Powershell: Difference between revisions
Jump to navigation
Jump to search
No edit summary (change visibility) |
No edit summary (change visibility) |
||
Line 13: | Line 13: | ||
Start-Process PowerShell –Verb RunAs | Start-Process PowerShell –Verb RunAs | ||
<syntaxhighlight lang="powershell"> | |||
# Get the ID and security principal of the current user account | |||
$myWindowsID=[System.Security.Principal.WindowsIdentity]::GetCurrent() | |||
$myWindowsPrincipal=new-object System.Security.Principal.WindowsPrincipal($myWindowsID) | |||
# Get the security principal for the Administrator role | |||
$adminRole=[System.Security.Principal.WindowsBuiltInRole]::Administrator | |||
# Check to see if we are currently running "as Administrator" | |||
if ($myWindowsPrincipal.IsInRole($adminRole)) | |||
{ | |||
# We are running "as Administrator" - so change the title and background color to indicate this | |||
$Host.UI.RawUI.WindowTitle = $myInvocation.MyCommand.Definition + "(Elevated)" | |||
$Host.UI.RawUI.BackgroundColor = "DarkBlue" | |||
clear-host | |||
} | |||
else | |||
{ | |||
# We are not running "as Administrator" - so relaunch as administrator | |||
# Create a new process object that starts PowerShell | |||
$newProcess = new-object System.Diagnostics.ProcessStartInfo "PowerShell"; | |||
# Specify the current script path and name as a parameter | |||
$newProcess.Arguments = $myInvocation.MyCommand.Definition; | |||
# Indicate that the process should be elevated | |||
$newProcess.Verb = "runas"; | |||
# Start the new process | |||
[System.Diagnostics.Process]::Start($newProcess); | |||
# Exit from the current, unelevated, process | |||
exit | |||
} | |||
# Run your code that needs to be elevated here | |||
Write-Host -NoNewLine "Press any key to continue..." | |||
$null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") | |||
</syntaxhighlight> | |||
Revision as of 14:57, 21 November 2013
- get-help
- get-command
- get-module
- $PSVersionTable.psversion
- get-history
- get-process | get-member
- Get-Host
- $psversiontable
- Get-ChildItem Env:
self elevate
Start-Process PowerShell –Verb RunAs
# Get the ID and security principal of the current user account
$myWindowsID=[System.Security.Principal.WindowsIdentity]::GetCurrent()
$myWindowsPrincipal=new-object System.Security.Principal.WindowsPrincipal($myWindowsID)
# Get the security principal for the Administrator role
$adminRole=[System.Security.Principal.WindowsBuiltInRole]::Administrator
# Check to see if we are currently running "as Administrator"
if ($myWindowsPrincipal.IsInRole($adminRole))
{
# We are running "as Administrator" - so change the title and background color to indicate this
$Host.UI.RawUI.WindowTitle = $myInvocation.MyCommand.Definition + "(Elevated)"
$Host.UI.RawUI.BackgroundColor = "DarkBlue"
clear-host
}
else
{
# We are not running "as Administrator" - so relaunch as administrator
# Create a new process object that starts PowerShell
$newProcess = new-object System.Diagnostics.ProcessStartInfo "PowerShell";
# Specify the current script path and name as a parameter
$newProcess.Arguments = $myInvocation.MyCommand.Definition;
# Indicate that the process should be elevated
$newProcess.Verb = "runas";
# Start the new process
[System.Diagnostics.Process]::Start($newProcess);
# Exit from the current, unelevated, process
exit
}
# Run your code that needs to be elevated here
Write-Host -NoNewLine "Press any key to continue..."
$null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
check authenticity of process
PS C:\WINDOWS\system32> (get-process svchost | select-object path).path | Get-AuthenticodeSignature
Directory: C:\WINDOWS\system32
SignerCertificate Status Path
----------------- ------ ----
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA Valid svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA Valid svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA Valid svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA Valid svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA Valid svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA Valid svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA Valid svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA Valid svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA Valid svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA Valid svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA Valid svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA Valid svchost.exe
#get info about domain
get-addomain