CodeChunkyMonkeyZ:
I have a security+ certification and 23+ years in IT/IS professionally, 35 years total.
That screenshot CMZ posted is a script to disable security features on windows and apply an unsecure "group policy" to the windows system that 'dehardens" it (eg: removes security settingSs) — included is a setting that exposes remote logon and file sharing vulterabilities by removing certificate-validation (untrusted logon sources) for file-share, remote-desktop and remote administration (RPC). This setting is ONLY needed for network connected systems - and, the setting itself creates a system vulnerability highly targeted by hackers for remote exploits (rootkits, code execution, machine reconfiguration, file sharing access, etc) It then stops and starts sql server.
The group policy file referenced is unknown (eg: no sample provided by CMZ), but based on the script ffile comments it likely does other things that remove security features.
@CodeMonkeyZ feel free to DM me if you need any more information - I saw your magnet links and could analyze it further if needed. I have strong credentials, re: long-time big-tech, government and private-sector tech who is in the top 1% of the field. This includes experience with content-moderation systems and how the platforms use them.
I can also tell you that considering machine configurations are included with "certified" election systems, that running this would contramand that regulatory requirement (no config changes without audit trail and oversight) and unless those scripts / components are listed in the certification as "allowed, for approved maintenance operations" they are rogue and their presence (even absent execution) would decertify the system.
https://t.me/CodeMonkeyZ/1122