Skip to content

Instantly share code, notes, and snippets.

mendel129

View GitHub Profile
View Microsoft.PowerShell_profile.ps1
# Mendel's PowerShell profile
# https://gist.github.com/mendel129/33bc020d25efd813950eabc56be373a9
set-alias -name npp 'C:\Program Files\Notepad++\notepad++.exe'
set-alias -name edit 'C:\Program Files\Notepad++\notepad++.exe'
set-alias -name notepad 'C:\Program Files\Notepad++\notepad++.exe'
set-alias -name wireshark "C:\Program Files\Wireshark\Wireshark.exe"
$profilepath = $env:USERPROFILE
@mendel129
mendel129 / csvto-tia
Last active Jan 4, 2018
Quick and dirty PowerShell interface for Cronos timesheets (imports data from csv)
View csvto-tia
#tSF for Cronos
#10 december 2014
#11/12/2014:added tSF production api key
#api overview in doc on https://timesheetservicetest.cronos.be/
#overview @ https://timesheettest.cronos.be
############################################################################
[CmdletBinding()]
Param(
# [Parameter(Mandatory=$True)]
View add-ntlmexception.ps1
# used together with the Windows security policy "Network security: Restricit NTLM.
# if all NTLM is blocked, a computer becomes pretty useless, so this script to create exceptions based on failed connections from the NTLM log
# Adds exception to Network security: Restricit NTLM: Add remote server exceptions for NTLM authentication
function add-ntlmexception
{
$event = Get-WinEvent -FilterHashTable @{LogName='Microsoft-Windows-NTLM/Operational'; ID = 4001} -maxevents 1
$newexception = ((([xml]$event.toxml()).Event.EventData.Data) | ?{$_.name -eq "targetname"}).'#text'
$regpath = "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0"
$regname = "clientallowedntlmservers"
$currentvalues = (Get-ItemProperty $regpath).$regname
@mendel129
mendel129 / set-certificate
Created Feb 22, 2017
Another quick and dirty PoC script to retreive a Let's Encrypt certificate and post it to Directadmin. Script receives token and uploads to FTP to verify domain ownership. Probably needs PowerShell 5.
View set-certificate
#import the ACMEsharp module - https://github.com/ebekker/ACMESharp
#more info: https://github.com/ebekker/ACMESharp/wiki/Quick-Start
import-module .\ACMESharp\ACMESharp.psd1
#set global variables
$date = "$(get-date -format yyyy-MM-dd--HH-mm)"
$dnsname1 = "dns1-$date"
$dnsname2 = "dns2-$date"
#DirectAdmin and FTP credentials
$Username = "fancyusername"
@mendel129
mendel129 / csvto-3dict
Last active Feb 22, 2017
Quick and dirty PowerShell interface to 3D-ICT timesheet application
View csvto-3dict
# get all mondays, wednesdays and fridays of december
[int]$Month = '12'
[int]$Year = '2015'
# days not worked in december
$exceptions = @(9,11,13)
$alldays = @()
0..31 | ForEach-Object -Process {
$evaldate = (Get-Date -Year $Year -Month $Month -Day 1).AddDays($_)
@mendel129
mendel129 / Manage-LocalAdmin.ps1
Last active Mar 7, 2016
Microsoft LAPS, https://support.microsoft.com/en-us/kb/3062591, doesn't handle user creation that well, and GPP is deprecated since ms14-025. Might get solved with startupscript (tested on win10)
View Manage-LocalAdmin.ps1
#Microsoft LAPS, https://support.microsoft.com/en-us/kb/3062591, doesn't handle user creation that well, and GPP is deprecated since ms14-025
#might get solved with startupscript (tested on win10)
#get users in local administrator
$obj_group = [ADSI]"WinNT://$($env:COMPUTERNAME)/Administrators,group"
$Administrators = @($obj_group.psbase.Invoke("Members")) | foreach{([ADSI]$_).InvokeGet("Name")}
#get local users
$adsi = [ADSI]"WinNT://$($env:COMPUTERNAME)"
$Users = $adsi.psbase.children | where {$_.psbase.schemaClassName -match "user"} | select @{n="Name";e={$_.name}}
@mendel129
mendel129 / find-scp
Last active Dec 24, 2015
gets known registered service connection points (currently only exchange and ad rights management services) from active directory domain
View find-scp
<#
Script to find AD, find the known registered Service Connection Point's, an list some information about them.
detects dns domain on the network you're on
tries to detect default domain from dns server
connects to AD, get information about AD RMS, Exchange (possible to add others!)
#>
@mendel129
mendel129 / test-fileversion
Last active Dec 24, 2015
Get a list of all server 2003, connect to them, and get the filversion of a specific dll, create a list and export it to a csv
View test-fileversion
#get a list from ad with all windows server 2003 and 2003 r2 machines
$list= get-ADComputer -Filter {OperatingSystem -Like "Windows Server*2003*"}
#intantiate an empty array
$hashlist=@{}
$admin=get-credential
#connect to each computer, get the file, and select it's version
foreach($computer in $list){
$answer = Get-WMIObject -Computer $computer.DNSHostName -credential $admin -Query "SELECT * FROM CIM_DataFile WHERE Drive ='C:' AND Path='\\windows\\system32\\' AND FileName='crypt32' AND Extension='dll'" | select Version
#create a hashlist
$hashlist[$computer]=$answer
@mendel129
mendel129 / get-casstatus
Last active Dec 24, 2015
get all connected exchange users from client access servers
View get-casstatus
$RPC =Get-Counter "\MSExchange RpcClientAccess\User Count" -computername "srv1"
$OWA =Get-Counter "\MSExchange OWA\Current Unique Users" -computername "srv1"
$POP = Get-Counter "\MSExchangePop3(1)\Connections Current" -ComputerName "srv1"
$IMAP = get-counter "\MSExchangeImap4(1)\Current Connections" -ComputerName "srv1"
$csa=New-Object PSObject -Property @{
Server = srv1"
"rpc" = $RPC.CounterSamples[0].CookedValue
"owa" = $OWA.CounterSamples[0].CookedValue
"pop" = $POP.CounterSamples[0].CookedValue
"imap" = $IMAP.CounterSamples[0].CookedValue
@mendel129
mendel129 / PoSh_OpenSSL_AES
Last active Dec 21, 2015
Needed to make powershell natively talk with gibberish-aes, with random salt (and this should be openssl compatible...)
View PoSh_OpenSSL_AES
#PowerShell to create an gibberishaes(and openssl) compatible aes string with salt
#Salted__8bitsalt/aesstring
#thanks for .netcode -> http://stackoverflow.com/questions/5452422/openssl-using-only-net-classes
function OpenSSLEncrypt($passphrase, $plainText)
{
# generate salt
[byte[]] $key
[byte[]] $iv;
[byte[]] $salt = RandomByteArray
You can’t perform that action at this time.