New
#1
I have a batch script that disables Wpad (A security messaure)
Hi all. I found this batch file to render wpad useless or prevent the danger with wpad. I want you to give me advice on what you think of it, and if it's something that is a legit concern even in 2023. And feel free to use it for yourself for security if you find it legit prevention. I read about it and it is?/was a legit concern.
Here it is below:
"I have tested removing proxy from computers by renaming the WPAD key and rebooting.
You can also use IEAK11 to create a GPO to remove "Automatically detect settings" and that is why the script uses gpupdate to apply the GPO as well. If you already applied the change to a computer this script won't do changes and will exit. The basic script is bellow.
Even when you turn on in Internet Explorer "Automatically detect settings" proxy is not used and WPAD key is recreated but with no proxy. This setting is no longer recommended as makes your computer vulnerable (Disable WPAD Now or Have Your Accounts Compromised, Researchers Warn - Slashdot) ."
SCRIPT BELOW:
REM Script to delete the cached proxy configuration, clear IE cache, flushdns, rename WPAD key and delete the original; reboot is required
gpupdate
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad.bad" >nul
if %ERRORLEVEL%==0 goto END
ELSE
(
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections" /v "DefaultConnectionSettings" /f
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections" /v "SavedLegacySettings" /f
RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8
ipconfig /flushdns
reg copy "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad" "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad.bad"
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad" /f
echo n | gpupdate /force /wait:0
shutdown.exe /r /t 30 )
:END