0 0

Create PPCOMM folder

Detection:

# Check if the folder exists
if (Test-Path "C:\PPCOMM") {
    Write-Output "PPCOMM folder exists."
    exit 0
} else {
    Write-Output "PPCOMM folder does not exist."
    exit 1
}

Remediation:

# Create the folder
New-Item -Path "C:\PPCOMM" -ItemType Directory

# Get the SID for Authenticated Users
$authenticatedUsersSID = New-Object System.Security.Principal.SecurityIdentifier('S-1-5-11')

# Add read/write permissions for authenticated users
$acl = Get-Acl "C:\PPCOMM"
$permission = $authenticatedUsersSID,"Read,Write","ContainerInherit,ObjectInherit","None","Allow"
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule $permission
$acl.SetAccessRule($rule)
Set-Acl "C:\PPCOMM" $acl

Write-Output "Folder C:\PPCOMM created successfully with read/write permissions for authenticated users."

# Create a new firewall rule
$programPath = "C:\Program Files (x86)\AniTa\Anitaftp.exe"
$ruleName = "IF95"

# Create rules
New-NetFirewallRule -DisplayName $ruleName -Direction Inbound -Action Allow -Protocol TCP -Program $programPath -Enabled True
New-NetFirewallRule -DisplayName $ruleName -Direction Inbound -Action Allow -Protocol UDP -Program $programPath -Enabled True

Write-Output "Firewall rule '$ruleName' created successfully for program '$programPath' (TCP and UDP) on all networks."

NO SLEEP

00:00

Password Generator

↻ Refresh

Most Viewed

Most Recent