hostname -d)

IP=$(hostname -i | cut -f1 -d' ')

DC=$(dig +short m48.dzm | head -n 1)

cat > /var/tmp/nsupdate.txt << EOF

server $DC

zone $DOM

update add ${COMP}.${DOM} 86400 A ${IP}

show

send

EOF

cat /var/tmp/nsupdate.txt

kdestroy

kinit -k ${COMP^^}\$

klist

nsupdate -g -v /var/tmp/nsupdate.txt

pxe boot grub efi legacy bios

grub-mkimage -d /usr/lib/grub/i386-pc/ -O i386-pc-pxe -o ./booti386 -p '(tftp)/grub' pxe tftp
grub-mkimage -d /usr/lib/grub/x86_64-efi/ -O x86_64-efi -o ./bootx64.efi -p '(tftp)/grub' efinet tftp
cp -r /usr/lib/grub/x86_64-efi
and after '/usr/lib/grub/x86_64-efi'
ion.
cp -r /usr/lib/grub/x86_64-efi ./
cp -r /usr/lib/grub/i386-pc ./

grub/grub.cfg

Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090

kickstart для минимальной установки redos для шаблона proxmox

url --url=http://192.168.126.5/pub/iso/redos/7.3

lang en_US

keyboard --xlayouts='us'

timezone Europe/Moscow

zerombr

clearpart --all --initlabel

bootloader --location=mbr --append="net.ifnames=0"

autopart --type=plain

network --bootproto=dhcp --device=link --activate --onboot=on

firstboot --disable

#selinux

#selinux --enforcing

selinux --permissive

#selinux --disabledfirewall --enabled --ssh

#firewall

#firewall --enabled

firewall --disabled

authconfig --enableshadow --passalgo=sha512

#rootpw --plaintext redos --lock

rootpw --lock

#user --name=redos --groups=wheel --password=redos --gecos="defaultuser"

#sshkey --username=appc "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEA7YUTXCKAMavLy98/Kep6eDKK2NyVEc/kUklZUbBubg4DfFHDO2KDXtFN7uq8HPcYR7uqFLqkRijhBwJbnPGLpp2mA+iOHLpJvD/tGpDyNt/ImM0hQG3+dzPLtvzc9Ln5mY2RUfOUTFEx7dqGVuwPQXMhZLCEkpIcGicPTpdG0CIu/GdELUtwgrZZ+reNXMG82VnFBVDZObL7H1YsmrgyyWBUMAzwf+EeUFk9Q4k8qsV8utONo3AvscaESxyt5UDvVuV7PrPxp28a03k9ybMMrXjPzuEaM2P0pxGT0VsIoR/fG78MwkSPTveX0QgDU4gBihOAcH2/2WHGBE+1pr9saw== appc@appc-pc"

#sshkey --username=root "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEA7YUTXCKAMavLy98/Kep6eDKK2NyVEc/kUklZUbBubg4DfFHDO2KDXtFN7uq8HPcYR7uqFLqkRijhBwJbnPGLpp2mA+iOHLpJvD/tGpDyNt/ImM0hQG3+dzPLtvzc9Ln5mY2RUfOUTFEx7dqGVuwPQXMhZLCEkpIcGicPTpdG0CIu/GdELUtwgrZZ+reNXMG82VnFBVDZObL7H1YsmrgyyWBUMAzwf+EeUFk9Q4k8qsV8utONo3AvscaESxyt5UDvVuV7PrPxp28a03k9ybMMrXjPzuEaM2P0pxGT0VsIoR/fG78MwkSPTveX0QgDU4gBihOAcH2/2WHGBE+1pr9saw== appc@appc-pc"

%packages --multilib --ignoremissing

@Core

cloud-init

qemu-guest-agent

#net if name eth0 net.ifnames=0

-biosdevname

%end

#%post --nochroot --erroronfail --log=/tmp/ks-post.log

%post --erroronfail --log=/tmp/ks-post.log

echo post $(pwd)

#rootdir="/mnt/sysimage"

rootdir=""

echo issue

echo "\4" >> $rootdir/etc/issue

echo "\6" >> $rootdir/etc/issue

echo "" >> $rootdir/etc/issue

echo sudo

#echo "redos ALL:(ALL) NOPASSWD:ALL" > /etc/sudoers.d/redos

cat > $rootdir/etc/cloud/cloud.cfg.d/90-redos.cfg << EOF

datasource_list: [ NoCloud, ConfigDrive, None ]

runcmd:

  - rm -f /etc/machine-id

  - systemd-machine-id-setup

# System and/or distro specific settings

# (not accessible to handlers/transforms)

system_info:

   # This will affect which distro class gets used

   distro: redos

   # Default user name + that default users groups (if added/used)

   default_user:

     name: redos

     lock_passwd: True

     gecos: RedOS Cloud User

     groups: [wheel]

     sudo: ["ALL=(ALL) NOPASSWD:ALL"]

     shell: /bin/bash

   # Other config here will be given to the distro class and/or path classes

   paths:

      cloud_dir: /var/lib/cloud/

      templates_dir: /etc/cloud/templates/

   network:

      renderers: ['netplan', 'networkd', 'etcnet']

   ssh_svcname: sshd

EOF

%end

services --enabled=cloud-init,cloud-config,cloud-final,cloud-init-local

#метод завершения установки

#reboot

shutdown

Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090

Посмотреть список адресов в табличном виде powershell

ForEach-Object { Get-NetIPAddress -AddressFamily ipv4 } | Format-Table InterfaceIndex,InterfaceAlias,IPAddress

Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090

VYOS 1.5 qcow2

Собирал на ВМ с Debian 12

https://codingpackets.com/blog/vyos-qemu-image-build/

https://github.com/vyos/vyos-rolling-nightly-builds/releases/download/1.5-rolling-202312191154/vyos-1.5-rolling-202312191154-amd64.iso

sudo ansible-playbook qemu.yml \
   -e disk_size=10 \
   -e cloud_init=true \
   -e cloud_init_ds=NoCloud,ConfigDrive,None \
   -e guest_agent=qemu \
   -e keep_user=false \
   -e enable_ssh=true \
   -e iso_local=/home/appc/vyos-1.5-rolling-202312191154-amd64.iso

Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090

SSTP + DST NAT NGINX APACHE share tcp 443

Взято вот туть:

https://forum.mikrotik.com/viewtopic.php?f=9&t=134358#

/interface sstp-server server set certificate=vpn.company.com.crt_0 enabled=yes port=10443
# добавим в список sstp-conn пакеты пришедшие на порт 443 для tls-host

/ip firewall mangle add \

action=add-src-to-address-list \

address-list=sstp-conn \
address-list-timeout=5s \

chain=prerouting \
dst-address-type=local \

dst-port=443 \

protocol=tcp \
tls-host=vpn.company.com

#отправим все пакеты заменим порт назначения 443 на порт 10443 в пакетах пришедших с адресов из списка sstp-vpn
/ip firewall nat add \

action=dst-nat \

chain=dstnat \

dst-address-type=local \
dst-port=443 \

protocol=tcp \

src-address-list=sstp-conn \
to-ports=10443

# правило для публикации веб сервера

/ip firewall nat add \

action=dst-nat \

chain=dstnat \

dst-address-type=local \
dst-port=80,443 \

protocol=tcp \

to-addresses=192.168.88.2

# чтобы наше правило в таблице mangle работало каждый раз, надо модифицировать fasttrack

# отключим fasttrack для пакетов идущих на адрес 443 (правило должно быть выше в списке чем правило fasttrack

/ip firewall filter add chain=forward dst-port=443 connection-state=established,related
# или будем fasttrack только те соединения которые уже набрали хотя бы 10 килобайт, тогда надо заменить правло с fasttrack

/ip firewall filter add action=fasttrack-connection chain=forward connection-bytes=10240-0 connection-state=established,related

Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090