Powershell

From WikiWiki
Revision as of 14:36, 21 November 2013 by Mendel (talk | contribs)
Jump to navigation Jump to search 


#check authenticity of process
PS C:\WINDOWS\system32> (get-process svchost | select-object path).path | Get-AuthenticodeSignature


    Directory: C:\WINDOWS\system32


SignerCertificate                         Status                                 Path
-----------------                         ------                                 ----
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe
9C4F3BDB96A8F46DB59EDBB7A65CC090841236AA  Valid                                  svchost.exe


#get info about domain
get-addomain
Retrieved from "https://mendelonline.be/wiki/index.php?title=Powershell&oldid=6"