PoSH Dump

$Time = (Get-Date).ToString('HH:mm')
$Shell = $Host.UI.RawUI
$ElevationCheck = [bool](([System.Security.Principal.WindowsIdentity]::GetCurrent()).groups -match "S-1-5-32-544")
if($ElevationCheck -eq "True"){$Admin = "Admin Enabled"}else{$Admin = "Standard User Shell"}
$Ver = $PSVersionTable.PSVersion
$Major = $Ver.Major
$Minor = $Ver.Minor
$Version = [string]$Major + "." + [string]$Minor


$Shell.WindowTitle = "$Admin - PoSH $Version - $Time"


Set-Location C:\Code
SET-ALIAS NP -Value C:\Windows\System32\notepad.exe
Set-Alias ON -value "C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE"


Function Get-PublicIP {
    $IP = Invoke-WebRequest http://ifconfig.me/ip
    Write-Host "Your Public IP Address is $IP"
    }

function home {
    set-location c:\windows\system32
}

function XXX {
    Shutdown.exe -s -f -t 1
}

function ATWS-API {
    Write-Host -ForegroundColor YELLOW "Connecting to AutoTask API..."
    $Creds = Import-CSV C:\Code\Creds.csv
    $Password = $Creds.Password | ConvertTo-SecureString -AsPlainText -Force
    $Credential = New-Object System.Management.Automation.PSCredential ($Creds.Username, $Password)

    Import-Module -Name Autotask
    Connect-AtwsWebAPI -Credential $Credential -ApiTrackingIdentifier $Creds.Code -NoDiskCache

    write-Host -ForegroundColor Green "Connection successful"

}

$Logger = (Get-Date).ToString('dddd HH-mm')

$LogName = $Logger + ".txt"
$FilePath = Join-Path -Path "C:\Code\Logs\Transcript" -ChildPath $Logname


start-transcript (New-Item -Path $FilePath -ItemType file) -append -noclobber

$ps=[PowerShell]::Create()
$ps.AddScript('$null=$host;Get-Variable') > $null
$BuiltIn=$ps.Invoke()
$ps.Runspace.Close()
$ps.Dispose()
$BuiltIn | ForEach-Object { Remove-Variable -Name "$($_.Name)" -ErrorAction SilentlyContinue}

Clear-Host

if($ElevationCheck -eq "True"){Write-Host -ForegroundColor Green "Shell running as Admin"}else{Write-Host -ForegroundColor Red "Shell running without admin"}