Created
December 18, 2024 12:50
-
-
Save Geofferey/5963c948299c7837124eef0c1786193f to your computer and use it in GitHub Desktop.
A custom script for debugging tailscale when running in unattended mode without GUI (WIP)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $host.ui.RawUI.WindowTitle = "NTAUTHORITY\SYSTEM - Tailscale Debugging" | |
| $ErrorActionPreference = "Continue" | |
| $host.ui.RawUI.BackgroundColor = "Black" | |
| $host.ui.RawUI.ForegroundColor = "Red" | |
| $RootPath = $PWD.Path | |
| cd ".\" | |
| $UserName = (whoami) | |
| if ($UserName -ne "nt authority\system") { | |
| Start-Process -FilePath ".\psexec.exe" -ArgumentList @("-accepteula", "-nobanner", "-d", "-s", "-i", "$RootPath\tsdebugging.exe") -WorkingDirectory ".\" | |
| exit 0 | |
| } | |
| ## Function for getting AD computer attributes since RSAT is not available on every computer, duh | |
| function Get-Attributes ($arg1) { | |
| $searcher = New-Object system.directoryservices.directorysearcher | |
| $searcher.PropertiesToLoad.AddRange(@($arg1)) | |
| $null = $searcher.Filter = "(name=$env:ComputerName)" | |
| $result = $searcher.FindOne() | |
| $attribute = $result.properties.$arg1 | |
| echo $attribute | |
| } | |
| Clear-Host | |
| Write-Host "* If you are seeing this terminal directly after an installation, some kind of error must've occurred" | |
| Write-Host "* This terminal session exist for debugging and manual configuration of the Tailscale client" | |
| Write-Host "* Check for common errors such as incorrect PreAuthKey/ServerURL before continuing..." | |
| Write-Host | |
| Write-Host "Select options from menu for debugging and configuration" | |
| Write-Host | |
| pause | |
| function Show-Menu { | |
| $host.ui.RawUI.ForegroundColor = "Yellow" | |
| Clear-Host | |
| Write-Host "Tailscale Debugging Main Menu" | |
| Write-Host "------------------------------" | |
| Write-Host "[1] - Check the status" | |
| Write-Host "[2] - Check DERP servers" | |
| Write-Host "[3] - PreAuth Login" | |
| Write-Host "[4] - Active Directory Login" | |
| Write-Host "[5] - Manually Login" | |
| Write-Host "[6] - Logout of Tailscale" | |
| Write-Host "[7] - Killall Tailscale" | |
| Write-Host | |
| Write-Host "[S] - NTAUTHORITY\System Shell" | |
| Write-Host "[A] - Advanced" | |
| Write-Host "[E] - Exit" | |
| Write-Host | |
| $host.ui.RawUI.ForegroundColor = "Green" | |
| } | |
| function Show-ADMenu { | |
| $host.ui.RawUI.ForegroundColor = "Yellow" | |
| Clear-Host | |
| Write-Host "Tailscale Advanced Debugging Menu" | |
| Write-Host "----------------------------------" | |
| Write-Host "[1] - Print current host info" | |
| Write-Host "[2] - Print current preferences" | |
| Write-Host "[3] - Print current control knobs" | |
| Write-Host "[4] - Print current local api access" | |
| Write-Host "[5] - Print current network map" | |
| Write-Host "[6] - Print current derp map" | |
| Write-Host "[7] - Print current port map" | |
| Write-Host "[8] - Reload current config" | |
| Write-Host "[9] - Force update netmap" | |
| Write-Host | |
| Write-Host "[C] - Capture a .pcap" | |
| Write-Host "[S] - NTAUTHORITY\System Shell" | |
| Write-Host "[R] - Return to main menu" | |
| Write-Host "[E] - Exit" | |
| Write-Host | |
| $host.ui.RawUI.ForegroundColor = "Green" | |
| } | |
| do { | |
| Show-Menu | |
| $choice = Read-Host "Enter your choice" | |
| switch ($choice) { | |
| '1' { | |
| Write-Host | |
| Write-Host "Executing tailscale status" | |
| sleep 1 | |
| Write-Host | |
| tailscale status | |
| Write-Host | |
| } | |
| '2' { | |
| Write-Host | |
| Write-Host "Executing tailscale netcheck" | |
| sleep 1 | |
| Write-Host | |
| tailscale netcheck 2>&1 | Select-String -NotMatch "System.Management.Automation.RemoteException" | Write-Host | |
| Write-Host | |
| } | |
| '3' { | |
| Write-Host | |
| Write-Host "Executing tailscale preauth..." | |
| sleep 1 | |
| Write-Host | |
| clear | |
| Write-Host "This is your Current Control Server URL:" | |
| $loginserver = (Get-ItemProperty -Path "HKLM:\Software\NETLABWORK\TSLOGIN" -Name tsLoginUrl |% tsLoginUrl) | |
| Write-Host "$loginserver" | |
| Write-Host | |
| $PreAuthKey = Read-Host -Prompt "Enter the generated pre-authorization key" | |
| tailscale logout | |
| tailscale up --reset --authkey=$PreAuthKey --timeout=180s --unattended | |
| Write-Host | |
| } | |
| '4' { | |
| Write-Host | |
| Write-Host "Executing tailscale AD preauth..." | |
| sleep 1 | |
| Write-Host | |
| clear | |
| $loginserver = (Get-ItemProperty -Path "HKLM:\Software\NETLABWORK\TSLOGIN" -Name tsLoginUrl |% tsLoginUrl) | |
| $PreAuthKey = (Get-Attributes tspreauthkey) | |
| Write-Host "Current Server URL: $loginserver" | |
| if ($PreAuthKey -eq $null) { | |
| Write-Host "No PreAuth Key found..." | |
| break | |
| } | |
| Write-Host "Current PreAuth Key: $PreAuthKey" | |
| Write-Host | |
| pause | |
| Write-Host | |
| tailscale logout | |
| tailscale up --reset --authkey=$PreAuthKey --timeout=180s --unattended | |
| Write-Host | |
| } | |
| '5' { | |
| Write-Host | |
| Write-Host "Executing manual tailscale login..." | |
| sleep 1 | |
| Write-Host | |
| clear | |
| Write-Host "After visiting the URL, run the command it provides on you Headscale control servers CLI interface to authorize..." | |
| Write-Host | |
| tailscale logout | |
| tailscale up --reset --timeout=180s --unattended 2>&1 | Select-String -NotMatch "System.Management.Automation.RemoteException" | Write-Host | |
| Write-Host | |
| } | |
| '6' { | |
| Write-Host | |
| Write-Host "Executing tailscale logout..." | |
| sleep 1 | |
| Write-Host | |
| clear | |
| tailscale logout | |
| Write-Host | |
| } | |
| '7' { | |
| Write-Host | |
| Write-Host "Killing tailscale services and executables..." | |
| sleep 1 | |
| Write-Host | |
| clear | |
| Get-Process -Name tailscale* | Stop-Process -Force | |
| } | |
| 'S' { | |
| Write-Host | |
| Write-Host "Executing NTAUTHORITY\SYSTEM shell..." | |
| sleep 1 | |
| Write-Host | |
| clear | |
| Start-Process Powershell.exe | |
| exit 0 | |
| } | |
| 'A' { | |
| Write-Host | |
| Write-Host "Entering advanced menu..." | |
| sleep 1 | |
| do { | |
| Show-ADMenu | |
| $choice = Read-Host "Enter your choice" | |
| switch ($choice) { | |
| '1' { | |
| Write-Host | |
| Write-Host "Executing 'tailscale debug hostinfo'..." | |
| sleep 1 | |
| clear | |
| Write-Host "Current host info json:" | |
| Write-Host | |
| tailscale debug hostinfo 2>&1 | Select-String -NotMatch "System.Management.Automation.RemoteException" | Write-Host | |
| Write-Host | |
| } | |
| '2' { | |
| Write-Host | |
| Write-Host "Executing 'tailscale debug prefs'..." | |
| sleep 1 | |
| clear | |
| Write-Host "Current preferences json:" | |
| Write-Host | |
| tailscale debug prefs 2>&1 | Select-String -NotMatch "System.Management.Automation.RemoteException" | Write-Host | |
| Write-Host | |
| } | |
| '3' { | |
| Write-Host | |
| Write-Host "Executing 'tailscale control-knobs'..." | |
| sleep 1 | |
| clear | |
| Write-Host "Current control knobs json:" | |
| Write-Host | |
| tailscale debug control-knobs 2>&1 | Select-String -NotMatch "System.Management.Automation.RemoteException" | Write-Host | |
| Write-Host | |
| } | |
| '4' { | |
| Write-Host | |
| Write-Host "Executing 'tailscale local-creds'..." | |
| sleep 1 | |
| clear | |
| Write-Host "Current local creds json:" | |
| Write-Host | |
| tailscale debug local-creds 2>&1 | Select-String -NotMatch "System.Management.Automation.RemoteException" | Write-Host | |
| Write-Host | |
| } | |
| '5' { | |
| Write-Host | |
| Write-Host "Executing 'tailscale debug netmap'..." | |
| sleep 1 | |
| clear | |
| Write-Host "Current net mappings json:" | |
| Write-Host | |
| tailscale debug netmap 2>&1 | Select-String -NotMatch "System.Management.Automation.RemoteException" | Write-Host | |
| Write-Host | |
| } | |
| '6' { | |
| Write-Host | |
| Write-Host "Executing 'tailscale debug derp-map'..." | |
| sleep 1 | |
| clear | |
| Write-Host "Current derp mappings json:" | |
| Write-Host | |
| tailscale debug derp-map 2>&1 | Select-String -NotMatch "System.Management.Automation.RemoteException" | Write-Host | |
| Write-Host | |
| } | |
| '7' { | |
| Write-Host | |
| Write-Host "Executing 'tailscale debug portmap'..." | |
| sleep 1 | |
| clear | |
| Write-Host "Current port mappings json:" | |
| Write-Host | |
| tailscale debug portmap 2>&1 | Select-String -NotMatch "System.Management.Automation.RemoteException" | Write-Host | |
| Write-Host | |
| } | |
| '8' { | |
| Write-Host | |
| Write-Host "Executing 'tailscale debug reload-config'..." | |
| sleep 1 | |
| clear | |
| Write-Host "Reloading configuration:" | |
| Write-Host | |
| tailscale debug reload-config 2>&1 | Select-String -NotMatch "System.Management.Automation.RemoteException" | Write-Host | |
| Write-Host | |
| } | |
| '9' { | |
| Write-Host | |
| Write-Host "Executing 'tailscale debug force-netmap-update'..." | |
| sleep 1 | |
| clear | |
| Write-Host "Forcing netmap update:" | |
| Write-Host | |
| tailscale debug force-netmap-update 2>&1 | Select-String -NotMatch "System.Management.Automation.RemoteException" | Write-Host | |
| Write-Host | |
| } | |
| 'C' { | |
| Write-Host | |
| Write-Host "Capturing a pcap..." | |
| sleep 1 | |
| clear | |
| tailscale debug capture | |
| } | |
| 'S' { | |
| Write-Host | |
| Write-Host "Executing NTAUTHORITY\SYSTEM shell..." | |
| sleep 1 | |
| Write-Host | |
| clear | |
| Start-Process Powershell.exe | |
| exit 0 | |
| } | |
| 'R' { | |
| Write-Host | |
| Write-Host "Returning to main menu..." | |
| sleep 1 | |
| clear | |
| Show-Menu | |
| } | |
| 'E' { | |
| Write-Host | |
| Write-Host "Exiting..." | |
| sleep 1 | |
| exit 0 | |
| } | |
| default { | |
| Write-Host "Invalid choice." | |
| } | |
| } | |
| Write-Host "Press Enter to continue..." | |
| Read-Host | |
| } until ($choice -eq 'R') | |
| } | |
| 'E' { | |
| Write-Host "Exiting..." | |
| exit | |
| } | |
| default { | |
| Write-Host "Invalid choice" | |
| } | |
| } | |
| Pause | |
| } while ($choice -ne 'E') | |
| $host.ui.RawUI.ForegroundColor = "Yellow" | |
| Write-Host | |
| $host.ui.RawUI.ForegroundColor = "Green" | |
| Write-Host | |
| $host.ui.RawUI.ForegroundColor = "Green" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment