3 0

Enable E-Zorg Proxy

Oneliner with GFI:

powershell -Command "$MachineRegKeyPath = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings'; $UserRegKeyPath = 'HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings'; $ProxyEnableValue = 1; $ProxyServerValue = 'proxy.ezorg.nl:8080'; $ProxyOverrideValue = ';*.ehsnet.nl;*.ehealthservices.nl;172.*.*.*;*.servisoft.nl;*.pifarma.nl'; Set-ItemProperty -Path $MachineRegKeyPath -Name ProxyEnable -Value $ProxyEnableValue -ErrorAction SilentlyContinue; Set-ItemProperty -Path $MachineRegKeyPath -Name ProxyServer -Value $ProxyServerValue -ErrorAction SilentlyContinue; Set-ItemProperty -Path $MachineRegKeyPath -Name ProxyOverride -Value $ProxyOverrideValue -ErrorAction SilentlyContinue; Set-ItemProperty -Path $UserRegKeyPath -Name ProxyEnable -Value $ProxyEnableValue -ErrorAction SilentlyContinue; Set-ItemProperty -Path $UserRegKeyPath -Name ProxyServer -Value $ProxyServerValue -ErrorAction SilentlyContinue; Set-ItemProperty -Path $UserRegKeyPath -Name ProxyOverride -Value $ProxyOverrideValue -ErrorAction SilentlyContinue; netsh winhttp import proxy ie | Out-Null; Write-Host 'System proxy settings configured successfully!' -ForegroundColor Green; Stop-Service 'Advanced Monitoring Agent' -Force -ErrorAction SilentlyContinue; if ($?) { Write-Host 'Service stopped successfully!' -ForegroundColor Green } else { Write-Host 'Service was not running' -ForegroundColor Yellow }; Stop-Process -Name winagent,*new*winagent -Force -ErrorAction SilentlyContinue; Write-Host 'Agent processes terminated' -ForegroundColor Green; Remove-Item 'C:\Program Files (x86)\Advanced Monitoring Agent\staging\*' -Recurse -Force -ErrorAction SilentlyContinue; Write-Host 'Staging folder cleaned' -ForegroundColor Green; if (-not (Select-String -Path 'C:\Program Files (x86)\Advanced Monitoring Agent\settings.ini' -Pattern 'HOST=proxy.ezorg.nl' -Quiet)) { Add-Content -Path 'C:\Program Files (x86)\Advanced Monitoring Agent\settings.ini' -Value \"[PROXYSERVER]`r`nENABLED=1`r`nHOST=proxy.ezorg.nl`r`nPORT=8080`r`nUSERNAME=`r`nUSERKEY=`r`nCACHEPATH=`r`nUPSTREAMIPADDRESS=`r`nUPSTREAMPORT=0`r`nUPSTREAMUSERNAME=`r`nUPSTREAMPASSWORD=`r`nOPENWINDOWSFIREWALL=0`r`nVERBOSELOGGING=0`r`nFAILING=0\"; Write-Host 'Proxy settings added to Agent configuration' -ForegroundColor Green }; Set-Service 'Advanced Monitoring Agent' -StartupType Automatic; Start-Service 'Advanced Monitoring Agent'; if ($?) { Write-Host 'Advanced Monitoring Agent service started successfully!' -ForegroundColor Green } else { Write-Host 'Failed to start Advanced Monitoring Agent service!' -ForegroundColor Red }"

Oneliner no GFI:

powershell -Command "$MachineRegKeyPath = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings'; $UserRegKeyPath = 'HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings'; $ProxyEnableValue = 1; $ProxyServerValue = 'proxy.ezorg.nl:8080'; $ProxyOverrideValue = ';*.ehsnet.nl;*.ehealthservices.nl;172.*.*.*;*.servisoft.nl;*.pifarma.nl'; Set-ItemProperty -Path $MachineRegKeyPath -Name ProxyEnable -Value $ProxyEnableValue -ErrorAction SilentlyContinue; Set-ItemProperty -Path $MachineRegKeyPath -Name ProxyServer -Value $ProxyServerValue -ErrorAction SilentlyContinue; Set-ItemProperty -Path $MachineRegKeyPath -Name ProxyOverride -Value $ProxyOverrideValue -ErrorAction SilentlyContinue; Set-ItemProperty -Path $UserRegKeyPath -Name ProxyEnable -Value $ProxyEnableValue -ErrorAction SilentlyContinue; Set-ItemProperty -Path $UserRegKeyPath -Name ProxyServer -Value $ProxyServerValue -ErrorAction SilentlyContinue; Set-ItemProperty -Path $UserRegKeyPath -Name ProxyOverride -Value $ProxyOverrideValue -ErrorAction SilentlyContinue; netsh winhttp import proxy ie | Out-Null; Write-Host 'System proxy settings configured successfully!' -ForegroundColor Green"

User:

$proxyServer = "proxy.ezorg.nl"
$proxyPort = "8080"
$proxyAddress = "$proxyServer`:$proxyPort"
$proxyExceptions = ";*.ehsnet.nl;*.ehealthservices.nl;172.*.*.*;*.servisoft.nl;*.pifarma.nl"
$regPath = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
Set-ItemProperty -Path $regPath -Name "ProxyServer" -Value $proxyAddress -Type String
Set-ItemProperty -Path $regPath -Name "ProxyOverride" -Value $proxyExceptions -Type String
Set-ItemProperty -Path $regPath -Name "ProxyEnable" -Value 1 -Type DWord
Set-ItemProperty -Path $regPath -Name "AutoDetect" -Value 1 -Type DWord
$proxyBytes = [System.Text.Encoding]::ASCII.GetBytes($proxyAddress)
$bypassBytes = [System.Text.Encoding]::ASCII.GetBytes($proxyExceptions)
$settings = @(0x46,0x00,0x00,0x00,0x03,0x00,0x00,0x00,0x0B,0x00,0x00,0x00) + [BitConverter]::GetBytes($proxyBytes.Length) + [BitConverter]::GetBytes(0x00) + $proxyBytes + [BitConverter]::GetBytes($bypassBytes.Length) + $bypassBytes + @(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00)
$regPathWinInet = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections"
Set-ItemProperty -Path $regPathWinInet -Name "DefaultConnectionSettings" -Value $settings -Type Binary

Uitsluitingen:

;*.ehsnet.nl;*.ehealthservices.nl;172.*.*.*;*.servisoft.nl;*.pifarma.nl

Detection:
$regKeyPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings"
$expectedValue = 1
if (Test-Path $regKeyPath) {
    $proxyEnable = (Get-ItemProperty -Path $regKeyPath -Name ProxyEnable).ProxyEnable
    if ($proxyEnable -eq $expectedValue) {
        Write-Output "Compliant: ProxyEnable registry value is set to $expectedValue"
        exit 0
    } else {
        Write-Output "Non-compliant: ProxyEnable registry value is not set to $expectedValue"
        exit 1
    }
} else {
    Write-Output "Non-compliant: ProxyEnable registry key does not exist"
    exit 1
}

Remediation:

$MachineRegKeyPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings"
$UserRegKeyPath = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings"

# Define the values to set
$ProxyEnableValue = 1
$ProxyServerValue = "proxy.ezorg.nl:8080"
$ProxyOverrideValue = ";*.ehsnet.nl;*.ehealthservices.nl;172.*.*.*;*.servisoft.nl;*.pifarma.nl"

# Set the machine registry values
Set-ItemProperty -Path $MachineRegKeyPath -Name ProxyEnable -Value $ProxyEnableValue
Set-ItemProperty -Path $MachineRegKeyPath -Name ProxyServer -Value $ProxyServerValue
Set-ItemProperty -Path $MachineRegKeyPath -Name ProxyOverride -Value $ProxyOverrideValue

# Check if the machine registry values were set successfully
if ($?) {
    Write-Output "Remediated: Machine proxy settings have been updated"
    
    # Set the user registry values
    Set-ItemProperty -Path $UserRegKeyPath -Name ProxyEnable -Value $ProxyEnableValue
    Set-ItemProperty -Path $UserRegKeyPath -Name ProxyServer -Value $ProxyServerValue
    Set-ItemProperty -Path $UserRegKeyPath -Name ProxyOverride -Value $ProxyOverrideValue

    # Import proxy settings for WinHTTP
    netsh winhttp import proxy ie

    Write-Output "Remediated: User proxy settings have been updated and WinHTTP settings imported"
    exit 0
} else {
    Write-Output "Failed to remediate: Unable to update machine proxy settings"
    exit 1
}

NO SLEEP

00:00

Password Generator

↻ Refresh

Most Viewed

Most Recent