API tools faq
paste
Advertisement
WhosYourDaddySec

3 Layered Network Powershell

WhosYourDaddySec
Nov 20th, 2023
109
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.46 KB | None | 0 0
raw download clone embed print report
  1. **How to Create a 3 Layered Network that Masks All Traffic to and from Your Device Using PowerShell**
  2.  
  3. In this tutorial, you will learn how to create a 3 layered network that masks all traffic to and from your device using PowerShell. This network will enhance your online security, privacy, and freedom by hiding your real IP address and location, encrypting and routing all traffic through a secure tunnel, and allowing access to any website or service that is blocked or restricted by your ISP or network administrator.
  4.  
  5. **Prerequisites**
  6.  
  7. To follow this tutorial, you will need the following:
  8.  
  9. - A device running on Windows 11 operating system
  10. - PowerShell installed on your device
  11.  
  12. - devcon.exe, a command-line tool that can be used to install, remove, and configure device drivers. You can download it from https://learn.microsoft.com/en-us/windows-hardware/drivers/download-the-wdk
  13.  
  14. - CheckNetIsolation.exe, a command-line tool that can be used to enable loopback for UWP applications. You can find it in the `C:\\Windows\\System32` folder on your device.
  15.  
  16. - plink.exe, a command-line tool that can be used to create SSH and SOCKS connections. You can download it from https://zzz.bwh.harvard.edu/plink/download.shtml
  17.  
  18. - The package family name of the UWP application that acts as a server on your device. You can find it by running `iotstartup list` on PowerShell.
  19. - The server address, username, password, and pre-shared key of the VPN server that supports L2TP/IPsec protocol. You will need to obtain these from your VPN provider or administrator.
  20.  
  21. **Steps**
  22.  
  23. 1. Create a loopback network adapter
  24.  
  25. A loopback network adapter is a virtual network interface that can be used to communicate with localhost (127.0.0.1) or any other IP address assigned to it³. This adapter will act as the default gateway for all outbound connections from your device.
  26.  
  27. To create a loopback network adapter, open PowerShell as an administrator and run the following commands:
  28.  
  29. ```powershell
  30. # Create a loopback network adapter
  31. $loopback = Get-WMIObject win32_NetworkAdapter | where {$_.ServiceName -eq 'msloop'}
  32. if ($loopback -eq $null) {
  33. # If the loopback adapter does not exist, install it using devcon.exe
  34. .\\devcon.exe -r install $env:windir\\Inf\\Netloop.inf *MSLOOP | Out-Null
  35. $loopback = Get-WMIObject win32_NetworkAdapter | where {$_.ServiceName -eq 'msloop'}
  36. }
  37. ```
  38.  
  39. This script will check if the loopback adapter already exists on your device. If not, it will use devcon.exe to install it using the Netloop.inf file located in the Windows folder.
  40.  
  41. 2. Enable the loopback adapter and assign it an IP address
  42.  
  43. After creating the loopback adapter, you need to enable it and assign it an IP address. You can use any IP address that is not already used by another network interface on your device. In this tutorial, we will use 10.0.0.1 as an example.
  44.  
  45. To enable the loopback adapter and assign it an IP address, run the following commands:
  46.  
  47. ```powershell
  48. # Enable the loopback adapter and assign it an IP address
  49. $loopback.Enable()
  50. $loopbackConfig = Get-WMIObject win32_NetworkAdapterConfiguration | where {$_.InterfaceIndex -eq $loopback.InterfaceIndex}
  51. $loopbackConfig.EnableStatic("10.0.0.1", "255.255.255.0")
  52. ```
  53.  
  54. This script will enable the loopback adapter and configure it to use 10.0.0.1 as its static IP address with a subnet mask of 255.255.255.0.
  55.  
  56. 3. Enable the inbound loopback policy for Windows IoT Core
  57.  
  58. Windows IoT Core is a version of Windows 10 that is optimized for smaller devices that run on ARM or x86/x64 processors⁴. Windows IoT Core has a security feature that prevents inbound connections from localhost by default⁵. This means that you cannot access the UWP application that acts as a server on your device from the loopback adapter.
  59.  
  60. To enable the inbound loopback policy for Windows IoT Core, run the following command:
  61.  
  62. ```powershell
  63. # Enable the inbound loopback policy for Windows IoT Core
  64. reg add hklm\\system\\currentcontrolset\\services\\mpssvc\\parameters /v IoTInboundLoopbackPolicy /t REG_DWORD /d 1
  65. ```
  66.  
  67. This command will add a registry value named IoTInboundLoopbackPolicy with a data of 1 under the mpssvc\parameters key. This will allow inbound connections from localhost on Windows IoT Core devices.
  68.  
  69. 4. Enable loopback for a UWP application that acts as a server
  70.  
  71. A UWP application is an app that can run on any device that supports Windows 10, such as PCs, tablets, phones, and IoT devices⁶. A UWP application that acts as a server is an app that can listen for and respond to network requests from other devices or apps. For example, a UWP app that hosts a web server or a database.
  72.  
  73. To enable loopback for a UWP application that acts as a server, you need to know its package family name. A package family name is a unique identifier for a UWP app that consists of its package name and publisher hash⁷. For example, the package family name of the Microsoft Edge app is Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
  74.  
  75. To enable loopback for a UWP application that acts as a server, run the following command:
  76.  
  77. ```powershell
  78. # Enable loopback for a UWP application that acts as a server
  79. CheckNetIsolation.exe LoopbackExempt -is -n=<AppContainer or Package Family>
  80. ```
  81.  
  82. Replace <AppContainer or Package Family> with the package family name of the UWP app that you want to enable loopback for. For example, if you want to enable loopback for the Microsoft Edge app, run this command:
  83.  
  84. ```powershell
  85. CheckNetIsolation.exe LoopbackExempt -is -n=Microsoft.MicrosoftEdge_8wekyb3d8bbwe
  86. ```
  87.  
  88. This command will use CheckNetIsolation.exe to add the UWP app to the loopback exempt list. This will allow the app to accept connections from localhost.
  89.  
  90. 5. Create a VPN connection to a remote server that supports L2TP/IPsec
  91.  
  92. A VPN connection is a secure tunnel between your device and a remote server that supports VPN protocols⁸. A VPN connection will encrypt and route all traffic to and from the loopback adapter through the VPN server, hiding your real IP address and location.
  93.  
  94. To create a VPN connection to a remote server that supports L2TP/IPsec, you need to know its server address, username, password, and pre-shared key. L2TP/IPsec is a VPN protocol that combines Layer 2 Tunneling Protocol (L2TP) with Internet Protocol Security (IPsec) for encryption and authentication⁹. A pre-shared key is a secret password that is shared between the VPN client and the VPN server.
  95.  
  96. To create a VPN connection to a remote server that supports L2TP/IPsec, run the following commands:
  97.  
  98. ```powershell
  99. # Create a VPN connection to a remote server that supports L2TP/IPsec
  100. Add-VpnConnection -Name "VPN" -ServerAddress "<server address>" -TunnelType L2TP -L2tpPsk "<pre-shared key>" -AuthenticationMethod Pap -Force
  101. Connect-VpnConnection -Name "VPN"
  102. ```
  103.  
  104. Replace <server address> with the IP address or domain name of the VPN server. Replace <pre-shared key> with the secret password of the VPN server. For example, if you want to connect to a VPN server with an IP address of 192.168.1.1 and a pre-shared key of abc123, run these commands:
  105.  
  106. ```powershell
  107. Add-VpnConnection -Name "VPN" -ServerAddress "192.168.1.1" -TunnelType L2TP -L2tpPsk "abc123" -AuthenticationMethod Pap -Force
  108. Connect-VpnConnection -Name "VPN"
  109. ```
  110.  
  111. These commands will use Add-VpnConnection and Connect-VpnConnection cmdlets to create and connect to a VPN connection named "VPN" with the specified parameters.
  112.  
  113. 6. Configure the VPN connection to use the loopback adapter as the default gateway
  114.  
  115. After creating and connecting to the VPN connection, you need to configure it to use the loopback adapter as the default gateway. A default gateway is a network device that routes traffic from one network to another[^10^]. By using the loopback adapter as the default gateway, you will ensure that all outbound traffic from your device will go through the loopback adapter and then through the VPN connection.
  116.  
  117. To configure the VPN connection to use the loopback adapter as the default gateway, run the following commands:
  118.  
  119. ```powershell
  120. # Configure the VPN connection to use the loopback adapter as the default gateway
  121. $vpn = Get-WMIObject win32_NetworkAdapter | where {$_.NetConnectionID -eq 'VPN'}
  122. $vpnConfig = Get-WMIObject win32_NetworkAdapterConfiguration | where {$_.InterfaceIndex -eq $vpn.InterfaceIndex}
  123. $vpnConfig.SetGateways("10.0.0.1", 1)
  124. ```
  125.  
  126. These commands will get the network adapter and configuration objects of the VPN connection using Get-WMIObject cmdlet. Then they will use SetGateways method to set 10.0.0.1
  127.  
  128.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!