Paul DiMaggio pldmgg
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $StartTime = Get-Date | |
| # Setup initial parameters | |
| try { | |
| $UserDirName = $(Get-Item $HOME).Name | |
| $GoogleDrivePath = "$HOME\Google Drive" | |
| $GDUserPath = "$GoogleDrivePath\$UserDirName" | |
| $LogFileName = "NewSymFS_Log_" + $(Get-Date -Format MMddyy_hhmmss) + '.log' | |
| $LogFileDir = "E:\" | |
| $LogFilePath = $LogFileDir + $LogFileName |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $FDApiKey = "xkoQYHlSlu7swSTjwYA3" | |
| # Force TLS1.2 as Powershell defaults to TLS 1.0 and Freshdesk will fail connections | |
| [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::TLS12 | |
| # Prep | |
| $pair = "$($FDApiKey):$($FDApiKey)" | |
| $bytes = [System.Text.Encoding]::ASCII.GetBytes($pair) | |
| $base64 = [System.Convert]::ToBase64String($bytes) | |
| $basicAuthValue = "Basic $base64" |
pldmgg
/ RunRemoteSchTask.ps1
Last active
November 29, 2018 17:10
Circumvent Double-Hop Issue via self-deleting Remote Schedule Task
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Install-Module EncryptDecrypt | |
| Import-Module EncryptDecrypt | |
| # New Encrypted File | |
| $DomainAdminAcct = "zero\zeroadmin" | |
| $PwdSS = Read-Host -Prompt "Enter the password for $DomainAdminAcct" -AsSecureString | |
| $PwdPT = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($PwdSS)) | |
| $NewPwdFileResult = New-EncryptedFile -SourceType String -ContentToEncrypt $PwdPT -FileToOutput "C:\Secrets\EncryptedPwd.txt" | |
| $PfxFileItem = Get-Item $($NewPwdFileResult | Where-Object {$_.AllFileOutputs -match "\.pfx"}) | |
| $EncryptedPwdFileItem = Get-Item $($NewPwdFileResult | Where-Object {$_.AllFileOutputs -match "\.rsaencrypted"}) |
pldmgg
/ CoralMonitorService.ps1
Created
November 27, 2018 19:13
Script to monitor ports 104 and 108 every 30 seconds
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #region >> Helper Functions | |
| function TestIsValidIPAddress([string]$IPAddress) { | |
| [boolean]$Octets = (($IPAddress.Split(".") | Measure-Object).Count -eq 4) | |
| [boolean]$Valid = ($IPAddress -as [ipaddress]) -as [boolean] | |
| Return ($Valid -and $Octets) | |
| } | |
| function ResolveHost { | |
| [CmdletBinding()] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Launch pwsh and - | |
| $RemoteHostNameOrIP = "zerotesting5.zero.lab" | |
| $SSHUserName = "zeroadmin@zero" | |
| $LocalPortForSSHTunnel = 5998 | |
| $RemoteSSHPort = 22 | |
| putty -ssh $RemoteHostNameOrIP -l $SSHUserName -L $LocalPortForSSHTunnel`:$RemoteHostNameOrIP`:$RemoteSSHPort | |
| The above will launch a putty window where you'll have to enter your password, unless you have a key loaded in pageant. If you don't have pageant, but have a .ppk key available on your filesystem, you can do: |
pldmgg
/ gist:ebe9eb223b4a816607ad8942f395e081
Created
October 25, 2018 23:46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| foreach ($ModuleItem in $ModulesToInstallAndImport) { | |
| if ($PSVersionTable.Platform -eq "Unix" -or $PSVersionTable.OS -match "Darwin") { | |
| # Make sure the Module Manifest file name and the Module Folder name are exactly the same case | |
| $env:PSModulePath -split ':' | foreach { | |
| Get-ChildItem -Path $_ -Directory | Where-Object {$_ -match $ModuleItem.Name} | |
| } | foreach { | |
| $ManifestFileName = $(Get-ChildItem -Path $_ -Recurse -File | Where-Object {$_.Name -match "$($ModuleItem.Name)\.psd1"}).BaseName | |
| $ModuleFileName = $(Get-ChildItem -Path $_ -Recurse -File | Where-Object {$_.Name -match "$($ModuleItem.Name)\.psm1"}).BaseName | |
| if (![bool]$($_.Name -cmatch $ManifestFileName)) { | |
| Rename-Item $_ $ManifestFileName |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PS C:\Users\zeroadmin> Install-Module EncryptDecrypt | |
| PS C:\Users\zeroadmin> Import-Module EncryptDecrypt | |
| ##### ENCRYPT EXAMPLE ##### | |
| PS C:\Users\zeroadmin> $FMSPassword = Read-Host -Prompt "Enter FMS Password" -AsSecureString | |
| Enter FMS Password: ***************** | |
| PS C:\Users\zeroadmin> $FMSPwdPT = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($FMSPassword)) | |
| PS C:\Users\zeroadmin> New-EncryptedFile -SourceType String -ContentToEncrypt $FMSPwdPT -FileToOutput "$HOME\fmspwd.txt" |
pldmgg
/ sshd_log_for_PSSession_cmdlets_SSHCertAuth
Created
September 9, 2018 16:31
sshd_log_for_PSSession_cmdlets_SSHCertAuth
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| debug2: load_server_config: filename __PROGRAMDATA__\\ssh/sshd_config | |
| debug2: load_server_config: done config len = 444 | |
| debug2: parse_server_config: config __PROGRAMDATA__\\ssh/sshd_config len 444 | |
| debug3: __PROGRAMDATA__\\ssh/sshd_config:15 setting HostCertificate C:/ProgramData/ssh/ssh_host_rsa_key-cert.pub | |
| debug3: __PROGRAMDATA__\\ssh/sshd_config:39 setting AuthorizedKeysFile C:/ProgramData/ssh/authorized_keys | |
| debug3: __PROGRAMDATA__\\ssh/sshd_config:77 setting Subsystem sftp sftp-server.exe | |
| debug3: __PROGRAMDATA__\\ssh/sshd_config:79 setting Subsystem powershell C:/symlinks/pwsh.exe -sshs -NoLogo -NoProfile | |
| debug3: checking syntax for 'Match User *' | |
| debug1: sshd version OpenSSH_for_Windows_7.7, LibreSSL 2.6.4 | |
| debug1: private host key #0: ssh-rsa SHA256:zAHg3bc18X10GwZFbfjky0Qwba1MvAG55IOzxodUdsY |
pldmgg
/ sshd_log_for_PSSession_cmdlets_PasswordAuth
Last active
September 9, 2018 16:31
sshd_logs_for_PSSession_Cmdlets_PasswordAuth
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| debug2: load_server_config: filename __PROGRAMDATA__\\ssh/sshd_config | |
| debug2: load_server_config: done config len = 415 | |
| debug2: parse_server_config: config __PROGRAMDATA__\\ssh/sshd_config len 415 | |
| debug3: __PROGRAMDATA__\\ssh/sshd_config:15 setting HostCertificate C:/ProgramData/ssh/ssh_host_rsa_key-cert.pub | |
| debug3: __PROGRAMDATA__\\ssh/sshd_config:39 setting AuthorizedKeysFile C:/ProgramData/ssh/authorized_keys | |
| debug3: __PROGRAMDATA__\\ssh/sshd_config:79 setting Subsystem powershell C:/symlinks/pwsh.exe -sshs -NoLogo -NoProfile | |
| debug3: checking syntax for 'Match User *' | |
| debug1: sshd version OpenSSH_for_Windows_7.7, LibreSSL 2.6.4 | |
| debug1: private host key #0: ssh-rsa SHA256:zAHg3bc18X10GwZFbfjky0Qwba1MvAG55IOzxodUdsY | |
| debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:9nWqj1v4Ec87Kn8EBvK+QhNip9xN7DmDgxauI4tuABg |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PS C:\Users\zeroadmin> sshd -ddd | |
| debug2: load_server_config: filename __PROGRAMDATA__\\ssh/sshd_config | |
| debug2: load_server_config: done config len = 414 | |
| debug2: parse_server_config: config __PROGRAMDATA__\\ssh/sshd_config len 414 | |
| debug3: __PROGRAMDATA__\\ssh/sshd_config:15 setting HostCertificate C:/ProgramData/ssh/ssh_host_rsa_key-cert.pub | |
| debug3: __PROGRAMDATA__\\ssh/sshd_config:39 setting AuthorizedKeysFile C:/ProgramData/ssh/authorized_keys | |
| debug3: __PROGRAMDATA__\\ssh/sshd_config:79 setting Subsystem powershell C:/symlinks/pwsh.exe -sshs -NoLogo -NoProfile | |
| debug3: checking syntax for 'Match User *' | |
| debug1: sshd version OpenSSH_for_Windows_7.7, LibreSSL 2.6.4 | |
| debug1: private host key #0: ssh-rsa SHA256:zAHg3bc18X10GwZFbfjky0Qwba1MvAG55IOzxodUdsY |