sincoolka/sin-net-setup-windows
7
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Initial commit with new CA

Browse Source
This commit is contained in:
Pavel Valach 2020-12-04 22:21:55 +01:00
commit 0a91cb2639
No known key found for this signature in database
GPG Key ID: 5B4C9E8526682172
5 changed files with 342 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ACKNOWLEDGEMENTS Normal file
View File

@ -0,0 +1,4 @@
ACKNOWLEDGEMENTS
================
Thanks to Martin Dendis (Klub Hlavkova Kolej) for the required research and creation of the script.

51
Ethernet.xml Normal file
View File

@ -0,0 +1,51 @@
<?xml version="1.0"?>
<LANProfile xmlns="http://www.microsoft.com/networking/LAN/profile/v1">
<MSM>
<security>
<OneXEnforced>false</OneXEnforced>
<OneXEnabled>true</OneXEnabled>
<OneX xmlns="http://www.microsoft.com/networking/OneX/v1">
<cacheUserData>true</cacheUserData>
<authMode>user</authMode>
<EAPConfig>
<EapHostConfig xmlns="http://www.microsoft.com/provisioning/EapHostConfig">
<EapMethod>
<Type xmlns="http://www.microsoft.com/provisioning/EapCommon">25</Type>
<VendorId xmlns="http://www.microsoft.com/provisioning/EapCommon">0</VendorId>
<VendorType xmlns="http://www.microsoft.com/provisioning/EapCommon">0</VendorType>
<AuthorId xmlns="http://www.microsoft.com/provisioning/EapCommon">0</AuthorId>
</EapMethod>
<Config xmlns="http://www.microsoft.com/provisioning/EapHostConfig">
<Eap xmlns="http://www.microsoft.com/provisioning/BaseEapConnectionPropertiesV1">
<Type>25</Type>
<EapType xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV1">
<ServerValidation>
<DisableUserPromptForServerValidation>false</DisableUserPromptForServerValidation>
<ServerNames></ServerNames>
</ServerValidation>
<FastReconnect>true</FastReconnect>
<InnerEapOptional>false</InnerEapOptional>
<Eap xmlns="http://www.microsoft.com/provisioning/BaseEapConnectionPropertiesV1">
<Type>26</Type>
<EapType xmlns="http://www.microsoft.com/provisioning/MsChapV2ConnectionPropertiesV1">
<UseWinLogonCredentials>false</UseWinLogonCredentials>
</EapType>
</Eap>
<EnableQuarantineChecks>false</EnableQuarantineChecks>
<RequireCryptoBinding>false</RequireCryptoBinding>
<PeapExtensions>
<PerformServerValidation xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV2">false</PerformServerValidation>
<AcceptServerName xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV2">false</AcceptServerName>
<PeapExtensionsV2 xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV2">
<AllowPromptingWhenServerCANotFound xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV3">true</AllowPromptingWhenServerCANotFound>
</PeapExtensionsV2>
</PeapExtensions>
</EapType>
</Eap>
</Config>
</EapHostConfig>
</EAPConfig>
</OneX>
</security>
</MSM>
</LANProfile>

71
Wi-Fi-Sincoolka 5G.xml Normal file
View File

@ -0,0 +1,71 @@
<?xml version="1.0"?>
<WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1">
<name>Sincoolka 5G</name>
<SSIDConfig>
<SSID>
<hex>53696E636F6F6C6B61203547</hex>
<name>Sincoolka 5G</name>
</SSID>
</SSIDConfig>
<connectionType>ESS</connectionType>
<connectionMode>auto</connectionMode>
<MSM>
<security>
<authEncryption>
<authentication>WPA2</authentication>
<encryption>AES</encryption>
<useOneX>true</useOneX>
</authEncryption>
<PMKCacheMode>enabled</PMKCacheMode>
<PMKCacheTTL>720</PMKCacheTTL>
<PMKCacheSize>128</PMKCacheSize>
<preAuthMode>disabled</preAuthMode>
<OneX xmlns="http://www.microsoft.com/networking/OneX/v1">
<authMode>user</authMode>
<EAPConfig>
<EapHostConfig xmlns="http://www.microsoft.com/provisioning/EapHostConfig">
<EapMethod>
<Type xmlns="http://www.microsoft.com/provisioning/EapCommon">25</Type>
<VendorId xmlns="http://www.microsoft.com/provisioning/EapCommon">0</VendorId>
<VendorType xmlns="http://www.microsoft.com/provisioning/EapCommon">0</VendorType>
<AuthorId xmlns="http://www.microsoft.com/provisioning/EapCommon">0</AuthorId>
</EapMethod>
<Config xmlns="http://www.microsoft.com/provisioning/EapHostConfig">
<Eap xmlns="http://www.microsoft.com/provisioning/BaseEapConnectionPropertiesV1">
<Type>25</Type>
<EapType xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV1">
<ServerValidation>
<DisableUserPromptForServerValidation>false</DisableUserPromptForServerValidation>
<ServerNames>radius.sin.cvut.cz</ServerNames>
<TrustedRootCA>d1 eb 23 a4 6d 17 d6 8f d9 25 64 c2 f1 f1 60 17 64 d8 e3 49 </TrustedRootCA>
</ServerValidation>
<FastReconnect>true</FastReconnect>
<InnerEapOptional>false</InnerEapOptional>
<Eap xmlns="http://www.microsoft.com/provisioning/BaseEapConnectionPropertiesV1">
<Type>26</Type>
<EapType xmlns="http://www.microsoft.com/provisioning/MsChapV2ConnectionPropertiesV1">
<UseWinLogonCredentials>false</UseWinLogonCredentials>
</EapType>
</Eap>
<EnableQuarantineChecks>false</EnableQuarantineChecks>
<RequireCryptoBinding>false</RequireCryptoBinding>
<PeapExtensions>
<PerformServerValidation xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV2">true</PerformServerValidation>
<AcceptServerName xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV2">true</AcceptServerName>
<PeapExtensionsV2 xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV2">
<AllowPromptingWhenServerCANotFound xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV3">true</AllowPromptingWhenServerCANotFound>
</PeapExtensionsV2>
</PeapExtensions>
</EapType>
</Eap>
</Config>
</EapHostConfig>
</EAPConfig>
</OneX>
</security>
</MSM>
<MacRandomization xmlns="http://www.microsoft.com/networking/WLAN/profile/v3">
<enableRandomization>false</enableRandomization>
<randomizationSeed>1813427014</randomizationSeed>
</MacRandomization>
</WLANProfile>

71
Wi-Fi-Sincoolka.xml Normal file
View File

@ -0,0 +1,71 @@
<?xml version="1.0"?>
<WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1">
<name>Sincoolka</name>
<SSIDConfig>
<SSID>
<hex>53696E636F6F6C6B61</hex>
<name>Sincoolka</name>
</SSID>
</SSIDConfig>
<connectionType>ESS</connectionType>
<connectionMode>auto</connectionMode>
<MSM>
<security>
<authEncryption>
<authentication>WPA2</authentication>
<encryption>AES</encryption>
<useOneX>true</useOneX>
</authEncryption>
<PMKCacheMode>enabled</PMKCacheMode>
<PMKCacheTTL>720</PMKCacheTTL>
<PMKCacheSize>128</PMKCacheSize>
<preAuthMode>disabled</preAuthMode>
<OneX xmlns="http://www.microsoft.com/networking/OneX/v1">
<authMode>user</authMode>
<EAPConfig>
<EapHostConfig xmlns="http://www.microsoft.com/provisioning/EapHostConfig">
<EapMethod>
<Type xmlns="http://www.microsoft.com/provisioning/EapCommon">25</Type>
<VendorId xmlns="http://www.microsoft.com/provisioning/EapCommon">0</VendorId>
<VendorType xmlns="http://www.microsoft.com/provisioning/EapCommon">0</VendorType>
<AuthorId xmlns="http://www.microsoft.com/provisioning/EapCommon">0</AuthorId>
</EapMethod>
<Config xmlns="http://www.microsoft.com/provisioning/EapHostConfig">
<Eap xmlns="http://www.microsoft.com/provisioning/BaseEapConnectionPropertiesV1">
<Type>25</Type>
<EapType xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV1">
<ServerValidation>
<DisableUserPromptForServerValidation>false</DisableUserPromptForServerValidation>
<ServerNames>radius.sin.cvut.cz</ServerNames>
<TrustedRootCA>d1 eb 23 a4 6d 17 d6 8f d9 25 64 c2 f1 f1 60 17 64 d8 e3 49 </TrustedRootCA>
</ServerValidation>
<FastReconnect>true</FastReconnect>
<InnerEapOptional>false</InnerEapOptional>
<Eap xmlns="http://www.microsoft.com/provisioning/BaseEapConnectionPropertiesV1">
<Type>26</Type>
<EapType xmlns="http://www.microsoft.com/provisioning/MsChapV2ConnectionPropertiesV1">
<UseWinLogonCredentials>false</UseWinLogonCredentials>
</EapType>
</Eap>
<EnableQuarantineChecks>false</EnableQuarantineChecks>
<RequireCryptoBinding>false</RequireCryptoBinding>
<PeapExtensions>
<PerformServerValidation xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV2">true</PerformServerValidation>
<AcceptServerName xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV2">true</AcceptServerName>
<PeapExtensionsV2 xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV2">
<AllowPromptingWhenServerCANotFound xmlns="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV3">true</AllowPromptingWhenServerCANotFound>
</PeapExtensionsV2>
</PeapExtensions>
</EapType>
</Eap>
</Config>
</EapHostConfig>
</EAPConfig>
</OneX>
</security>
</MSM>
<MacRandomization xmlns="http://www.microsoft.com/networking/WLAN/profile/v3">
<enableRandomization>false</enableRandomization>
<randomizationSeed>1813427014</randomizationSeed>
</MacRandomization>
</WLANProfile>

145
sin-setup.bat Normal file
View File

@ -0,0 +1,145 @@
@echo off
:: Check admin rights
NET SESSION >nul 2>&1
IF NOT %ERRORLEVEL% EQU 0 (
echo ######## ######## ######## ####### ########
echo ## ## ## ## ## ## ## ## ##
echo ## ## ## ## ## ## ## ## ##
echo ###### ######## ######## ## ## ########
echo ## ## ## ## ## ## ## ## ##
echo ## ## ## ## ## ## ## ## ##
echo ######## ## ## ## ## ####### ## ##
echo.
echo.
echo ####### ERROR: ADMINISTRATOR PRIVILEGES REQUIRED #########
echo This script must be run as administrator to work properly!
echo If you're seeing this after clicking on a start menu icon, then right click on the shortcut and select "Run As Administrator".
echo ##########################################################
echo.
PAUSE
EXIT /B 1
)
:: Main loop
:main
cls
ECHO What you want to do now?
ECHO 1. Configure Wi-Fi connection
rem ECHO 2. Configure Wired connection
ECHO 3. Print MAC adresses
ECHO 4. Exit
set choice=
set /p choice=Choice:
if not '%choice%'=='' set choice=%choice:~0,1%
if '%choice%'=='1' goto setup_wifi
rem if '%choice%'=='2' goto setup_eth
if '%choice%'=='3' goto print_mac
if '%choice%'=='4' EXIT
ECHO "%choice%" is not valid, try again
ECHO.
goto main
:: Import Sincoolka and Sincoolka 5G Wi-Fi profile
:setup_wifi
cls
netsh wlan add profile filename="%0\..\Wi-Fi-Sincoolka.xml"
netsh wlan add profile filename="%0\..\Wi-Fi-Sincoolka 5G.xml"
echo.
set /p iface="Press Enter to continue . . . "
goto main
:: Start dot3svc service
:setup_eth
cls
net start dot3svc >nul 2>&1
IF %ERRORLEVEL% EQU 0 (
echo Enabled enterprise security for wired connection
) ELSE (
IF %ERRORLEVEL% EQU 2 (
echo Enabled enterprise security for wired connection
) ELSE (
echo "Unable to enable enterprise security -> abort"
goto main
)
)
:: Configure dot3svc service to start on PC boot
REG add "HKLM\SYSTEM\CurrentControlSet\services\dot3svc" /v Start /t REG_DWORD /d 2 /f >nul 2>&1
IF %ERRORLEVEL% EQU 0 (
echo Enterprise security configured to start on PC boot
) ELSE (
echo Unable to configure enterprise security to start on PC boot -> abort
goto main
)
echo.
echo.
:setEth
:: Print all network interfaces
echo List of Avaliable Interfaces:
echo.
wmic nic where 'NOT Manufacturer like "%%Microsoft%%" and PhysicalAdapter=TRUE and NOT Manufacturer like "%%Windows%%"' get Manufacturer,MACAddress,NetConnectionID 2>nul
IF NOT %ERRORLEVEL% EQU 0 (
getmac /v 2>nul
IF NOT %ERRORLEVEL% EQU 0 (
:: netsh lan show profiles
ipconfig /all
)
)
echo.
set /p iface="Enter Ethernet Interface NetConnectionID or press Enter to abort: "
if "%iface%" == "" (
goto endEth
)
netsh lan add profile filename=\"%0\..\Ethernet.xml\" interface="%iface%"
if %errorlevel% GTR 0 (
set iface=
cls
goto setEth
)
:endEth
goto main
:print_mac
cls
wmic nic where 'NOT Manufacturer like "%%Microsoft%%" and PhysicalAdapter=TRUE and NOT Manufacturer like "%%Windows%%"' get Manufacturer,MACAddress,NetConnectionID 2>nul
IF NOT %ERRORLEVEL% EQU 0 (
getmac /v 2>nul
IF NOT %ERRORLEVEL% EQU 0 (
:: netsh lan show profiles
ipconfig /all
)
)
set /p iface="Press Enter to continue . . . "
goto main