@echo off
title TITAN VPN - DNS Leak Fix + Keeper (Korea Geo)
net session >nul 2>&1
if %errorlevel% neq 0 (
    echo Requesting administrator permission... Please click YES on the popup.
    powershell -NoProfile -Command "Start-Process -FilePath '%~f0' -Verb RunAs"
    exit /b
)
echo ============================================================
echo    TITAN VPN   DNS Leak Fix + Auto-Keeper
echo ============================================================
echo.
echo [1/5] Block multi-homed DNS leak
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" /v DisableSmartNameResolution /t REG_DWORD /d 1 /f >nul 2>&1
reg add "HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters" /v DisableParallelAandAAAA /t REG_DWORD /d 1 /f >nul 2>&1
echo       done.
echo.
echo [2/5] Force browser Secure DNS ^(DoH^) OFF - Chrome / Edge
reg add "HKLM\SOFTWARE\Policies\Google\Chrome" /v DnsOverHttpsMode /t REG_SZ /d off /f >nul 2>&1
reg add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v DnsOverHttpsMode /t REG_SZ /d off /f >nul 2>&1
echo       done.
echo.
echo [3/5] Install DNS Keeper ^(keeps Korea DNS while VPN on, auto-revert when off^)
powershell -NoProfile -Command "[Net.ServicePointManager]::SecurityProtocol=[Net.SecurityProtocolType]::Tls12; New-Item -ItemType Directory -Force 'C:\ProgramData\UTO' | Out-Null; Invoke-WebRequest -UseBasicParsing -Uri 'https://titan.jobjapan.com/upload/download/dns_keeper.ps1' -OutFile 'C:\ProgramData\UTO\dns_keeper.ps1'"
if exist "C:\ProgramData\UTO\dns_keeper.ps1" (echo       downloaded.) else (echo       [WARN] keeper download failed - connect internet and re-run.)
echo.
echo [4/5] Create + start background keeper task ^(re-checks every 20s^)
schtasks /delete /tn "UTO-DNS-Keeper" /f >nul 2>&1
schtasks /create /tn "UTO-DNS-Keeper" /tr "powershell -NoProfile -WindowStyle Hidden -ExecutionPolicy Bypass -File C:\ProgramData\UTO\dns_keeper.ps1" /sc onstart /ru SYSTEM /rl HIGHEST /f >nul 2>&1
schtasks /run /tn "UTO-DNS-Keeper" >nul 2>&1
echo       keeper running.
echo.
echo [5/5] Flush DNS cache
ipconfig /flushdns >nul 2>&1
echo       done.
echo.
echo ============================================================
echo    VERIFY / self-check ^(connect VPN first, wait ~5s^)
echo ============================================================
powershell -NoProfile -Command "$ErrorActionPreference='SilentlyContinue'; Start-Sleep 4; $KR=@('164.124.101.2','203.248.252.2'); $bad=$false; foreach($a in (Get-NetAdapter -Physical | Where-Object {$_.Status -eq 'Up'})){$d=(Get-DnsClientServerAddress -InterfaceIndex $a.ifIndex -AddressFamily IPv4).ServerAddresses; Write-Host ('  '+$a.Name+' DNS = '+($d -join ', ')); foreach($x in $d){if($KR -notcontains $x){$bad=$true}}}; $t=schtasks /query /tn 'UTO-DNS-Keeper' 2>$null; if($LASTEXITCODE -eq 0){Write-Host '[OK]  keeper task installed'}else{Write-Host '[WARN] keeper task missing'}; try{$ip=(Resolve-DnsName whoami.akamai.net -Type A -DnsOnly -EA Stop | Where-Object {$_.IPAddress} | Select-Object -First 1).IPAddress; $g=((Invoke-RestMethod ('http://ip-api.com/line/'+$ip+'?fields=countryCode,country,isp') -TimeoutSec 8) -split [char]10); Write-Host ('  DNS egress: '+$ip+'  '+$g[0].Trim()+' ('+$g[2].Trim()+')'); if($g[0].Trim() -eq 'KR'){Write-Host '[OK]  DNS egress = KOREA. Clean for Coupang!'}else{Write-Host ('[WARN] DNS egress = '+$g[0].Trim()+' - connect VPN and wait 20s')}}catch{Write-Host '[SKIP] egress test - connect VPN then re-check'}"
echo.
echo ============================================================
echo   Keeper installed. While VPN is ON, DNS stays KOREA (auto).
echo   When VPN is OFF, DNS auto-restores (China sites work).
echo   Re-test: browserleaks.com/dns  (should show only Korea)
echo   To remove: schtasks /delete /tn UTO-DNS-Keeper /f
echo ============================================================
echo.
pause
