Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $s1 = (gwmi -List Win32_ShadowCopy).Create("C:\", "ClientAccessible")
- $s2 = gwmi Win32_ShadowCopy | ? { $_.ID -eq $s1.ShadowID }
- $d = $s2.DeviceObject + "\"
- cmd /c mklink /d C:\scpy "$d"
- New-CIPolicy -Level RootCertificate -FilePath C:\BasePolicy.xml -ScanPath C:\scpy -UserPEs
- $s2.Delete()
- Remove-Item -Path C:\scpy -Force
- Set-RuleOption –option 3 –FilePath C:\BasePolicy.xml
- ConvertFrom-CIPolicy C:\BasePolicy.xml C:\BasePolicy.bin
- Move-Item C:\BasePolicy.bin c:\Windows\System32\CodeIntegrity\SIPolicy.p7b -force
- # Reboot
- # Update after use
- New-CIPolicy -Level PcaCertificate -f C:\AuditPolicy.xml -Audit -UserPEs -Fallback Hash
- Merge-CIPolicy –OutputFilePath C:\MergedPolicy.xml –PolicyPaths C:\AuditPolicy.xml,C:\BasePolicy.xml
- Set-RuleOption –option 3 –FilePath C:\MergedPolicy.xml
- ConvertFrom-CIPolicy C:\MergedPolicy.xml C:\MergedPolicy.bin
- Move-Item C:\MergedPolicy.bin c:\Windows\System32\CodeIntegrity\SIPolicy.p7b -force
- #reboot
- # Check for missing apps, libraries and drivers if none, enforce
- Set-RuleOption –option 3 –FilePath C:\MergedPolicy.xml -Delete
- ConvertFrom-CIPolicy C:\MergedPolicy.xml C:\MergedPolicy.bin
- Move-Item C:\MergedPolicy.bin c:\Windows\System32\CodeIntegrity\SIPolicy.p7b -Force
- # reboot
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement