Tohuwabohu excorcism

User Tools

Site Tools

Trace: yarn
programming:powershell

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
programming:powershell [2023/11/01 07:31] – removed - external edit (Unknown date) 127.0.0.1programming:powershell [2023/11/01 07:31] (current) – ↷ Page moved from camunda:programming:powershell to programming:powershell skipidar
Line 1: Line 1:
 +===== Powershell =====
  
 +==== Execution of Powershell Scripts ====
 +Execution of *.ps1  files by doubleclicking is forbidden on default. \\
 +There are sevaral ways to still execute Scripts, e.g. by starting a **powerShell** with the script as command parameter
 +
 +There is a detailed describtion of that https://blog.netspi.com/15-ways-to-bypass-the-powershell-execution-policy/
 +
 +
 +==== Execution scope in powershell ====
 +The scope in which powershell variables are visible: http://technet.microsoft.com/en-us/library/hh847849.aspx
 +==== Policy ====
 +
 +<code>Get-ExecutionPolicy -List | Format-Table -AutoSize</code>
 +
 +The execution policies you can use are:
 +
 +  * Restricted - Scripts won’t run.
 +  * **RemoteSigned** - Scripts created locally will run, but those downloaded from the Internet will not (unless they are digitally signed by a trusted publisher).
 +  * AllSigned - Scripts will run only if they have been signed by a trusted publisher.
 +  * Unrestricted - Scripts will run regardless of where they have come from and whether they are signed.
 +  * You can set PowerShell’s execution policy by using the following cmdlet:
 +
 +<code>Set-ExecutionPolicy <policy name></code>
 +
 +
 +==== Execution of commands on remote PCs ====
 +
 +Remote execution of Scripts via powershell is described here: https://www.opswat.com/blog/powershell-vs-psexec-remote-command-execution
 +
 +  - <WRAP> On the remote machine, enable remote commands
 +<code>
 +PS C:\Windows\system32> Enable-PSRemoting -force
 +</code>
 +</WRAP>
 +  - <WRAP> On a local machine, add remote system to the trusted list
 +<code>
 +C:\Windows\system32> Set-Item wsman:\localhost\Client\TrustedHosts -value 10.0.X.X
 +</code>
 +</WRAP>
 +  - <WRAP> On a local machine, set the execution policy to remote signed
 +<code>
 +PS C:\Windows\system32> Set-ExecutionPolicy RemoteSigned
 +</code>
 +</WRAP>
 +  - <WRAP> Execute Scripts on the remote machine 
 +<code>
 +PS C:\Windows\system32> invoke-command -computername YOURNAMEHERE -scriptblock {echo "Test" > D:\tmp\1Remote\testRemote.txt}
 +</code>
 +</WRAP>
 +  - <WRAP> Execute Script file on remote pc and log to *.txt
 +<code>
 +PS C:\Windows\system32> invoke-command -computername ANB13010 -scriptblock {powershell -File D:\script.ps1 > D:\logs.txt}
 +</code>
 +</WRAP>
 +
 +
 +Executing with autehntification:
 +
 +<code>
 +$username = 'your-domain.com\username'
 +$password = 'yourpassword'
 +
 +$cred = New-Object System.Management.Automation.PSCredential -ArgumentList @($username,(ConvertTo-SecureString -String $password -AsPlainText -Force))
 +
 +invoke-command -computername ANB13010 -Credential $cred -Authentication CredSSP -scriptblock {powershell -File D:\script.ps1 > D:\logs.txt} | Write-Host
 +</code>
 +
 +
 +== ACHTUNG: Powershell is not able to execute interactive processes ==
 +As stated here: http://stackoverflow.com/questions/6178437/start-remote-process-within-the-context
 +
 +You cannot start interactive processes using WMI or PowerSHell remoting. This is a security limitation/feature. You need to use PSExec if you want to start remote interactive processes.
 +
 +You can use PSExec tool for that, available here http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
 +<code>
 +# WORKS!
 +
 +$remoteMachine = 'PCNAMEHERE'
 +$username = 'your.domain.com\usernamehere'
 +$password = 'passwordhere'
 +
 +D:\Temp\22symantec\PsExec.exe \\$remoteMachine -u $username -p $password  /accepteula -d cmd /c "powershell -noninteractive D:\path\to\script\scriptname.ps1"
 +
 +</code>
 +
 +==== Executing Executables ====
 +
 +Just write the .exe  down with the parameters or use the call operator **&**
 +
 +Details are here http://social.technet.microsoft.com/wiki/contents/articles/7703.powershell-running-executables.aspx
 +
 +
 +==== Second Hop Problem ====
 +
 +When executing commands on foreign computer B - B will not be able to access another computer C via Network. \\
 +This happens because B can not pass the creadentials further to another PCs on default.
 +
 +You can bypass this problem by giving B this ability.
 +
 +== 1) Execute on local PC - the first PC in a row. This PC will call invoke-command. Here its name is a-pc-p31dash01 == 
 +<code>
 +#Erlauben die Powershell Skripte auszufuhren
 +Set-ExecutionPolicy RemoteSigned 
 +
 +#workaround second-hop um auf Netzfreigaben zu zugreifen http://technet.microsoft.com/en-us/magazine/jj853299.aspx
 +Enable-WSManCredSSP –Role client –DelegateComputer * -force
 +
 +# trust the deployment machine
 +Set-Item wsman:\localhost\Client\TrustedHosts -value ANB13010
 +Set-Item wsman:\localhost\Client\TrustedHosts -value 192.168.51.116
 +</code>
 +
 +
 +== 2) Execute on remote PC B. On this PC the commands will be executed remotely. Here it's name is ANB13010 == 
 +<code>
 +#Erlauben die Powershell Skripte auszufuhren
 +Set-ExecutionPolicy RemoteSigned 
 +
 +#erlaube den remote Zugriff via Skripte
 +Enable-PSRemoting -force
 +
 +#workaround second-hop um auf Netzfreigaben zu zugreifen http://technet.microsoft.com/en-us/magazine/jj853299.aspx
 +Enable-WSManCredSSP –Role server -force
 +
 +#fuge die BuildSlaves zu TrustedHosts hinzu
 +Set-Item wsman:\localhost\Client\TrustedHosts -value a-pc-p31dash01
 +Set-Item wsman:\localhost\Client\TrustedHosts -value 192.168.51.116
 +</code>
 +
 +== 3) Now execute remote commands with request to Network PCs. here it happens on a-pc-p31dash01 == 
 +You can invoke commands on foreign PCs as following. The following command can be called from PC A \\
 +to be executed on PC B with name ANB13010 \\
 +in order to list files on network share on PC C with ip 192.168.51.116
 +<code>
 +
 +$username = 'my-domain.com\username'
 +$password = 'password'
 +
 +$cred = New-Object System.Management.Automation.PSCredential -ArgumentList @($username,(ConvertTo-SecureString -String $password -AsPlainText -Force))
 +
 +invoke-command -computername ANB13010 -Credential $cred -Authentication CredSSP -scriptblock { Get-ChildItem -Path \\192.168.51.116\networkShare | echo}
 +</code>
 +
 +
 +==== API ====
 +
 +=== Replacement in Files using regex===
 +<code>
 +(Get-Content c:\temp\replace\tnsnames.txt) `
 +    -replace 'HOST=.*?\)', 'HOST=MyHost)' |
 +  Out-File c:\temp\replace\tnsnames.txt
 +</code>