-
-
Save cossinadevil2k/f37f520b8c3923b012aab3c9a5cf932f to your computer and use it in GitHub Desktop.
Revisions
-
MHaggis revised this gist
Sep 3, 2024 . 1 changed file with 27 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,6 +2,7 @@ Ref: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a ### PowerShell: ``` # PrivCheck if (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { @@ -38,4 +39,30 @@ Add-PswaAuthorizationRule -UserName * -ComputerName * -ConfigurationName * Write-Host "PowerShell Web Access has been enabled and configured." -ForegroundColor Green Write-Host "Warning: This configuration allows all users to access all computers. Please adjust the authorization rules for your specific security requirements." -ForegroundColor Yellow ``` ### Cmd ``` @echo off setlocal :: Check for admin privileges net session >nul 2>&1 if %errorLevel% neq 0 ( echo Please run this script as an Administrator! exit /b 1 ) dism /online /enable-feature /featurename:WindowsPowerShellWebAccess /all dism /online /enable-feature /featurename:IIS-WebServerRole /all powershell -Command "& {Install-PswaWebApplication -UseTestCertificate}" powershell -Command "& {Add-PswaAuthorizationRule -UserName * -ComputerName * -ConfigurationName *}" echo PowerShell Web Access has been enabled and configured. echo Warning: This configuration allows all users to access all computers. Please adjust the authorization rules for your specific security requirements. ``` -
Sep 3, 2024 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,41 @@ # Enable PowerShell Web Access like an APT Ref: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a ``` # PrivCheck if (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { Write-Warning "Please run this script as an Administrator!" Exit } # Install Windows PowerShell Web Access feature try { Install-WindowsFeature -Name WindowsPowerShellWebAccess -IncludeManagementTools Write-Host "Windows PowerShell Web Access feature installed successfully." -ForegroundColor Green } catch { Write-Error "Failed to install Windows PowerShell Web Access feature: $_" Exit } # Install and configure IIS if not already installed if (!(Get-WindowsFeature Web-Server).Installed) { Install-WindowsFeature -Name Web-Server -IncludeManagementTools Write-Host "IIS installed successfully." -ForegroundColor Green } # Configure PowerShell Web Access gateway try { Install-PswaWebApplication -UseTestCertificate Write-Host "PowerShell Web Access gateway configured successfully." -ForegroundColor Green } catch { Write-Error "Failed to configure PowerShell Web Access gateway: $_" Exit } # Add a rule to allow all users to access all computers Add-PswaAuthorizationRule -UserName * -ComputerName * -ConfigurationName * Write-Host "PowerShell Web Access has been enabled and configured." -ForegroundColor Green Write-Host "Warning: This configuration allows all users to access all computers. Please adjust the authorization rules for your specific security requirements." -ForegroundColor Yellow ```