tahadraidia/Build.ps1

## Build.ps1
function CreateVulnerableService {
    $params = @{
            Name = "P0wnMe"
            BinaryPathName = "C:\foobar.exe"
        }
    New-Service @params -ErrorAction SilentlyContinue
    sc.exe sdset P0wnMe "D:(A;;CCLCSWLORCRPDTCRWDWOWPDCSD;;;AU)"
}

function RemoveVulnerableService {
    $service = Get-Service -Name "P0wnMe" -ErrorAction SilentlyContinue
    if ($service -ne $null) {
       sc.exe delete P0wnMe
    }
}

function EnableAlwaysInstallElevated {
    New-ItemProperty -Path HKLM:\Software\Policies\Microsoft\Windows\Installer -Name AlwaysInstallElevated -Value 0x1 -Force
    New-ItemProperty -Path HKCU:\Software\Policies\Microsoft\Windows\Installer -Name AlwaysInstallElevated -Value 0x1 -Force
}

function DisableAlwaysInstallElevated {
    New-ItemProperty -Path HKLM:\Software\Policies\Microsoft\Windows\Installer -Name AlwaysInstallElevated -Value 0x0 -Force
    New-ItemProperty -Path HKCU:\Software\Policies\Microsoft\Windows\Installer -Name AlwaysInstallElevated -Value 0x0 -Force
}

function EnableRestrictedLanguage {
    [Environment]::SetEnvironmentVariable('__PSLockdownPolicy', '4','MACHINE')
}

function DisableRestrictedLanguage {
    Remove-ItemProperty -Path "HKLM:\\SYSTEM\CurrentControlSet\Control\Session Manager\Environment" -Name "__PSLockdownPolicy" -Force -ErrorAction SilentlyContinue
}

function Install-Environment {
    EnableRestrictedLanguage
    EnableAlwaysInstallElevated
    CreateVulnerableService
}

function Remove-Environment {
    DisableRestrictedLanguage
    DisableAlwaysInstallElevated
    RemoveVulnerableService
}
	function CreateVulnerableService {
	$params = @{
	Name = "P0wnMe"
	BinaryPathName = "C:\foobar.exe"
	}
	New-Service @params -ErrorAction SilentlyContinue
	sc.exe sdset P0wnMe "D:(A;;CCLCSWLORCRPDTCRWDWOWPDCSD;;;AU)"
	}

	function RemoveVulnerableService {
	$service = Get-Service -Name "P0wnMe" -ErrorAction SilentlyContinue
	if ($service -ne $null) {
	sc.exe delete P0wnMe
	}
	}

	function EnableAlwaysInstallElevated {
	New-ItemProperty -Path HKLM:\Software\Policies\Microsoft\Windows\Installer -Name AlwaysInstallElevated -Value 0x1 -Force
	New-ItemProperty -Path HKCU:\Software\Policies\Microsoft\Windows\Installer -Name AlwaysInstallElevated -Value 0x1 -Force
	}

	function DisableAlwaysInstallElevated {
	New-ItemProperty -Path HKLM:\Software\Policies\Microsoft\Windows\Installer -Name AlwaysInstallElevated -Value 0x0 -Force
	New-ItemProperty -Path HKCU:\Software\Policies\Microsoft\Windows\Installer -Name AlwaysInstallElevated -Value 0x0 -Force
	}

	function EnableRestrictedLanguage {
	[Environment]::SetEnvironmentVariable('__PSLockdownPolicy', '4','MACHINE')
	}

	function DisableRestrictedLanguage {
	Remove-ItemProperty -Path "HKLM:\\SYSTEM\CurrentControlSet\Control\Session Manager\Environment" -Name "__PSLockdownPolicy" -Force -ErrorAction SilentlyContinue
	}

	function Install-Environment {
	EnableRestrictedLanguage
	EnableAlwaysInstallElevated
	CreateVulnerableService
	}

	function Remove-Environment {
	DisableRestrictedLanguage
	DisableAlwaysInstallElevated
	RemoveVulnerableService
	}