Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Import-Module Applocker
- #Requires -RunAsAdministrator
- clear
- Write-Host "Hello World"
- # Debut question 1
- $Policy = Get-ExecutionPolicy
- If ((Get-ExecutionPolicy) -ne "Unrestricted") {
- Write-Host -NoNewline "Setting ExecutionPolicy to Unrestricted... "
- Set-ExecutionPolicy "Unrestricted" -Force
- Write-Host "Done"
- }
- # Fin question 1
- # Debut question 2
- Write-Host "Host Machine Information: "
- Get-CimInstance Win32_OperatingSystem | Select-Object Caption, InstallDate, ServicePackMajorVersion, OSArchitecture, BootDevice, BuildNumber, CSName | FL
- # Fin question 2
- # Debut question 4
- Write-Host "Checking directories in PATH environment variable... "
- Get-Item -Path Env:Path
- # Fin question 4
- # Debut question 5
- Function Get-RegistryKeyPropertiesAndValues {
- Param(
- [Parameter(Mandatory=$true)]
- [string]$path
- )
- Push-Location
- Set-Location -Path $path
- Get-Item . |
- Select-Object -ExpandProperty property |
- ForEach-Object {
- New-Object psobject -Property @{"property"=$_;
- "Value" = (Get-ItemProperty -Path . -Name $_).$_}}
- Pop-Location
- } #end function Get-RegistryKeyPropertiesAndValues
- Get-RegistryKeyPropertiesAndValues -path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Run'
- $WinlogonACLs = Get-Acl 'HKCU:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon'
- $LSAACLs = Get-Acl 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa'
- $SecurePipeServerACLs = Get-Acl 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurePipeServers'
- $KnownDLLsACLs = Get-Acl 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs'
- # Fin question 5
- # Debut question 6
- $Antiviruses = Get-CimInstance -Namespace root/SecurityCenter2 -ClassName AntivirusProduct
- $Antiviruses.displayName
- $ThreatsNumber = get-alias | measure
- $ThreatsNumber.Count
- $WindowsDefenderStatus = Get-MpComputerStatus
- # Fin question 6
- # Debut question 8
- # Get-AppLockerPolicy
- # Fin question 8
- # Debut question 9
- Get-SmbShare
- # Debut question 9
- gwmi Win32_UserAccount | foreach-object {
- $username = $_.Caption
- $username
- $chkCmd = "accesschk """ + $username + """ -a * -q"
- iex $chkCmd
- ""
- }
- Write-Host -NoNewline "Setting ExecutionPolicy back to" $Policy "... "
- Set-ExecutionPolicy $Policy -Force
- Write-Host "Done"
- Measure-Command {
- $eventLog = Get-EventLog "windows powershell"
- $eventLog.TotalSeconds
- }
- Exit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement