Tips & Tricks Basic protection from hacking

[Gorstak]

Basically, thing is about permissions. If someone malicious has permissions, he can potentailly do dmg.
If you click explorer, then right click your drive, then properties, then security tab, notice you have 4 groups of users.
Authenticated users, Administrators, Users and System. Obviously, the last 3 aren't the issue.
However, you can authenticate as guest, anonymous, null, etc...
Notice your flash drive has Everyone group, as does your phone sd card.
So, I've made a small batch file, which will remove Authenticated Users and Everyone and Users group from all your drives, and set the 3 other groups.
Basically, after running it, everything should remain the same.
So, in theory your pc should be protected, the only hackable thing will be your browser. This will not stop cookie theft or you from downloading viruses.
If users group exist, you may notice your drive spin ups from time to time when some user access it.
With this script, only the user running this script will have access to all the drives.
If you have other family members, you will need to add them manually to each drive permissions.
If you plan on reinstalling your os, keep this script off your drives, as you will need to run it again after reinstall as your drives wont be visible.
The only downside is, after numerous reinstalls, your old user account id's will be in perms of your drives listed as "account unknown".

@echo off
title GSecurity & color 0b

:: elevation
set "params=%*"
cd /d "%~dp0" && ( if exist "%temp%\getadmin.vbs" del "%temp%\getadmin.vbs" ) && fsutil dirty query %systemdrive% 1>nul 2>nul || (  echo Set UAC = CreateObject^("Shell.Application"^) : UAC.ShellExecute "cmd.exe", "/k cd ""%~sdp0"" && %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs" && "%temp%\getadmin.vbs" && exit /B )

:: perms
c:
cd\
takeown /f a:
icacls a: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls a: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls a: /inheritance:e /grant:r System:(OI)(CI)F
icacls a: /remove "Users"
icacls a: /remove "Authenticated Users"
icacls a: /remove "Everyone"

takeown /f b:
icacls b: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls b: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls b: /inheritance:e /grant:r System:(OI)(CI)F
icacls b: /remove "Users"
icacls b: /remove "Authenticated Users"
icacls b: /remove "Everyone"

takeown /f c:
icacls c: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls c: /remove "Authenticated Users"
icacls c: /remove "Users"

takeown /f d:
icacls d: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls d: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls d: /inheritance:e /grant:r System:(OI)(CI)F
icacls d: /remove "Users"
icacls d: /remove "Authenticated Users"
icacls d: /remove "Everyone"

takeown /f e:
icacls e: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls e: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls e: /inheritance:e /grant:r System:(OI)(CI)F
icacls e: /remove "Users"
icacls e: /remove "Authenticated Users"
icacls e: /remove "Everyone"

takeown /f f:
icacls f: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls f: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls f: /inheritance:e /grant:r System:(OI)(CI)F
icacls f: /remove "Users"
icacls f: /remove "Authenticated Users"
icacls f: /remove "Everyone"

takeown /f g:
icacls g: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls g: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls g: /inheritance:e /grant:r System:(OI)(CI)F
icacls g: /remove "Users"
icacls g: /remove "Authenticated Users"
icacls g: /remove "Everyone"

takeown /f h:
icacls h: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls h: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls h: /inheritance:e /grant:r System:(OI)(CI)F
icacls h: /remove "Users"
icacls h: /remove "Authenticated Users"
icacls h: /remove "Everyone"

takeown /f i:
icacls i: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls i: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls i: /inheritance:e /grant:r System:(OI)(CI)F
icacls i: /remove "Users"
icacls i: /remove "Authenticated Users"
icacls i: /remove "Everyone"

takeown /f j:
icacls j: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls j: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls j: /inheritance:e /grant:r System:(OI)(CI)F
icacls j: /remove "Users"
icacls j: /remove "Authenticated Users"
icacls j: /remove "Everyone"

takeown /f k:
icacls k: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls k: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls k: /inheritance:e /grant:r System:(OI)(CI)F
icacls k: /remove "Users"
icacls k: /remove "Authenticated Users"
icacls k: /remove "Everyone"

takeown /f l:
icacls l: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls l: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls l: /inheritance:e /grant:r System:(OI)(CI)F
icacls l: /remove "Users"
icacls l: /remove "Authenticated Users"
icacls l: /remove "Everyone"

takeown /f m:
icacls m: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls m: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls m: /inheritance:e /grant:r System:(OI)(CI)F
icacls m: /remove "Users"
icacls m: /remove "Authenticated Users"
icacls m: /remove "Everyone"

takeown /f n:
icacls n: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls n: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls n: /inheritance:e /grant:r System:(OI)(CI)F
icacls n: /remove "Users"
icacls n: /remove "Authenticated Users"
icacls n: /remove "Everyone"

takeown /f o:
icacls o: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls o: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls o: /inheritance:e /grant:r System:(OI)(CI)F
icacls o: /remove "Users"
icacls o: /remove "Authenticated Users"
icacls o: /remove "Everyone"

takeown /f p:
icacls p: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls p: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls p: /inheritance:e /grant:r System:(OI)(CI)F
icacls p: /remove "Users"
icacls p: /remove "Authenticated Users"
icacls p: /remove "Everyone"

takeown /f q:
icacls q: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls q: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls q: /inheritance:e /grant:r System:(OI)(CI)F
icacls q: /remove "Users"
icacls q: /remove "Authenticated Users"
icacls q: /remove "Everyone"

takeown /f r:
icacls r: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls r: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls r: /inheritance:e /grant:r System:(OI)(CI)F
icacls r: /remove "Users"
icacls r: /remove "Authenticated Users"
icacls r: /remove "Everyone"

takeown /f s:
icacls s: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls s: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls s: /inheritance:e /grant:r System:(OI)(CI)F
icacls s: /remove "Users"
icacls s: /remove "Authenticated Users"
icacls s: /remove "Everyone"

takeown /f t:
icacls t: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls t: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls t: /inheritance:e /grant:r System:(OI)(CI)F
icacls t: /remove "Users"
icacls t: /remove "Authenticated Users"
icacls t: /remove "Everyone"

takeown /f u:
icacls u: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls u: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls u: /inheritance:e /grant:r System:(OI)(CI)F
icacls u: /remove "Users"
icacls u: /remove "Authenticated Users"
icacls u: /remove "Everyone"

takeown /f v:
icacls v: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls v: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls v: /inheritance:e /grant:r System:(OI)(CI)F
icacls v: /remove "Users"
icacls v: /remove "Authenticated Users"
icacls v: /remove "Everyone"

takeown /f w:
icacls w: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls w: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls w: /inheritance:e /grant:r System:(OI)(CI)F
icacls w: /remove "Users"
icacls w: /remove "Authenticated Users"
icacls w: /remove "Everyone"

takeown /f x:
icacls x: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls x: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls x: /inheritance:e /grant:r System:(OI)(CI)F
icacls x: /remove "Users"
icacls x: /remove "Authenticated Users"
icacls x: /remove "Everyone"

takeown /f y:
icacls y: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls y: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls y: /inheritance:e /grant:r System:(OI)(CI)F
icacls y: /remove "Users"
icacls y: /remove "Authenticated Users"
icacls y: /remove "Everyone"

takeown /f z:
icacls z: /inheritance:e /grant:r %username%:(OI)(CI)F
icacls z: /inheritance:e /grant:r Administrators:(OI)(CI)F
icacls z: /inheritance:e /grant:r System:(OI)(CI)F
icacls z: /remove "Users"
icacls z: /remove "Authenticated Users"
icacls z: /remove "Everyone"

:: exit
exit

Basically you need to create a text file with the above code with cmd or bat extension, for example GSecurity.bat and execute it.
Almost forgot, a simple format command or windows reinstall will create these groups again, so if you format something or reinstall, run the file again.
That's it. Cheers!

 

[Maliwari]

Great post. Thanks for the hints...

 

[su_fullstackdeveloper]

Awesome upload mate... thank you so much for sharing it here

 

[1ntr0v3rt3ch]

thanks for sharing this. this is very helpful!

 

[Gorstak]

I updated the script as the first version needed tweaking

 

[Chuck]

I updated the script as the first version needed tweaking

Can you write a script to reverse the changes?
I don't really want to start out on a one way jorney.

 

[Gorstak]

I'm afraid I cam't do that Dave. I don't know of a way to remove your current user account from permissions, nor old one. Maybe I will learn in the future.

 

[PsyTom]

thank you for sharing the information.