Posted On May 1, 2019

Group Policy: WinHTTP Settings

kimconnect 0 comments
blog.KimConnect.com >> Windows >> Group Policy: WinHTTP Settings
May 1, 2019May 1, 2019 kimconnectkimconnect 0 Comments
Overview

There are several registry keys that needed configuration within a Group Policy to enable WinHTTP on all Windows machines being joined to the domain. This is the the first item:

Part 1

Create a WinHTTP_Settings GP > navigate through Computer Configuration > Preferences > Windows Settings > right-click Registry > New > Registry Item

New Registry Properties:
Action = Update
Hive = HKEY_LOCAL_MACHINE
Key Path = SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
Value name = WinHttpSettings
Value type = REG_BINARY
Value data = 1800000000000000010000000000000000000000 (Direct Access - No Proxy)

Note: run this script to obtain Value data on a Windows test machine

# Dynamic variables
$proxy="http://proxy:80";
$exclusionList="localhost;*.kimconnect.com"

# Set proxy registry
$asciiValue = "(   $proxy $exclusionList"
$binaryValue = [system.Text.Encoding]::Default.GetBytes($asciiValue) | %{[System.Convert]::ToString($_) }
$winHTTPHive = "Registry::HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections"
$winHTTPKey = "WinHttpSettings"
Set-ItemProperty -Path $winHTTPHive -Name $winHTTPKey -Value $binaryValue

Run Regedit > navigate to SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections > double-click on WinHttpSettings to obtain the binary data for copying purposes

Part 2

To be continued…

Maybe: https://learn.microsoft.com/en-us/defender-endpoint/configure-proxy-internet

Categories:

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Post Image

Read More

Hacking 101: Domain Controllers as One of the Many Usual Targets

A potential bad actor's full network penetration repertoire is beyond the scope of this article.…
Post Image

Read More

PowerShell: Automating Microsoft Failover Cluster Maintenance – FileServer, SQL AlwaysOn, Hyper-V Guest VMs, Disks Operations

##################################################################################################### # MsClusterMaintenance_v0.0.2.ps1 # Author: KimConnect.com # License: GPLv3 # Description: this program automates the…
Post Image

Read More

Remote Desktop: change default listening port

1. Start Registry Editor. 2. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber 3.…