aveyo

windows_update_reboot_toggle

Mar 17th, 2018 (edited)
4,563
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. @(echo off% <#%) &title Windows Update Reboot Toggle, AveYo 2018-2020
  2. set "0=%~f0"&set 1=%*&powershell -nop -win 1 -c iex ([io.file]::ReadAllText($env:0)) &exit/b ||#>)[1]
  3. ## wrap script
  4. sp 'HKCU:\Volatile Environment' 'WUReboot' @'
  5.  
  6. ## status for Windows Update Reboot tasks
  7. $utasks = 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator'
  8. $reboot = @('Reboot','Reboot_AC','Reboot_Battery')
  9. $reboot |foreach {
  10.   if (gp "$utasks\$_" Id_OFF -ea 0) {$TOGGLE=7;$KEEP=6;$A='Enable';$S='OFF'}else{$TOGGLE=6;$KEEP=7;$A='Disable';$S='ON'}
  11. }
  12.  
  13. ## toggle dialog prompt with Yes, No, Cancel (6,7,2)
  14. if ($env:1 -ne 6 -and $env:1 -ne 7) {
  15.   $choice=(new-object -ComObject Wscript.Shell).Popup($A + ' Windows Update Reboot?', 0, 'Windows Update Reboot is: ' + $S, 51)
  16.   if ($choice -eq 2) {break} elseif ($choice -eq 6) {$env:1=$TOGGLE} else {$env:1=$KEEP}
  17. }
  18.  
  19. ## relaunch as Admin passing cmdline args
  20. $r=[char]13; $nfo=[char]39+$r+' (\   /)'+$r+'( * . * )  A limited account protects you from UAC exploits'+$r+'    ```'+$r+[char]39
  21. $script='$AveYo='+$nfo+';$env:1='+$env:1+';iex((gp Registry::HKEY_Users\S-1-5-21*\Volatile* WUReboot -ea 0)[0].WUReboot)'
  22. $null=fltmc; if($LASTEXITCODE -gt 0){start powershell -args ('-nop -c & {',$script,'}') -verb runas -win 1; break}
  23.  
  24. ## reg_own snippet
  25. function reg_own([string[]]$A){ #key [opt],all,usr,own,acc,perm  : reg_own "HKCU:\My","","S-1-5-32-545","","Allow","FullControl"
  26. $D1=[uri].module.gettype('System.Diagnostics.Process')."GetM`ethods"(42) |where {$_.Name -eq 'SetPrivilege'} #`:no-ev-warn
  27. 'SeSecurityPrivilege','SeTakeOwnershipPrivilege','SeBackupPrivilege','SeRestorePrivilege'|foreach {$D1.Invoke($null, @("$_",2))}
  28. $path=$A[0]; $rk=$path-split':\\',2; $HK=gi -lit Registry::$($rk[0]) -fo; $s=$A[1]; $sps=[Security.Principal.SecurityIdentifier]
  29. $u=($A[2],'S-1-5-32-544')[!$A[2]];$o=($A[3],$u)[!$A[3]];$w=$u,$o |% {new-object $sps($_)}; $old=!$A[3];$own=!$old; $y=$s-eq'all'
  30. $rar=new-object Security.AccessControl.RegistryAccessRule( $w[0], ($A[5],'FullControl')[!$A[5]], 1, 0, ($A[4],'Allow')[!$A[4]] )
  31. $x=$s-eq'none';function Own1($k){$t=$HK.OpenSubKey($k,2,'TakeOwnership');if($t){0,4|%{try{$o=$t.GetAccessControl($_)}catch{$old=0}
  32. };if($old){$own=1;$w[1]=$o.GetOwner($sps)};$o.SetOwner($w[0]);$t.SetAccessControl($o); $c=$HK.OpenSubKey($k,2,'ChangePermissions')
  33. $p=$c.GetAccessControl(2);if($y){$p.SetAccessRuleProtection(1,1)};$p.ResetAccessRule($rar);if($x){$p.RemoveAccessRuleAll($rar)}
  34. $c.SetAccessControl($p);if($own){$o.SetOwner($w[1]);$t.SetAccessControl($o)};if($s){$subkeys=$HK.OpenSubKey($k).GetSubKeyNames()
  35. foreach($n in $subkeys){Own1 "$k\$n"}}}}; Own1 $rk[1]; if($env:VO){get-acl Registry::$path|fl}} # lean & mean ps snippet by AveYo
  36.  
  37. ## use reg_own snippet to unprotect Windows Update Reboot tasks
  38. reg_own $utasks,'preserve','S-1-1-0' ## reg_own $utasks,'none','S-1-1-0'
  39.  
  40. ## toggle Windows Update Reboot tasks
  41.  if ($env:1 -eq 6) {
  42.    $reboot |foreach {if (gp "$utasks\$_" Id -ea 0) {rnp "$utasks\$_" Id Id_OFF -Force -ea 0}}
  43.  } else {
  44.    $reboot |foreach {if (gp "$utasks\$_" Id_OFF -ea 0) {rnp "$utasks\$_" Id_OFF Id -Force -ea 0}}
  45.  }
  46.  
  47. ## execute script
  48. '@ -Force -ea 0; iex((gp Registry::HKEY_Users\S-1-5-21*\Volatile* WUReboot -ea 0)[0].WUReboot)
  49. #-_-# hybrid script, can be pasted directly into powershell console
  50.  
RAW Paste Data