Powershell: Difference between revisions

From WikiWiki
Jump to navigation Jump to search
No edit summary   (change visibility)
No edit summary   (change visibility)
Line 13: Line 13:


Start-Process PowerShell –Verb RunAs
Start-Process PowerShell –Verb RunAs
 
<syntaxhighlight lang="powershell">
# Get the ID and security principal of the current user account
$myWindowsID=[System.Security.Principal.WindowsIdentity]::GetCurrent()
$myWindowsPrincipal=new-object System.Security.Principal.WindowsPrincipal($myWindowsID)
# Get the security principal for the Administrator role
$adminRole=[System.Security.Principal.WindowsBuiltInRole]::Administrator
# Check to see if we are currently running "as Administrator"
if ($myWindowsPrincipal.IsInRole($adminRole))
  {
  # We are running "as Administrator" - so change the title and background color to indicate this
  $Host.UI.RawUI.WindowTitle = $myInvocation.MyCommand.Definition + "(Elevated)"
  $Host.UI.RawUI.BackgroundColor = "DarkBlue"
  clear-host
  }
else
  {
  # We are not running "as Administrator" - so relaunch as administrator
 
  # Create a new process object that starts PowerShell
  $newProcess = new-object System.Diagnostics.ProcessStartInfo "PowerShell";
 
  # Specify the current script path and name as a parameter
  $newProcess.Arguments = $myInvocation.MyCommand.Definition;
 
  # Indicate that the process should be elevated
  $newProcess.Verb = "runas";
 
  # Start the new process
  [System.Diagnostics.Process]::Start($newProcess);
 
  # Exit from the current, unelevated, process
  exit
  }
# Run your code that needs to be elevated here
Write-Host -NoNewLine "Press any key to continue..."
$null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
</syntaxhighlight>




Revision as of 14:57, 21 November 2013

  • get-help
  • get-command
  • get-module
  • $PSVersionTable.psversion
  • get-history
  • get-process | get-member
  • Get-Host
  • $psversiontable
  • Get-ChildItem Env:


self elevate

Start-Process PowerShell –Verb RunAs 

# Get the ID and security principal of the current user account
$myWindowsID=[System.Security.Principal.WindowsIdentity]::GetCurrent()
$myWindowsPrincipal=new-object System.Security.Principal.WindowsPrincipal($myWindowsID)
 
# Get the security principal for the Administrator role
$adminRole=[System.Security.Principal.WindowsBuiltInRole]::Administrator
 
# Check to see if we are currently running "as Administrator"
if ($myWindowsPrincipal.IsInRole($adminRole))
   {
   # We are running "as Administrator" - so change the title and background color to indicate this
   $Host.UI.RawUI.WindowTitle = $myInvocation.MyCommand.Definition + "(Elevated)"
   $Host.UI.RawUI.BackgroundColor = "DarkBlue"
   clear-host
   }
else
   {
   # We are not running "as Administrator" - so relaunch as administrator
   
   # Create a new process object that starts PowerShell
   $newProcess = new-object System.Diagnostics.ProcessStartInfo "PowerShell";
   
   # Specify the current script path and name as a parameter
   $newProcess.Arguments = $myInvocation.MyCommand.Definition;
   
   # Indicate that the process should be elevated
   $newProcess.Verb = "runas";
   
   # Start the new process
   [System.Diagnostics.Process]::Start($newProcess);
   
   # Exit from the current, unelevated, process
   exit
   }
 
# Run your code that needs to be elevated here
Write-Host -NoNewLine "Press any key to continue..."
$null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")


check authenticity of process

PS C:\WINDOWS\system32> (get-process svchost | select-object path).path | Get-AuthenticodeSignature


    Directory: C:\WINDOWS\system32


SignerCertificate                         Status                                 Path
-----------------                         ------                                 ----
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe


#get info about domain
get-addomain
Retrieved from "https://mendelonline.be/wiki/index.php?title=Powershell&oldid=25"