-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathNew-SharePerDisk.ps1
53 lines (41 loc) · 2.26 KB
/
New-SharePerDisk.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# WARNING
# Enabling anonymous access and sharing the root of every disk, even with read-only permissions, can expose sensitive data.
# This setup is generally not recommended for production environments and should only be used in controlled scenarios.
# Function to enable required settings for anonymous file sharing
function Enable-AnonymousFileSharing {
# Set permissions for everyone to access the shares
$registryPath = "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters"
Set-ItemProperty -Path $registryPath -Name "NullSessionShares" -Value "*"
# Enable guest access
net user guest /active:yes
# Set sharing permissions for the guest account
net localgroup "Guests" /add
net localgroup "Guests" guest /add
# Enable anonymous access in the registry
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" -Name "RestrictNullSessAccess" -Value 0
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa" -Name "everyoneincludesanonymous" -Value 1
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa" -Name "restrictanonymous" -Value 0
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa" -Name "restrictanonymoussam" -Value 0
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" -Name "AllowInsecureGuestAuth" -Value 1
# Disable password protected sharing
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" -Name "AutoShareWks" -Value 0
Set-NetFirewallRule -DisplayName "File and Printer Sharing (SMB-In)" -Enabled True
# Restart the server service to apply changes
Restart-Service "lanmanserver"
}
# Function to share the root of every disk
function Share-AllDisks {
# Get all drives on the system
$drives = Get-PSDrive -PSProvider FileSystem
foreach ($drive in $drives) {
$driveLetter = $drive.Name + "$"
$drivePath = $drive.Root
# Create the share
net share $driveLetter=$drivePath /GRANT:Everyone,READ # or FULL
}
}
# Enable anonymous file sharing
Enable-AnonymousFileSharing
# Share the root of every disk
Share-AllDisks
Write-Host "All disks have been shared. Anonymous file sharing has been enabled."