Upload files to ''

5 years ago · 5361c3d64d
1 changed files with 231 additions and 0 deletions
--- a/USB_locker.bat
+++ b/USB_locker.bat
@ -0,0 +1,231 @@
+:: USB Locker v1.4
+:: Author: g4xyk00
+:: Tested on Windows 7, 10
+
+echo off
+for /F "tokens=1,2 delims=#" %%a in ('"prompt #$H#$E# & echo on & for %%b in (1) do rem"') do (set "DEL=%%a")
+
+:: To Obtain Current SID
+For /f "tokens=2 delims=\" %%a in ('whoami') do (set currentUser=%%a)
+wmic useraccount where name="%currentUser%" get sid | findstr "S-" > 0.txt
+set /P currentSID=<0.txt
+For /f "tokens=1 delims= " %%a in ('echo %currentSID%') do (set currentSID=%%a)
+ 
+:MAIN_ACTIVITY
+cls
+
+echo         __    ___   _               _               
+echo  /\ /\ / _\  / __\ ^| ^|  ___    ___ ^| ^| __ ___  _ __ 
+echo / / \ \\ \  /__\// ^| ^| / _ \  / __^|^| ^|/ // _ \^| '__^|
+echo \ \_/ /_\ \/ \/  \ ^| ^|^| (_) ^|^| (__ ^|   ^<^|  __/^| ^|   
+echo  \___/ \__/\_____/ ^|_^| \___/  \___^|^|_^|\_\\___^|^|_^|   
+@echo:
+echo Created by: Gary Kong (g4xyk00)
+echo Version: 1.4
+echo Homepage: www.axcelsec.com                                               
+													
+@echo:
+pushd %~dp0
+
+:: Local Computer Policy > Computer Configuration > Administrative Templates > System > Removable Storage Access
+:: All Removable Storage classes
+reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices > 0.txt 2>nul
+type 0.txt | findstr /C:"Deny_All" > 1.txt
+set /p AllClassesDeny=<1.txt
+:: Disabled
+IF "%AllClassesDeny:~-1%"=="0" ( set AllClassesDenyStatus=0 ) 
+:: Enabled
+IF "%AllClassesDeny:~-1%"=="1" ( set AllClassesDenyStatus=1 ) 
+:: Not configured
+IF "%AllClassesDeny:~-1%"=="~-1" ( set AllClassesDenyStatus=0 )  
+
+:: Removable Disks
+reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} > 0.txt 2>nul
+type 0.txt | findstr /C:"Deny_Read" > 1.txt
+set /p RemovableDenyRead=<1.txt
+:: Disabled
+IF "%RemovableDenyRead:~-1%"=="0" ( set RemovableDenyReadStatus=0 )  
+:: Enabled
+IF "%RemovableDenyRead:~-1%"=="1" ( set RemovableDenyReadStatus=1 )  
+:: Not configured
+IF "%RemovableDenyRead:~-1%"=="~-1" ( set RemovableDenyReadStatus=0 )  
+
+type 0.txt | findstr /C:"Deny_Write" > 1.txt
+set /p RemovableDenyWrite=<1.txt
+:: Disabled
+IF "%RemovableDenyWrite:~-1%"=="0" ( set RemovableDenyWriteStatus=0 ) 
+:: Enabled 
+IF "%RemovableDenyWrite:~-1%"=="1" ( set RemovableDenyWriteStatus=1 )  
+:: Not configured
+IF "%RemovableDenyWrite:~-1%"=="~-1" ( set RemovableDenyWriteStatus=0 )  
+
+:: WPD Devices
+reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE} > 0.txt 2>nul
+type 0.txt | findstr /C:"Deny_Read" > 1.txt
+set /p WPDDenyRead=<1.txt
+:: Disabled
+IF "%WPDDenyRead:~-1%"=="0" ( set WPDDenyReadStatus=0 )  
+:: Enabled
+IF "%WPDDenyRead:~-1%"=="1" ( set WPDDenyReadStatus=1 )  
+:: Not configured
+IF "%WPDDenyRead:~-1%"=="~-1" ( set WPDDenyReadStatus=0 ) 
+ 
+
+type 0.txt | findstr /C:"Deny_Write" > 1.txt
+set /p WPDDenyWrite=<1.txt
+:: Disabled
+IF "%WPDDenyWrite:~-1%"=="0" ( set WPDDenyWriteStatus=0 )  
+:: Enabled
+IF "%WPDDenyWrite:~-1%"=="1" ( set WPDDenyWriteStatus=1 )  
+:: Not configured
+IF "%WPDDenyWrite:~-1%"=="~-1" ( set WPDDenyWriteStatus=0 )  
+
+set /A AccessStatus = %AllClassesDenyStatus% + %RemovableDenyReadStatus% + %RemovableDenyWriteStatus% + %WPDDenyReadStatus% + %WPDDenyWriteStatus%
+echo Existing removable storage access (Computer) is:
+IF "%AccessStatus%" NEQ "0" ( call :PainText 02 "DENIED" )
+IF "%AccessStatus%" EQU "0" ( call :PainText 04 "ALLOWED" )
+
+
+:: Local Computer Policy > User Configuration > Administrative Templates > System > Removable Storage Access
+:: All Removable Storage classes
+reg query HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices > 0.txt 2>nul
+type 0.txt | findstr /C:"Deny_All" > 1.txt
+set /p AllClassesDenyCurrent=<1.txt
+:: Disabled
+IF "%AllClassesDenyCurrent:~-1%"=="0" ( set AllClassesDenyStatusCurrent=0 ) 
+:: Enabled
+IF "%AllClassesDenyCurrent:~-1%"=="1" ( set AllClassesDenyStatusCurrent=1 ) 
+:: Not configured
+IF "%AllClassesDenyCurrent:~-1%"=="~-1" ( set AllClassesDenyStatusCurrent=0 )  
+
+:: Removable Disks
+reg query HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} > 0.txt 2>nul
+type 0.txt | findstr /C:"Deny_Read" > 1.txt
+set /p RemovableDenyReadCurrent=<1.txt
+:: Disabled
+IF "%RemovableDenyReadCurrent:~-1%"=="0" ( set RemovableDenyReadStatusCurrent=0 )  
+:: Enabled
+IF "%RemovableDenyReadCurrent:~-1%"=="1" ( set RemovableDenyReadStatusCurrent=1 )  
+:: Not configured
+IF "%RemovableDenyReadCurrent:~-1%"=="~-1" ( set RemovableDenyReadStatusCurrent=0 )  
+
+type 0.txt | findstr /C:"Deny_Write" > 1.txt
+set /p RemovableDenyWriteCurrent=<1.txt
+:: Disabled
+IF "%RemovableDenyWriteCurrent:~-1%"=="0" ( set RemovableDenyWriteStatusCurrent=0 ) 
+:: Enabled 
+IF "%RemovableDenyWriteCurrent:~-1%"=="1" ( set RemovableDenyWriteStatusCurrent=1 )  
+:: Not configured
+IF "%RemovableDenyWriteCurrent:~-1%"=="~-1" ( set RemovableDenyWriteStatusCurrent=0 )  
+
+:: WPD Devices
+reg query HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE} > 0.txt 2>nul
+type 0.txt | findstr /C:"Deny_Read" > 1.txt
+set /p WPDDenyReadCurrent=<1.txt
+:: Disabled
+IF "%WPDDenyReadCurrent:~-1%"=="0" ( set WPDDenyReadStatusCurrent=0 )  
+:: Enabled
+IF "%WPDDenyReadCurrent:~-1%"=="1" ( set WPDDenyReadStatusCurrent=1 )  
+:: Not configured
+IF "%WPDDenyReadCurrent:~-1%"=="~-1" ( set WPDDenyReadStatusCurrent=0 ) 
+
+type 0.txt | findstr /C:"Deny_Write" > 1.txt
+set /p WPDDenyWriteCurrent=<1.txt
+:: Disabled
+IF "%WPDDenyWriteCurrent:~-1%"=="0" ( set WPDDenyWriteStatusCurrent=0 )  
+:: Enabled
+IF "%WPDDenyWriteCurrent:~-1%"=="1" ( set WPDDenyWriteStatusCurrent=1 )  
+:: Not configured
+IF "%WPDDenyWriteCurrent:~-1%"=="~-1" ( set WPDDenyWriteStatusCurrent=0 )  
+
+set /A AccessStatusCurrent = %AllClassesDenyStatusCurrent% + %RemovableDenyReadStatusCurrent% + %RemovableDenyWriteStatusCurrent% + %WPDDenyReadStatusCurrent% + %WPDDenyWriteStatusCurrent%
+echo Existing removable storage access (Current User) is:
+IF "%AccessStatusCurrent%" NEQ "0" ( call :PainText 02 "DENIED" )
+IF "%AccessStatusCurrent%" EQU "0" ( call :PainText 04 "ALLOWED" )
+del 0.txt
+del 1.txt
+
+@echo:
+@echo:
+
+echo ***** Action ***** 
+echo [1] Allow removable storage access
+echo [2] Deny removable storage access 
+echo [3] Revert to default setting
+echo [4] Create Log
+echo [0] Exit Program
+@echo:
+SET /P A=Please select an action (e.g. 2) and press ENTER: 
+
+IF %A%==0 GOTO END
+IF %A%==1 GOTO ACCESS_ALLOW
+IF %A%==2 GOTO ACCESS_DENY
+IF %A%==3 GOTO ACCESS_CLEAR
+IF %A%==4 GOTO CREATE_LOG
+
+:ACCESS_ALLOW
+reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices /t REG_DWORD /v Deny_All /d 0 /f > nul 2>&1
+reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} /t REG_DWORD /v Deny_Read /d 0 /f > nul 2>&1
+reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} /t REG_DWORD /v Deny_Write /d 0 /f > nul 2>&1
+reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE} /t REG_DWORD /v Deny_Read /d 0 /f > nul 2>&1
+reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE} /t REG_DWORD /v Deny_Write /d 0 /f > nul 2>&1
+reg add HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices /t REG_DWORD /v Deny_All /d 0 /f > nul 2>&1
+reg add HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} /t REG_DWORD /v Deny_Read /d 0 /f > nul 2>&1
+reg add HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} /t REG_DWORD /v Deny_Write /d 0 /f > nul 2>&1
+reg add HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE} /t REG_DWORD /v Deny_Read /d 0 /f > nul 2>&1
+reg add HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE} /t REG_DWORD /v Deny_Write /d 0 /f > nul 2>&1
+RUNDLL32.EXE user32.dll,UpdatePerUserSystemParameters
+echo Removable storage access is now ALLOWED!
+@echo:
+GOTO MAIN_ACTIVITY
+
+:ACCESS_DENY
+reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices /t REG_DWORD /v Deny_All /d 1 /f > nul 2>&1
+reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} /t REG_DWORD /v Deny_Read /d 1 /f > nul 2>&1
+reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} /t REG_DWORD /v Deny_Write /d 1 /f > nul 2>&1
+reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE} /t REG_DWORD /v Deny_Read /d 1 /f > nul 2>&1
+reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE} /t REG_DWORD /v Deny_Write /d 1 /f > nul 2>&1
+reg add HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices /t REG_DWORD /v Deny_All /d 1 /f > nul 2>&1
+reg add HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} /t REG_DWORD /v Deny_Read /d 1 /f > nul 2>&1
+reg add HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} /t REG_DWORD /v Deny_Write /d 1 /f > nul 2>&1
+reg add HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE} /t REG_DWORD /v Deny_Read /d 1 /f > nul 2>&1
+reg add HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE} /t REG_DWORD /v Deny_Write /d 1 /f > nul 2>&1
+RUNDLL32.EXE user32.dll,UpdatePerUserSystemParameters
+echo Removable storage access is now DENIED!
+@echo:
+GOTO MAIN_ACTIVITY
+
+
+:ACCESS_CLEAR
+reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices /v Deny_All /f > nul 2>&1
+reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} /v Deny_Read /f > nul 2>&1
+reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} /v Deny_Write /f > nul 2>&1
+reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE} /v Deny_Read /f > nul 2>&1
+reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE} /v Deny_Write /f > nul 2>&1
+reg delete HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices /v Deny_All /f > nul 2>&1
+reg delete HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} /v Deny_Read /f > nul 2>&1
+reg delete HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} /v Deny_Write /f > nul 2>&1
+reg delete HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE} /v Deny_Read /f > nul 2>&1
+reg delete HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE} /v Deny_Write /f > nul 2>&1
+RUNDLL32.EXE user32.dll,UpdatePerUserSystemParameters
+echo Reverted to Default Setting!
+@echo:
+GOTO MAIN_ACTIVITY
+
+
+:CREATE_LOG
+reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices /s > usblock_log.txt
+reg query HKU\%currentSID%\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices >> usblock_log.txt
+@echo:
+GOTO MAIN_ACTIVITY
+
+
+:PainText
+<nul set /p "=%DEL%" > "%~2"
+findstr /v /a:%1 /R "+" "%~2" nul
+del "%~2" > nul
+echo.
+goto :eof
+
+PAUSE
+:END