{"id":6473,"date":"2024-09-22T07:53:27","date_gmt":"2024-09-21T22:53:27","guid":{"rendered":"https:\/\/appbay.org\/?p=6473"},"modified":"2024-09-22T07:53:27","modified_gmt":"2024-09-21T22:53:27","slug":"powershell-%e3%83%aa%e3%83%a2%e3%83%bc%e3%83%88%e8%a8%b1%e5%8f%af%e8%a8%ad%e5%ae%9a","status":"publish","type":"post","link":"https:\/\/appbay.org\/?p=6473","title":{"rendered":"PowerShell \u30ea\u30e2\u30fc\u30c8\u8a31\u53ef\u8a2d\u5b9a"},"content":{"rendered":"
if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] \"Administrator\"))\r\n{\r\n  $scriptPath = $MyInvocation.MyCommand.Path\r\n  Start-Process -FilePath \"powershell.exe\" -ArgumentList \"-NoProfile -ExecutionPolicy Bypass -File `\"$scriptPath`\"\" -Verb RunAs\r\n  Exit\r\n}\r\n\r\n# \u30e6\u30fc\u30b6\u30fc\u3092\u8ffd\u52a0\u3059\u308b\u5834\u5408\r\n# New-LocalUser -Name \"TempUser\" -Password (ConvertTo-SecureString \"1234\" -AsPlainText -Force) -AccountNeverExpires -PasswordNeverExpires\r\n# Add-LocalGroupMember -Group \"Administrators\" -Member \"TempUser\"\r\n\r\n# \u7a7a\u30d1\u30b9\u30ef\u30fc\u30c9\u306e\u8a31\u53ef\r\nSet-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Lsa' -Name 'LimitBlankPasswordUse' -Value 0\r\n\r\n# \u30ea\u30e2\u30fc\u30c8\u63a5\u7d9a\u306e\u8a31\u53ef (sysdm.cpl\uff1e\u30ea\u30e2\u30fc\u30c8\u304c\u6709\u52b9\u306b\u306a\u308b) + \u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30ec\u30d9\u30eb\u8a8d\u8a3c\u306e\u89e3\u9664(PRO\u306e\u307f)\r\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\" -Name \"fDenyTSConnections\" -Value 0\r\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\WinStations\\RDP-Tcp\" -Name \"UserAuthentication\" -Value 0\r\n\r\n# \u30d5\u30a1\u30a4\u30eb\u3068\u30d7\u30ea\u30f3\u30bf\u30fc\u306e\u5171\u6709\u3092\u6709\u52b9\u306b\u3059\u308b\r\n# netsh advfirewall firewall set rule group=\"\u30d5\u30a1\u30a4\u30eb\u3068\u30d7\u30ea\u30f3\u30bf\u30fc\u306e\u5171\u6709\" new enable=Yes\r\nEnable-NetFirewallRule -DisplayGroup \"\u30d5\u30a1\u30a4\u30eb\u3068\u30d7\u30ea\u30f3\u30bf\u30fc\u306e\u5171\u6709\"\r\n\r\n# \u30ea\u30e2\u30fc\u30c8\u30c7\u30b9\u30af\u30c8\u30c3\u30d7\u3092\u6709\u52b9\u306b\u3059\u308b\r\n# netsh advfirewall firewall set rule group=\"\u30ea\u30e2\u30fc\u30c8 \u30c7\u30b9\u30af\u30c8\u30c3\u30d7\" new enable=yes\r\nif (Get-NetFirewallRule | Where-Object { $_.DisplayGroup -eq \"\u30ea\u30e2\u30fc\u30c8 \u30c7\u30b9\u30af\u30c8\u30c3\u30d7\" })\r\n{\r\n  Enable-NetFirewallRule -DisplayGroup \"\u30ea\u30e2\u30fc\u30c8 \u30c7\u30b9\u30af\u30c8\u30c3\u30d7\"\r\n}\r\n\r\n# \u5225\u30bb\u30b0\u30e1\u30f3\u30c8\u8a31\u53ef\r\n# netsh advfirewall firewall add rule name=\"Allow Subnet RDP\" dir=in action=allow protocol=tcp localport=3389 profile=private,public remoteip=192.168.0.0\/16\r\nNew-NetFirewallRule -DisplayName \"Allow Subnet RDP\" -Name \"Allow Subnet RDP\" -Direction Inbound -Action Allow -Protocol TCP -LocalPort 3389 -Profile Private,Public -RemoteAddress 192.168.0.0\/16\r\n\r\n# AC\u96fb\u6e90\u4f7f\u7528\u6642\u306e\u30b9\u30ea\u30fc\u30d7\u3092\u7121\u52b9\u306b\u3059\u308b\r\npowercfg \/change standby-timeout-ac 0\r\n\r\n# AC\u96fb\u6e90\u4f7f\u7528\u6642\u306e\u30c7\u30a3\u30b9\u30d7\u30ec\u30a4\u30aa\u30d5\u30bf\u30a4\u30e0\u30a2\u30a6\u30c8\u3092\u7121\u52b9\u306b\u3059\u308b\r\npowercfg \/change monitor-timeout-ac 0\r\n\r\n# AC\u96fb\u6e90\u4f7f\u7528\u6642\u306e\u30cf\u30fc\u30c9\u30c7\u30a3\u30b9\u30af\u306e\u96fb\u6e90\u30aa\u30d5\u30bf\u30a4\u30e0\u30a2\u30a6\u30c8\u3092\u7121\u52b9\u306b\u3059\u308b\r\npowercfg \/change disk-timeout-ac 0\r\n\r\n# \u30a2\u30af\u30c6\u30a3\u30d6\u306a\u30e6\u30fc\u30b6\u30fc\u540d(PRO\u306e\u307f)\r\n$activeUser1 = (query user | Select-String \"Active\" | ForEach-Object {\r\n  $_.ToString().Split(\" \", [System.StringSplitOptions]::RemoveEmptyEntries)[0]\r\n})\r\n\r\n$activeUser2 = (Get-WMIObject -ClassName Win32_ComputerSystem).Username\r\n\r\n# IP\u30a2\u30c9\u30ec\u30b9(192.168.\u304c\u542b\u307e\u308c\u3066\u3044\u308b)\r\n$ipAddress1 = (Get-NetIPAddress | Where-Object { $_.IPAddress -like \"192.168.*\" }).IPAddress\r\n\r\n# IP\u30a2\u30c9\u30ec\u30b9(\u30c7\u30d5\u30a9\u30eb\u30c8\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4\u304c\u8a2d\u5b9a\u3055\u308c\u3066\u3044\u308b)\r\n$ipAddress2 = (Get-NetIPConfiguration | Where-Object { $_.IPv4DefaultGateway -ne $null }).IPv4Address.IPAddress\r\n\r\n# wmic useraccount get Caption\r\n$wmic = (Get-WmiObject Win32_UserAccount | Select-Object -ExpandProperty Caption) -join \"`r`n\"\r\n\r\n$whoami = whoami\r\n\r\n$computer = Get-WmiObject Win32_ComputerSystem\r\n$domain = $computer.Domain\r\n$workgroup = $computer.Workgroup\r\n\r\n$Body = \"domain: \" + $domain + \"`r`n`r`n\" + \"workgroup: \" + $workgroup + \"`r`n`r`n\" + \"active user: \" + $activeUser1 + \"`r`n`r`n\" + \"active user: \" + $activeUser2 + \"`r`n`r`n\" + \"ip address(192.168.*): \" + $ipAddress1 + \"`r`n`r`n\" + \"ip address(default gateway): \" + $ipAddress2 + \"`r`n`r`n\" + \"wmic: \" + $wmic + \"`r`n`r`n\" + \"whoami: \" + $whoami\r\n\r\nWrite-Output $Body\r\n\r\n$encode = [System.Text.Encoding]::UTF8\r\n$SMTPServer = \"xxx\"\r\n$SMTPPort = \"xxx\"\r\n$Username = \"xxx\"\r\n[System.Security.SecureString]$Password = ConvertTo-SecureString \"xxx\" -AsPlainText -Force\r\n$From = \"xxx\"\r\n$To = \"xxx\" \r\n$Subject = \"\u30ea\u30e2\u30fc\u30c8\u63a5\u7d9a\u60c5\u5831\"\r\n[System.Collections.Hashtable]$SMTPMessage = @{\r\n    To = $To\r\n    From = $From\r\n    Subject = $Subject\r\n    Body = $Body\r\n    SmtpServer = $SMTPServer\r\n    Port = $SMTPPort\r\n    Credential = New-Object System.Management.Automation.PSCredential ($Username, $Password)\r\n    Encoding = $encode\r\n}\r\nSend-MailMessage @SMTPMessage\r\n\r\nPause\r\n<\/pre>\n
\u5b9f\u884c\u524d\u306b\u7ba1\u7406\u8005\u6a29\u9650\u3067\u4ee5\u4e0b\u306e\u30d0\u30c3\u30c1\u3092\u5b9f\u884c
\nPowerShell Set-ExecutionPolicy Unrestricted<\/p>\n","protected":false},"excerpt":{"rendered":"
if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([ … <\/p>\n
“PowerShell \u30ea\u30e2\u30fc\u30c8\u8a31\u53ef\u8a2d\u5b9a” \u306e<\/span>\u7d9a\u304d\u3092\u8aad\u3080<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[157],"class_list":["post-6473","post","type-post","status-publish","format-standard","hentry","category-1","tag-powershell"],"_links":{"self":[{"href":"https:\/\/appbay.org\/index.php?rest_route=\/wp\/v2\/posts\/6473","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/appbay.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/appbay.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/appbay.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/appbay.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6473"}],"version-history":[{"count":1,"href":"https:\/\/appbay.org\/index.php?rest_route=\/wp\/v2\/posts\/6473\/revisions"}],"predecessor-version":[{"id":6474,"href":"https:\/\/appbay.org\/index.php?rest_route=\/wp\/v2\/posts\/6473\/revisions\/6474"}],"wp:attachment":[{"href":"https:\/\/appbay.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6473"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/appbay.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6473"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/appbay.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6473"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}