software:powershell
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
software:powershell [2013/02/24 15:50] – superwizard | software:powershell [2020/07/19 18:13] (current) – [Set-ExecutionPolicy so Powershell is useable] superwizard | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Set-ExecutionPolicy so Powershell is useable ====== | ||
+ | |||
+ | <WRAP center round box > | ||
+ | 2020-07-19 | ||
+ | |||
+ | -ExecutionPolicy | ||
+ | Specifies the execution policy. If there are no Group Policies and each scope' | ||
+ | The acceptable execution policy values are as follows: | ||
+ | • AllSigned. Requires that all scripts and configuration files are signed by a trusted publisher, including scripts written on the local computer. | ||
+ | • Bypass. Nothing is blocked and there are no warnings or prompts. | ||
+ | • Default. Sets the default execution policy. Restricted for Windows clients or RemoteSigned for Windows servers. | ||
+ | • RemoteSigned. Requires that all scripts and configuration files downloaded from the Internet are signed by a trusted publisher. The default execution policy for Windows server computers. | ||
+ | • Restricted. Doesn' | ||
+ | • Undefined. No execution policy is set for the scope. Removes an assigned execution policy from a scope that is not set by a Group Policy. If the execution policy in all scopes is Undefined, the effective execution policy is Restricted. | ||
+ | • Unrestricted. Loads all configuration files and runs all scripts. If you run an unsigned script that was downloaded from the Internet, you are prompted for permission before it runs. | ||
+ | |||
+ | Set-ExecutionPolicy -ExecutionPolicy ByPass | ||
+ | |||
+ | |||
+ | </ | ||
+ | From < | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | ====== Set-ExecutionPolicy and About Signing ====== | ||
+ | |||
+ | From: https:// | ||
+ | |||
+ | From: https:// | ||
+ | |||
+ | < | ||
+ | The Set-ExecutionPolicy cmdlet changes the user preference for the Windows PowerShell execution policy. | ||
+ | |||
+ | The Restricted execution policy does not permit any scripts to run. The AllSigned and RemoteSigned | ||
+ | execution policies prevent Windows PowerShell from running scripts that do not have a digital | ||
+ | signature.+ | ||
+ | This topic explains how to run selected scripts that are not signed, even while the execution | ||
+ | policy is RemoteSigned, | ||
+ | </ | ||
+ | |||
====== Commands ====== | ====== Commands ====== | ||
Line 4: | Line 46: | ||
Get-ExecutionPolicy | Get-ExecutionPolicy | ||
+ | |||
+ | http:// | ||
Set-ExecutionPolicy RemoteSigned | Set-ExecutionPolicy RemoteSigned | ||
+ | |||
& "C:\My Scripts\Test.ps1" | & "C:\My Scripts\Test.ps1" | ||
Line 11: | Line 56: | ||
Get-Service | Sort-Object Status | Format-Table | Get-Service | Sort-Object Status | Format-Table | ||
| | ||
+ | ====== Removing Security protected files from c:\ after infection of bProtector ====== | ||
+ | |||
+ | PowerShell Community Extensions (PSCX) | ||
+ | |||
+ | http:// | ||
+ | |||
+ | http:// | ||
| | ||
+ | Solution: | ||
+ | (First: Thanks to AlfredHall & Sheng Jiang for starting me in the right direction in their discussion here) | ||
+ | 0) Run PS as administrator if UAC is enabled. | ||
+ | 1) Use PSCX to elevate your privileges | ||
+ | Import-Module " | ||
+ | Set-Privilege (new-object Pscx.Interop.TokenPrivilege " | ||
+ | Set-Privilege (new-object Pscx.Interop.TokenPrivilege " | ||
+ | Set-Privilege (new-object Pscx.Interop.TokenPrivilege " | ||
+ | |||
+ | 2) Create a new, Owner-only ACL with only the Owner specified with the administrative group as the owner. | ||
+ | $blankdirAcl = New-Object System.Security.AccessControl.DirectorySecurity | ||
+ | $blankdirAcl.SetOwner([System.Security.Principal.NTAccount]' | ||
+ | 3) Use SetAccessControl to set that Owner. | ||
+ | (Get-Item " | ||
+ | 4) Modify File Permissions, | ||
+ | --------- | ||
+ | By using the new Owner-only ACL object and SetAccessControl, | ||
+ | |||
+ | In honor of Diana - goddess of the hunt - | ||
+ | |||
+ | Import-Module -Name " | ||
+ | Set-Privilege (new-object Pscx.Interop.TokenPrivilege " | ||
+ | Set-Privilege (new-object Pscx.Interop.TokenPrivilege " | ||
+ | Set-Privilege (new-object Pscx.Interop.TokenPrivilege " | ||
+ | | ||
+ | $blankdirAcl = New-Object System.Security.AccessControl.DirectorySecurity | ||
+ | $blankdirAcl.SetOwner([System.Security.Principal.NTAccount]' | ||
+ | | ||
+ | (Get-Item " | ||
+ | |||
+ | takeown /F " | ||
+ | | ||
+ | $Acl = Get-Acl " | ||
+ | $Ar = New-Object | ||
+ | $Acl.SetAccessRule($Ar) | ||
+ | Set-Acl " | ||
+ | | ||
+ | $Acl = Get-Acl " | ||
+ | $Ar = New-Object | ||
+ | $Acl.SetAccessRule($Ar) | ||
+ | Set-Acl " | ||
+ | | ||
+ | $Acl = Get-Acl " | ||
+ | $Ar = New-Object | ||
+ | $Acl.SetAccessRule($Ar) | ||
+ | Set-Acl " | ||
+ | | ||
+ | $Acl = Get-Acl " | ||
+ | $Ar = New-Object | ||
+ | $Acl.SetAccessRule($Ar) | ||
+ | Set-Acl " | ||
+ | | ||
+ | rmdir " | ||
+ | | ||
+ | Did it for one! | ||
+ | |||
+ | | ||
+ | Import-Module -Name " | ||
+ | Set-Privilege (new-object Pscx.Interop.TokenPrivilege " | ||
+ | Set-Privilege (new-object Pscx.Interop.TokenPrivilege " | ||
+ | Set-Privilege (new-object Pscx.Interop.TokenPrivilege " | ||
+ | | ||
+ | $blankdirAcl = New-Object System.Security.AccessControl.DirectorySecurity | ||
+ | $blankdirAcl.SetOwner([System.Security.Principal.NTAccount]' | ||
+ | $excluded = @(" | ||
+ | | ||
+ | $LockedDirs = Get-ChildItem $Directorypath -force -name -exclude $excluded # get all of the locked directories. | ||
+ | # | ||
+ | | ||
+ | Foreach ($Locked in $LockedDirs) { | ||
+ | $Locked | ||
+ | $FileName = " | ||
+ | $FileName | ||
+ | | ||
+ | (Get-Item $FileName).SetAccessControl($blankdirAcl) | ||
+ | | ||
+ | takeown /F $FileName /R /D Y | ||
+ | | ||
+ | $Acl = Get-Acl $FileName | ||
+ | $Ar = New-Object | ||
+ | $Acl.SetAccessRule($Ar) | ||
+ | Set-Acl $FileName $Acl | ||
+ | | ||
+ | $Acl = Get-Acl " | ||
+ | $Ar = New-Object | ||
+ | $Acl.SetAccessRule($Ar) | ||
+ | Set-Acl " | ||
+ | | ||
+ | $Acl = Get-Acl " | ||
+ | $Ar = New-Object | ||
+ | $Acl.SetAccessRule($Ar) | ||
+ | Set-Acl " | ||
+ | | ||
+ | $Acl = Get-Acl " | ||
+ | $Ar = New-Object | ||
+ | $Acl.SetAccessRule($Ar) | ||
+ | Set-Acl " | ||
+ | | ||
+ | rmdir $FileName | ||
+ | } | ||
+ | | ||
+ | Done! | ||
+ | |||
+ | |||
+ |
software/powershell.1361721052.txt.gz · Last modified: 2013/02/24 15:50 by superwizard