search

hardentools / hardentools

Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.
GNU General Public License v3.0
2.88k stars 254 forks source link

Windows 10 Home and disable CMD #84

Closed ghost closed 4 years ago

ghost commented 4 years ago

Hi! I disabled CMD in Hardentools. Now, I can't enable it. I try use your tool and registry (https://www.maketecheasier.com/disable-command-prompt-windows/) because gpedit isn't installed on Home version of Windows.

How do you disable CMD in Hardentools on Windows 10 Home?

obsti8383 commented 4 years ago

Hi, is there an error message in hardentools when you are restoring? Hardentools should also generate a hardentools.log file. Could you please check this for errors when restoring? Also have you rebooted your Windows?

ghost commented 4 years ago

Hi, is there an error message in hardentools when you are restoring? Hardentools should also generate a hardentools.log file. Could you please check this for errors when restoring? Also have you rebooted your Windows?

I don't see any errors and haven't *.log file. Yes, I rebooted system

obsti8383 commented 4 years ago

Ah, that is strange. It should normally be in the folder where you started hardentools from. Anyhow, could you please hit Win+R and enter regedit.exe and tell me if there is one of the following entries, and if yes, with which content?

Entries below Key / Folder (see example screenshot): _HKEY_CURRENTUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun

disallowrun

Entries below Key / Folder : _HKEY_CURRENTUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer

The above keys are used by Hardentools to disable cmd.exe

Entries below Key / Folder: _HKEY_CURRENTUSER\Software\Security Without Borders

These are entries from hardentools to save the existing configuration before hardening.

Thx.

ghost commented 4 years ago

Sorry for late.

(https://user-images.githubusercontent.com/58888243/84669055-b0e98980-af24-11ea-8f9c-882eb731bb4b.png)

(https://user-images.githubusercontent.com/58888243/84669093-bf37a580-af24-11ea-8ec9-92f8d4de7996.png)

obsti8383 commented 4 years ago

@MichalGizaSrv OK, obviously restoring the settings with hardentools didn't go through since the key "Harden" is set to "1". But that was clear anyhow. First proposal: Could you try again to start hardentools and hit the restore Button and check if there are any messages in the log output? Alternate proposal: You could just set the "DisallowRun" key below Policies/Explore to "0". That should at least fix your cmd.exe problem. But other settings will still be hardened. You can find all the settings that have been changed using the SavedState_* keys, but you have to know what your are doing if you want to manually revert.

ghost commented 4 years ago

@MichalGizaSrv OK, obviously restoring the settings with hardentools didn't go through since the key "Harden" is set to "1". But that was clear anyhow. First proposal: Could you try again to start hardentools and hit the restore Button and check if there are any messages in the log output? Alternate proposal: You could just set the "DisallowRun" key below Policies/Explore to "0". That should at least fix your cmd.exe problem. But other settings will still be hardened. You can find all the settings that have been changed using the SavedState_* keys, but you have to know what your are doing if you want to manually revert.

I want unlock only CMD so I will use registry. Thank you for your help :)