H4ck0 Blog
  • Welcome
  • Linux OS
    • Common Linux Command
    • Services Enumeration Commands
    • Linux Privilege Escalation
      • Elevating Priv with MSFConsole (Linux)
  • PowerShell
    • Administering Remote Computers
      • Installing Software
      • Network Settings
    • Active Directory Enumeration
      • LDAP Enumeration Strategy
        • HTB LDAP SKILLS ASSESMENT
    • Windows Automation [TBA]
    • PowerShell Scripting For MOCK
      • AD SCRIPT: Change Users Department
  • HackTheBox
    • Support
    • POP Restaurant
    • Netmon
  • TryHackMe
    • TShark Challenge II:Directory
  • Ludus Installation (GOAD-LIGHT)
  • INFORMATION GATHERING
    • Google Dorking
    • WhoIS Enumeration
    • Website Recon
    • Passive Information Gathering
Powered by GitBook
On this page
  1. PowerShell

Administering Remote Computers

Admin operations on remote computers using PowerShell

Find Command and Help Command

#Find command 

Get-Command -Module ChangeMe

#help Command

Help changeMe

Prior to any engagements ensure Remote Signed Policy is on

Set-ExecutionPolicy RemoteSigned

Enable Remote Incomming Connections

Enable-PSremoting

List the commands that contain session configuration

help *sessionconfiguration*

<# use code below to view the session configs of the PC#>

Get-PSSessionConfiguration

To establish a one-to-one connection to a PC 

Enter-PSSession -ComputerName "PC_NAME"

#Make the connection persistent
$sessionOption = New-PSSessionOption -IdleTimeout 86400  # Set an idle timeout of 24 hours (86400 seconds)
$PcConn  = New-PSSession –ComputerName 'PC_Here' -SessionOption $sessionOption

#To verify connectivity type the variable name and it will provide the connection session

$PcConn

To exit a session

Exit-PSSession

To run a command on remote computers by means of remoting and executing the command Get-NetAdapter : Note (Change the -ScriptBlock [theCommand you want executed])

Invoke-Command -ComputerName $pcConn -ScriptBlock {Get-NetAdapter -Physical}

View memebers of Get Process

Get-Process | Get-Member

Display list of modules for LON-DC1 & Search for available module 

Get-Module *StringHere* -ListAvailable

#Get Module with Session and a search pipe
    
Get-Module -ListAvailable -PSSession $(SessionName Variable from Persisten Connection)|Get-Module –ListAvailable –PSSession $dc |
Where { $_.Name –Like '*//ChangeMe*' }

Import Module & Check for Shares

Import-Module -PSSession $pcConn -Name SMBShare -Prefix DC

GET-DCSMBShare

Create a report with Windows Firewall Rules

3Find the command that displays firewall rules

Get-Command -Module NetSecurity

#To Display a list of enabled firewall rules on Computers

Invoke-Command -Session $pcConn -ScriptBlock {Get-NetFirewallRule -Enabled True | Select Name, PSComputerName}

List Local Hard Drives

Get-WmiObject -Class Win32_LogicalDisk -Filter "DriveType=3"

Producce HTML Report for Previous Command

Invoke-Command -Session $pcConn -ScriptBlock {Get-WmiObject -Class Win32_LogicalDisk -Filter "DriveType=3" | ConvertTo-HTML -Property PSComputerName,DeviceID,FreeSpace,Size}

Remove Session

Get-PSSession | Remove-PSSession

PreviousPowerShellNextInstalling Software

Last updated 1 year ago