pulsar/vrac
1
0
Fork 0
Code Releases Activity

first commit

Browse Source
This commit is contained in:
pulsar89.5 2020-05-13 12:47:32 +02:00
commit 62f9f7d1cf
13 changed files with 894 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

351
LICENSE Normal file
View File

@ -0,0 +1,351 @@
Creative Commons Attribution-ShareAlike 4.0 International Creative Commons
Corporation ("Creative Commons") is not a law firm and does not provide legal
services or legal advice. Distribution of Creative Commons public licenses
does not create a lawyer-client or other relationship. Creative Commons makes
its licenses and related information available on an "as-is" basis. Creative
Commons gives no warranties regarding its licenses, any material licensed
under their terms and conditions, or any related information. Creative Commons
disclaims all liability for damages resulting from their use to the fullest
extent possible.
Using Creative Commons Public Licenses
Creative Commons public licenses provide a standard set of terms and conditions
that creators and other rights holders may use to share original works of
authorship and other material subject to copyright and certain other rights
specified in the public license below. The following considerations are for
informational purposes only, are not exhaustive, and do not form part of our
licenses.
Considerations for licensors: Our public licenses are intended for use by
those authorized to give the public permission to use material in ways otherwise
restricted by copyright and certain other rights. Our licenses are irrevocable.
Licensors should read and understand the terms and conditions of the license
they choose before applying it. Licensors should also secure all rights necessary
before applying our licenses so that the public can reuse the material as
expected. Licensors should clearly mark any material not subject to the license.
This includes other CC-licensed material, or material used under an exception
or limitation to copyright. More considerations for licensors : wiki.creativecommons.org/Considerations_for_licensors
Considerations for the public: By using one of our public licenses, a licensor
grants the public permission to use the licensed material under specified
terms and conditions. If the licensor's permission is not necessary for any
reasonfor example, because of any applicable exception or limitation to copyrightthen
that use is not regulated by the license. Our licenses grant only permissions
under copyright and certain other rights that a licensor has authority to
grant. Use of the licensed material may still be restricted for other reasons,
including because others have copyright or other rights in the material. A
licensor may make special requests, such as asking that all changes be marked
or described.
Although not required by our licenses, you are encouraged to respect those
requests where reasonable. More considerations for the public : wiki.creativecommons.org/Considerations_for_licensees
Creative Commons Attribution-ShareAlike 4.0 International Public License
By exercising the Licensed Rights (defined below), You accept and agree to
be bound by the terms and conditions of this Creative Commons Attribution-ShareAlike
4.0 International Public License ("Public License"). To the extent this Public
License may be interpreted as a contract, You are granted the Licensed Rights
in consideration of Your acceptance of these terms and conditions, and the
Licensor grants You such rights in consideration of benefits the Licensor
receives from making the Licensed Material available under these terms and
conditions.
Section 1 Definitions.
a. Adapted Material means material subject to Copyright and Similar Rights
that is derived from or based upon the Licensed Material and in which the
Licensed Material is translated, altered, arranged, transformed, or otherwise
modified in a manner requiring permission under the Copyright and Similar
Rights held by the Licensor. For purposes of this Public License, where the
Licensed Material is a musical work, performance, or sound recording, Adapted
Material is always produced where the Licensed Material is synched in timed
relation with a moving image.
b. Adapter's License means the license You apply to Your Copyright and Similar
Rights in Your contributions to Adapted Material in accordance with the terms
and conditions of this Public License.
c. BY-SA Compatible License means a license listed at creativecommons.org/compatiblelicenses,
approved by Creative Commons as essentially the equivalent of this Public
License.
d. Copyright and Similar Rights means copyright and/or similar rights closely
related to copyright including, without limitation, performance, broadcast,
sound recording, and Sui Generis Database Rights, without regard to how the
rights are labeled or categorized. For purposes of this Public License, the
rights specified in Section 2(b)(1)-(2) are not Copyright and Similar Rights.
e. Effective Technological Measures means those measures that, in the absence
of proper authority, may not be circumvented under laws fulfilling obligations
under Article 11 of the WIPO Copyright Treaty adopted on December 20, 1996,
and/or similar international agreements.
f. Exceptions and Limitations means fair use, fair dealing, and/or any other
exception or limitation to Copyright and Similar Rights that applies to Your
use of the Licensed Material.
g. License Elements means the license attributes listed in the name of a Creative
Commons Public License. The License Elements of this Public License are Attribution
and ShareAlike.
h. Licensed Material means the artistic or literary work, database, or other
material to which the Licensor applied this Public License.
i. Licensed Rights means the rights granted to You subject to the terms and
conditions of this Public License, which are limited to all Copyright and
Similar Rights that apply to Your use of the Licensed Material and that the
Licensor has authority to license.
j. Licensor means the individual(s) or entity(ies) granting rights under this
Public License.
k. Share means to provide material to the public by any means or process that
requires permission under the Licensed Rights, such as reproduction, public
display, public performance, distribution, dissemination, communication, or
importation, and to make material available to the public including in ways
that members of the public may access the material from a place and at a time
individually chosen by them.
l. Sui Generis Database Rights means rights other than copyright resulting
from Directive 96/9/EC of the European Parliament and of the Council of 11
March 1996 on the legal protection of databases, as amended and/or succeeded,
as well as other essentially equivalent rights anywhere in the world.
m. You means the individual or entity exercising the Licensed Rights under
this Public License. Your has a corresponding meaning.
Section 2 Scope.
a. License grant.
1. Subject to the terms and conditions of this Public License, the Licensor
hereby grants You a worldwide, royalty-free, non-sublicensable, non-exclusive,
irrevocable license to exercise the Licensed Rights in the Licensed Material
to:
A. reproduce and Share the Licensed Material, in whole or in part; and
B. produce, reproduce, and Share Adapted Material.
2. Exceptions and Limitations. For the avoidance of doubt, where Exceptions
and Limitations apply to Your use, this Public License does not apply, and
You do not need to comply with its terms and conditions.
3. Term. The term of this Public License is specified in Section 6(a).
4. Media and formats; technical modifications allowed. The Licensor authorizes
You to exercise the Licensed Rights in all media and formats whether now known
or hereafter created, and to make technical modifications necessary to do
so. The Licensor waives and/or agrees not to assert any right or authority
to forbid You from making technical modifications necessary to exercise the
Licensed Rights, including technical modifications necessary to circumvent
Effective Technological Measures. For purposes of this Public License, simply
making modifications authorized by this Section 2(a)(4) never produces Adapted
Material.
5. Downstream recipients.
A. Offer from the Licensor Licensed Material. Every recipient of the Licensed
Material automatically receives an offer from the Licensor to exercise the
Licensed Rights under the terms and conditions of this Public License.
B. Additional offer from the Licensor Adapted Material. Every recipient
of Adapted Material from You automatically receives an offer from the Licensor
to exercise the Licensed Rights in the Adapted Material under the conditions
of the Adapter's License You apply.
C. No downstream restrictions. You may not offer or impose any additional
or different terms or conditions on, or apply any Effective Technological
Measures to, the Licensed Material if doing so restricts exercise of the Licensed
Rights by any recipient of the Licensed Material.
6. No endorsement. Nothing in this Public License constitutes or may be construed
as permission to assert or imply that You are, or that Your use of the Licensed
Material is, connected with, or sponsored, endorsed, or granted official status
by, the Licensor or others designated to receive attribution as provided in
Section 3(a)(1)(A)(i).
b. Other rights.
1. Moral rights, such as the right of integrity, are not licensed under this
Public License, nor are publicity, privacy, and/or other similar personality
rights; however, to the extent possible, the Licensor waives and/or agrees
not to assert any such rights held by the Licensor to the limited extent necessary
to allow You to exercise the Licensed Rights, but not otherwise.
2. Patent and trademark rights are not licensed under this Public License.
3. To the extent possible, the Licensor waives any right to collect royalties
from You for the exercise of the Licensed Rights, whether directly or through
a collecting society under any voluntary or waivable statutory or compulsory
licensing scheme. In all other cases the Licensor expressly reserves any right
to collect such royalties.
Section 3 License Conditions.
Your exercise of the Licensed Rights is expressly made subject to the following
conditions.
a. Attribution.
1. If You Share the Licensed Material (including in modified form), You must:
A. retain the following if it is supplied by the Licensor with the Licensed
Material:
i. identification of the creator(s) of the Licensed Material and any others
designated to receive attribution, in any reasonable manner requested by the
Licensor (including by pseudonym if designated);
ii. a copyright notice;
iii. a notice that refers to this Public License;
iv. a notice that refers to the disclaimer of warranties;
v. a URI or hyperlink to the Licensed Material to the extent reasonably practicable;
B. indicate if You modified the Licensed Material and retain an indication
of any previous modifications; and
C. indicate the Licensed Material is licensed under this Public License, and
include the text of, or the URI or hyperlink to, this Public License.
2. You may satisfy the conditions in Section 3(a)(1) in any reasonable manner
based on the medium, means, and context in which You Share the Licensed Material.
For example, it may be reasonable to satisfy the conditions by providing a
URI or hyperlink to a resource that includes the required information.
3. If requested by the Licensor, You must remove any of the information required
by Section 3(a)(1)(A) to the extent reasonably practicable.
b. ShareAlike.In addition to the conditions in Section 3(a), if You Share
Adapted Material You produce, the following conditions also apply.
1. The Adapter's License You apply must be a Creative Commons license with
the same License Elements, this version or later, or a BY-SA Compatible License.
2. You must include the text of, or the URI or hyperlink to, the Adapter's
License You apply. You may satisfy this condition in any reasonable manner
based on the medium, means, and context in which You Share Adapted Material.
3. You may not offer or impose any additional or different terms or conditions
on, or apply any Effective Technological Measures to, Adapted Material that
restrict exercise of the rights granted under the Adapter's License You apply.
Section 4 Sui Generis Database Rights.
Where the Licensed Rights include Sui Generis Database Rights that apply to
Your use of the Licensed Material:
a. for the avoidance of doubt, Section 2(a)(1) grants You the right to extract,
reuse, reproduce, and Share all or a substantial portion of the contents of
the database;
b. if You include all or a substantial portion of the database contents in
a database in which You have Sui Generis Database Rights, then the database
in which You have Sui Generis Database Rights (but not its individual contents)
is Adapted Material, including for purposes of Section 3(b); and
c. You must comply with the conditions in Section 3(a) if You Share all or
a substantial portion of the contents of the database.
For the avoidance of doubt, this Section 4 supplements and does not replace
Your obligations under this Public License where the Licensed Rights include
other Copyright and Similar Rights.
Section 5 Disclaimer of Warranties and Limitation of Liability.
a. Unless otherwise separately undertaken by the Licensor, to the extent possible,
the Licensor offers the Licensed Material as-is and as-available, and makes
no representations or warranties of any kind concerning the Licensed Material,
whether express, implied, statutory, or other. This includes, without limitation,
warranties of title, merchantability, fitness for a particular purpose, non-infringement,
absence of latent or other defects, accuracy, or the presence or absence of
errors, whether or not known or discoverable. Where disclaimers of warranties
are not allowed in full or in part, this disclaimer may not apply to You.
b. To the extent possible, in no event will the Licensor be liable to You
on any legal theory (including, without limitation, negligence) or otherwise
for any direct, special, indirect, incidental, consequential, punitive, exemplary,
or other losses, costs, expenses, or damages arising out of this Public License
or use of the Licensed Material, even if the Licensor has been advised of
the possibility of such losses, costs, expenses, or damages. Where a limitation
of liability is not allowed in full or in part, this limitation may not apply
to You.
c. The disclaimer of warranties and limitation of liability provided above
shall be interpreted in a manner that, to the extent possible, most closely
approximates an absolute disclaimer and waiver of all liability.
Section 6 Term and Termination.
a. This Public License applies for the term of the Copyright and Similar Rights
licensed here. However, if You fail to comply with this Public License, then
Your rights under this Public License terminate automatically.
b. Where Your right to use the Licensed Material has terminated under Section
6(a), it reinstates:
1. automatically as of the date the violation is cured, provided it is cured
within 30 days of Your discovery of the violation; or
2. upon express reinstatement by the Licensor.
c. For the avoidance of doubt, this Section 6(b) does not affect any right
the Licensor may have to seek remedies for Your violations of this Public
License.
d. For the avoidance of doubt, the Licensor may also offer the Licensed Material
under separate terms or conditions or stop distributing the Licensed Material
at any time; however, doing so will not terminate this Public License.
e. Sections 1, 5, 6, 7, and 8 survive termination of this Public License.
Section 7 Other Terms and Conditions.
a. The Licensor shall not be bound by any additional or different terms or
conditions communicated by You unless expressly agreed.
b. Any arrangements, understandings, or agreements regarding the Licensed
Material not stated herein are separate from and independent of the terms
and conditions of this Public License.
Section 8 Interpretation.
a. For the avoidance of doubt, this Public License does not, and shall not
be interpreted to, reduce, limit, restrict, or impose conditions on any use
of the Licensed Material that could lawfully be made without permission under
this Public License.
b. To the extent possible, if any provision of this Public License is deemed
unenforceable, it shall be automatically reformed to the minimum extent necessary
to make it enforceable. If the provision cannot be reformed, it shall be severed
from this Public License without affecting the enforceability of the remaining
terms and conditions.
c. No term or condition of this Public License will be waived and no failure
to comply consented to unless expressly agreed to by the Licensor.
d. Nothing in this Public License constitutes or may be interpreted as a limitation
upon, or waiver of, any privileges and immunities that apply to the Licensor
or You, including from the legal processes of any jurisdiction or authority.
Creative Commons is not a party to its public licenses. Notwithstanding, Creative
Commons may elect to apply one of its public licenses to material it publishes
and in those instances will be considered the "Licensor." The text of the
Creative Commons public licenses is dedicated to the public domain under the
CC0 Public Domain Dedication. Except for the limited purpose of indicating
that material is shared under a Creative Commons public license or as otherwise
permitted by the Creative Commons policies published at creativecommons.org/policies,
Creative Commons does not authorize the use of the trademark "Creative Commons"
or any other trademark or logo of Creative Commons without its prior written
consent including, without limitation, in connection with any unauthorized
modifications to any of its public licenses or any other arrangements, understandings,
or agreements concerning use of licensed material. For the avoidance of doubt,
this paragraph does not form part of the public licenses.
Creative Commons may be contacted at creativecommons.org.

60
clean_roaming_profiles.ps1 Normal file
View File

@ -0,0 +1,60 @@
####################################################################################################################################
#### Script : clean_roaming_profiles.ps1
#### Description : Script de suppression des dossiers de profils itinérants
#### Exécution : Doit être lancé en administrateur du domaine
#### Source : -
#### Auteur : alexandre@inios.fr
####################################################################################################################################
## Définir l'emplacement des dossiers de profils
$profiles_path = "\\nas.inios.local\profils$";
## Définir le temps de rétention (en jours)
$rentention = 30;
####################################################################################################################################
## Parcourir les dossiers en supprimant ceux dont l'utilisateur n'existe plus après la période de rétention
####################################################################################################################################
Get-ChildItem -Path $profiles_path | Foreach-Object {
## Stocker le chemin complet du répertoire enfant
$profile_path = $_.FullName;
## Stocker du nom de l'utilsateur (basé sur le nom du dossier)
$user = $_.Name.Split(".")[0];
## Déduire la période d'attente à partir de la date de dernier accès
$last_access = $_.LastAccessTime;
## Vérifier si l'utilisateur existe toujours
$deleted_user = !(Get-ADUser -Filter {SamAccountName -eq $user});
## Vérifier que le dossier à dépasser la période de rétention
$expiry = ($last_access.AddDays($rentention) -lt $(Get-Date));
## Vérification que la période d'attente est dépassée
if ($deleted_user -AND $expiry) {
## Stocker l'administrateur (basé sur l'utilisateur lançant le script)
$admin = [System.Security.Principal.NTAccount](whoami);
## Changer le propriétaire du dossier
$acl = Get-Acl $profile_path;
$acl.SetOwner($admin)
Set-Acl $profile_path $acl;
## Ajouter tous les droits au groupe Admin du domaine
$acl = Get-Acl $profile_path;
$acl.AddAccessRule((New-Object System.Security.AccessControl.FileSystemAccessRule($admin, "FullControl", "ContainerInherit, ObjectInherit", "None", "Allow")));
Set-Acl $profile_path $acl;
## Suppression du dossier
Remove-Item -Path $profile_path -Force -Recurse;
## INFO
Write-Host "$user : profile deleted"
}
elseif ($deleted_user) {
Write-Host "$user : not found in AD"
}
elseif ($expiry) {
Write-Host "$user : profile expired since $last_access";
}
}

29
deployTrendSecurityAgent.ps1 Normal file
View File

@ -0,0 +1,29 @@
# SI l'exécutable d'AVG est toujours présent, alors le désinstaller et redémarrer
if (Test-Path -Path "C:\Program Files (x86)\AVG\Setup\avgsetupx.exe") {
# Désinstaller AVG
Start-Process -Wait -PassThru -NoNewWindow -FilePath "C:\Program Files (x86)\AVG\Setup\avgsetupx.exe" -ArgumentList "/mode=offline","/uninstall=av","/AV.DontRestart=1","/silent=true"
# Attendre que les processus msiexec s'achèvent
Wait-Process -ErrorAction "SilentlyContinue" -Name "msiexec"
# Nettoyer AVG
Remove-Item -Force -Recurse -ErrorAction "SilentlyContinue" -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG"
Remove-Item -Force -Recurse -ErrorAction "SilentlyContinue" -Path "C:\Program Files (x86)\AVG"
Remove-Item -Force -Recurse -ErrorAction "SilentlyContinue" -Path "C:\Program Files\AVG"
Remove-Item -Force -Recurse -ErrorAction "SilentlyContinue" -Path "C:\ProgramData\Avg"
Remove-Item -Force -Recurse -ErrorAction "SilentlyContinue" -Path "C:\ProgramData\Avg2012"
Remove-Item -Force -Recurse -ErrorAction "SilentlyContinue" -Path "C:\`$AVG"
}
## SI l'exécutable de Trend est présent, alors sortir
if (Test-Path -Path "C:\Program Files (x86)\Trend Micro\Client Server Security Agent\PccNtMon.exe") {
Write-Host "Trend Security Agent est deja installé."
}
else {
# Installer Trend
Start-Process -Wait -PassThru -NoNewWindow -FilePath "C:\Windows\System32\msiexec.exe" -ArgumentList "/i","\\naswin\deploiement$\app\trendWF\WFBS-SVC_Agent_Installer.msi","/qn"
# Attendre que les processus msiexec s'achèvent
Wait-Process -ErrorAction "SilentlyContinue" -Name "msiexec"
}

0
deployer-firefox-en-entreprise/.gitkeep Normal file
View File

163
deployer-firefox-en-entreprise/customFirefoxInstaller.ps1 Normal file
View File

@ -0,0 +1,163 @@
####################################################################################################################################
#### Script : customFirefoxInstaller.ps1
#### Description : Script permettant d'automatiser la création d'un installeur personnalisé de Firefox (40 et +)
#### Source : https://inios.fr/deployer-firefox-en-entreprise
#### Auteur : alexandre@inios.fr
####################################################################################################################################
## Dossier d'origine
$DIR_root = "C:\firefox_work";
$DIR_installeur = "$DIR_root\installeur";
$DIR_custom = "$DIR_root\custom"
$DIR_make = "$DIR_root\make";
$TOOL_7zip = "$DIR_root\7zip\App\7-Zip\7z.exe";
$FILE_7z = "$DIR_make\app.7z";
$FILE_tag = "$DIR_make\app.tag";
$FILE_exe = "$DIR_make\firefox-custom.exe";
## Compteur
$iterator = 1;
# Récupérer le répertoire de démarrage du script
$scriptPath = split-path -parent $MyInvocation.MyCommand.Definition
####################################################################################################################################
## Vérification des pré-requis
####################################################################################################################################
## Vérification de l'existance des répertoires
if (!(Test-Path $DIR_root)) {
Write-Host "Le répertoire $DIR_root n'existe pas !";
$choice = Read-Host "Appuyer sur une touche pour sortir...";
exit;
}
if (!(Test-Path $DIR_installeur)) {
Write-Host "Le répertoire $DIR_installeur n'existe pas !";
$choice = Read-Host "Appuyer sur une touche pour sortir...";
exit;
}
if (!(Test-Path $DIR_custom)) {
Write-Host "Le répertoire $DIR_custom n'existe pas !";
$choice = Read-Host "Appuyer sur une touche pour sortir...";
exit;
}
if (!(Test-Path $DIR_make)) {
Write-Host "Le répertoire $DIR_make n'existe pas !";
$choice = Read-Host "Appuyer sur une touche pour sortir...";
exit;
}
## Vérification de la disponibilité de 7z.exe
if (!(Test-Path $TOOL_7zip)) {
Write-Host "L'utilitaire $TOOL_7zip n'est pas disponible !";
$choice = Read-Host "Appuyer sur une touche pour sortir...";
exit;
}
####################################################################################################################################
## Traitement
####################################################################################################################################
## Afficher le contenu du répertoire stockant l'installeur
# Explication
Write-Host "Les dossiers suivant sont situés dans $DIR_installeur, veuillez choisir celui que vous souhaitez utiliser en indiquant le numéro entre crochet.";
# Récupérer la liste des installeurs
[array] $items = Get-ChildItem "$DIR_installeur\" | Where-Object {$_.extension -eq ".exe"} | Sort-Object "LastWriteTime";
# Afficher la liste des dossiers avec le numéro
foreach ($item in $items) {
Write-Host "[$iterator] - $item";
$iterator++;
}
# Choisir le dossier
$choice = Read-Host "Choisir le numéro du dossier à personnaliser";
$choice = $items[$choice-1];
$archive = "$DIR_installeur\$choice";
$choice = $archive.replace('.exe','');
## Supprimer le répertoire si il existe déjà
if (Test-Path $choice) {
Remove-Item -Force -Recurse $choice;
}
## Extraire l'installeur
Invoke-Expression "$TOOL_7zip x '$archive' -o'$choice'";
## Suppression de fonctionnalités embarquées
# Firefox Hello
$file_path = "$choice\core\browser\features\loop@mozilla.org.xpi";
if (!(Test-Path $file_path)) {
Write-Host "Firefox Hello n'est pas embarqué dans cette version de Firefox";
}
else {
Remove-Item -Force $file_path;
}
# Pocket
$file_path = "$choice\core\browser\features\firefox@getpocket.com.xpi";
if (!(Test-Path $file_path)) {
Write-Host "Firefox Pocket n'est pas embarqué dans cette version de Firefox";
}
else {
Remove-Item -Force $file_path;
}
## Copie des fichiers de personnalisation
# autoconfig.js
$file_path = "$DIR_custom\autoconfig.js";
if (!(Test-Path $file_path)) {Write-Host "Le fichier autoconfig.js n'existe pas dans $DIR_custom"; $choice = Read-Host "Appuyer sur une touche pour sortir..."; exit;}
Copy-Item -Path $file_path -Destination "$choice\core\defaults\pref";
# custom.cfg
$file_path = "$DIR_custom\custom.cfg";
if (!(Test-Path $file_path)) {Write-Host "Le fichier custom.cfg n'existe pas dans $DIR_custom"; $choice = Read-Host "Appuyer sur une touche pour sortir..."; exit;}
Copy-Item -Path $file_path -Destination "$choice\core";
# profile (si présent)
$file_path = "$DIR_custom\profile";
if (Test-Path $file_path) {Copy-Item -Path $file_path -Destination "$choice\core\defaults" -Recurse;}
# dictionnaires (si présent)
$file_path = "$DIR_custom\dictionaries\*";
if (Test-Path $file_path) {Copy-Item -Path $file_path -Destination "$choice\core\dictionaries";}
# extensions (si présent)
$file_path = "$DIR_custom\extensions";
if (Test-Path $file_path) {Copy-Item -Path $file_path -Destination "$choice\core";}
## Créer l'archive de base
# Entrer dans le dossier à personnaliser
Set-Location $choice;
# SI le fichier personnalisé existe, ALORS le supprimer
if (Test-Path $FILE_7z) {
Remove-Item $FILE_7z;
}
# Créer le fichier personnalisé
cmd /c "$TOOL_7zip a -r -t7z $FILE_7z -mx -m0=BCJ2 -m1=LZMA:d24 -m2=LZMA:d19 -m3=LZMA:d19 -mb0:1 -mb0s1:2 -mb0s2:3";
## Créer le fichier "app.tag"
# SI le fichier n'existe pas, ALORS le créer
if (!(Test-Path $FILE_tag)) {
Add-Content -Path $FILE_tag -Value ';!@Install@!UTF-8!';
Add-Content -Path $FILE_tag -Value 'Title="Mozilla Firefox"';
Add-Content -Path $FILE_tag -Value 'RunProgram="setup.exe"';
Add-Content -Path $FILE_tag -Value ';!@InstallEnd@!';
}
## Créer l'installeur
# SI le fichier personnalisé existe, ALORS le supprimer
if (Test-Path $FILE_exe) {
Remove-Item $FILE_exe;
}
# Créer le package d'installation
cmd /c "copy /B $DIR_make\7zSD.sfx+$DIR_make\app.tag+$DIR_make\app.7z $FILE_exe";
## Attendre pour sortir
Write-Host "L'installeur personnalisé est disponible dans $DIR_make sous le nom firefox-custom.exe";
$choice = Read-Host "Appuyer pour terminer...";
## Retourner sur l'emplacement d'origine
Set-Location $scriptPath

76
exchange-via-powershell-en-session-distante.ps1 Normal file
View File

@ -0,0 +1,76 @@
##############################################################################################################
### Initialisation du script
##############################################################################################################
$domain = "@inios.local";
$exchange_server = "http://exchange2010.inios.local/PowerShell/";
##############################################################################################################
### Pré-chauffage
##############################################################################################################
### Changer la couleur de la console
$host.UI.RawUI.BackgroundColor = "Black";
### Vérifier que la session n'est pas déjà ouverte
if (Get-Command "Get-Mailbox" -ErrorAction SilentlyContinue) {
Write-Host "[" -NoNewline; Write-Host "OK" -NoNewline -foregroundcolor "DarkGreen"; Write-Host "] " -NoNewline;
Write-Host "Exchange session are already launched.";
exit;
}
### Se positionner
Set-Location "c:\";
##############################################################################################################
### Traiement
##############################################################################################################
### Boucler tant que la connexion echoue
do {
## Afficher un message
Write-Host "[" -NoNewline; Write-Host "LOADING" -NoNewline -foregroundcolor "DarkGreen"; Write-Host "] " -NoNewline;
Write-Host "Exchange administrator credentials needed.";
## Récupérer les identifiant d'administration Exchange
Write-Host "[" -NoNewline; Write-Host "ANSWER" -NoNewline -foregroundcolor "Yellow"; Write-Host "] " -NoNewline;
$exchange_login = Read-Host "Login (without domain)";
Write-Host "[" -NoNewline; Write-Host "ANSWER" -NoNewline -foregroundcolor "Yellow"; Write-Host "] " -NoNewline;
$exchange_password = Read-Host "Password" -AsSecureString;
## Ajouter le domaine au login de l'administrateur
$exchange_login += $domain;
## Créer les droits pour lancer la session
$exchange_auth = New-Object -typename System.Management.Automation.PSCredential -ArgumentList $exchange_login, $exchange_password;
### Créer la session vers le serveur Exchange
$exchange_session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri $exchange_server -Authentication Kerberos -Credential $exchange_auth -Name "Exchange" -ErrorAction SilentlyContinue;
## Si la session n'est pas ouverte
if (!$exchange_session) {
# Afficher un message
Write-Host "[" -NoNewline; Write-Host "ERROR" -NoNewline -foregroundcolor "Red"; Write-Host "] " -NoNewline;
Write-Host "Impossible to open a session : check parameters or credentials!";
Write-Host "[" -NoNewline; Write-Host "ANSWER" -NoNewline -foregroundcolor "Yellow"; Write-Host "] " -NoNewline;
$retry = Read-Host "Retry ? [Y]es [N]o";
# SI la réponse est oui
if ($retry.ToLower() -eq "y") {$loop = $true;} else {$loop = $false;}
}
else {$loop = $false;}
}
while ($loop);
### Si la session n'est pas ouverte
if (!$exchange_session) {
Write-Host "[" -NoNewline; Write-Host "ERROR" -NoNewline -foregroundcolor "Red"; Write-Host "] " -NoNewline;
Write-Host "Exchange session is not open, if you are a parent, quit!";
exit 1;
}
else {
## Ouvrir la session
$null = Import-PSSession $exchange_session -DisableNameChecking;
## Afficher un message
Write-Host "[" -NoNewline; Write-Host "OK" -NoNewline -foregroundcolor "DarkGreen"; Write-Host "] " -NoNewline;
Write-Host "Exchange session is ready to get command.";
}

0
hubic-sur-debian/.gitkeep Normal file
View File

17
hubic-sur-debian/hubic_conf.bash Normal file
View File

@ -0,0 +1,17 @@
#!/bin/bash
# Fichier temporaire contenant le mot de passe
echo $2 > /tmp/hubic_passwd
# Export DBUS
dbus-daemon --session --fork --print-address > /tmp/hubic.dbus
export DBUS_SESSION_BUS_ADDRESS=`cat /tmp/hubic.dbus`
# Connexion
hubic login --password_path=/tmp/hubic_passwd $1
# Suivi de l'activité d'hubic
watch -n1 hubic status
# Supprimer le mot de passe en sortant
rm /tmp/hubic_passwd

11
hubic-sur-debian/hubic_start.bash Normal file
View File

@ -0,0 +1,11 @@
#!/bin/bash
# Export DBUS
dbus-daemon --session --fork --print-address > /tmp/hubic.dbus
export DBUS_SESSION_BUS_ADDRESS=`cat /tmp/hubic.dbus`
# Démarrage de HubiC
hubic start
# Monitoring continu
watch -n1 hubic status

47
hubicSytemd Normal file
View File

@ -0,0 +1,47 @@
#!/bin/bash
if [[ ! -d ~/.config/hubiC/ ]]; then
echo "~/.config/hubiC/ does not exist, hubic is not configured?"
elif [[ $1 == "start" ]]; then
if [[ ! -e /tmp/hubic.dbus ]]; then
# Stocker une nouvelle session DBUS dans un fichier
dbus-daemon --session --fork --print-address > /tmp/hubic.dbus
# Charger la session DBUS
export DBUS_SESSION_BUS_ADDRESS=`cat /tmp/hubic.dbus`
# Démarrer de HubiC
hubic start
else
echo "/tmp/hubic.dbus already exist"
fi
elif [[ $1 == "stop" ]]; then
if [[ -e /tmp/hubic.dbus ]]; then
# Charger la session DBUS
export DBUS_SESSION_BUS_ADDRESS=`cat /tmp/hubic.dbus`
# Arrêt de hubiC
hubic stop
# Suppression de le fichier contenant la session DBUS
rm /tmp/hubic.dbus
else
echo "/tmp/hubic.dbus does not exist"
fi
elif [[ $1 == "keepalive" ]]; then
if [[ -e /tmp/hubic.dbus ]]; then
# Charger la session DBUS
export DBUS_SESSION_BUS_ADDRESS=`cat /tmp/hubic.dbus`
# Forcer la synchronisation
hubic synchronize
else
echo "/tmp/hubic.dbus does not exist"
fi
else
echo "Script to simplify management of hubiC."
echo
echo "This script needs one of the following settings to work:"
echo -e "\t- start\t: start hubiC in background "
echo -e "\t- stop\t: stop hubiC"
fi

13
hubicSytemd.service Normal file
View File

@ -0,0 +1,13 @@
[Unit]
Description=Hubic Service
After=network.target
[Service]
Type=forking
User=root
ExecStart=/opt/hubicSytemd start
ExecStop=/opt/hubicSytemd stop
RestartSec=10
[Install]
WantedBy=multi-user.target

0
limiter-les-algorithmes-de-cryptographie-sur-un-serveur-web/.gitkeep Normal file
View File

127
limiter-les-algorithmes-de-cryptographie-sur-un-serveur-web/algorithm_limitation_IIS.ps1 Normal file
View File

@ -0,0 +1,127 @@
###############################################################################################
# Source : https://www.hass.de/content/setup-your-iis-ssl-perfect-forward-secrecy-and-tls-12 #
# Description : Script permettant de limiter les algorithmes de crypto IIS #
###############################################################################################
# Disable Multi-Protocol Unified Hello
New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello\Server' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello\Server' -name Enabled -value 0 -PropertyType 'DWord' -Force | Out-Null
Write-Host 'Multi-Protocol Unified Hello has been disabled.'
# Disable PCT 1.0
New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server' -name Enabled -value 0 -PropertyType 'DWord' -Force | Out-Null
Write-Host 'PCT 1.0 has been disabled.'
# Disable SSL 2.0 (PCI Compliance)
New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server' -name Enabled -value 0 -PropertyType 'DWord' -Force | Out-Null
Write-Host 'SSL 2.0 has been disabled.'
# Disable SSL 3.0 (PCI Compliance) and enable "Poodle" protection
New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server' -name Enabled -value 0 -PropertyType 'DWord' -Force | Out-Null
Write-Host 'SSL 3.0 has been disabled.'
# Add and Enable TLS 1.0 for client and server SCHANNEL communications
New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server' -name 'Enabled' -value '0xffffffff' -PropertyType 'DWord' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server' -name 'DisabledByDefault' -value 0 -PropertyType 'DWord' -Force | Out-Null
Write-Host 'TLS 1.0 has been enabled.'
# Add and Enable TLS 1.1 for client and server SCHANNEL communications
New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server' -Force | Out-Null
New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server' -name 'Enabled' -value '0xffffffff' -PropertyType 'DWord' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server' -name 'DisabledByDefault' -value 0 -PropertyType 'DWord' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client' -name 'Enabled' -value 1 -PropertyType 'DWord' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client' -name 'DisabledByDefault' -value 0 -PropertyType 'DWord' -Force | Out-Null
Write-Host 'TLS 1.1 has been enabled.'
# Add and Enable TLS 1.2 for client and server SCHANNEL communications
New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server' -Force | Out-Null
New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server' -name 'Enabled' -value '0xffffffff' -PropertyType 'DWord' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server' -name 'DisabledByDefault' -value 0 -PropertyType 'DWord' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client' -name 'Enabled' -value 1 -PropertyType 'DWord' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client' -name 'DisabledByDefault' -value 0 -PropertyType 'DWord' -Force | Out-Null
Write-Host 'TLS 1.2 has been enabled.'
# Re-create the ciphers key.
New-Item 'HKLM:SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers' -Force | Out-Null
# Disable insecure/weak ciphers.
$insecureCiphers = @(
'DES 56/56',
'NULL',
'RC2 128/128',
'RC2 40/128',
'RC2 56/128',
'RC4 40/128',
'RC4 56/128',
'RC4 64/128',
'RC4 128/128'
)
Foreach ($insecureCipher in $insecureCiphers) {
$key = (Get-Item HKLM:\).OpenSubKey('SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers', $true).CreateSubKey($insecureCipher)
$key.SetValue('Enabled', 0, 'DWord')
$key.close()
Write-Host "Weak cipher $insecureCipher has been disabled."
}
# Set hashes configuration.
New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\MD5' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\MD5' -name Enabled -value 0 -PropertyType 'DWord' -Force | Out-Null
New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA' -name Enabled -value '0xffffffff' -PropertyType 'DWord' -Force | Out-Null
# Set KeyExchangeAlgorithms configuration.
New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman' -name Enabled -value '0xffffffff' -PropertyType 'DWord' -Force | Out-Null
New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\PKCS' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\PKCS' -name Enabled -value '0xffffffff' -PropertyType 'DWord' -Force | Out-Null
# Set cipher suites order as secure as possible (Enables Perfect Forward Secrecy).
$cipherSuitesOrder = @(
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P521',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256',
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P521',
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P521',
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384',
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256',
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384',
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256',
'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P521',
'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384',
'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P521',
'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384',
'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256',
'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P521',
'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384',
'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P521',
'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384',
'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256',
'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P521',
'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384',
'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256',
'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P521',
'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384',
'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256',
'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256',
'TLS_DHE_DSS_WITH_AES_256_CBC_SHA',
'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256',
'TLS_DHE_DSS_WITH_AES_128_CBC_SHA',
'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA',
'TLS_RSA_WITH_AES_256_CBC_SHA256',
'TLS_RSA_WITH_AES_256_CBC_SHA',
'TLS_RSA_WITH_AES_128_CBC_SHA256',
'TLS_RSA_WITH_AES_128_CBC_SHA',
'TLS_RSA_WITH_3DES_EDE_CBC_SHA'
)
$cipherSuitesAsString = [string]::join(',', $cipherSuitesOrder)
New-ItemProperty -path 'HKLM:\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002' -name 'Functions' -value $cipherSuitesAsString -PropertyType 'String' -Force | Out-Null