EvilZone
Hacking and Security => Hacking and Security => : bubzuru November 01, 2011, 12:36:00 AM
-
this realy turns me on, just think what the .net framework can do
then watch this
https://media.defcon.org/dc-18/video/DEF%20CON%2018%20Hacking%20Conference%20Presentation%20By%20-%20David%20Kennedy%20and%20Josh%20Kelley%20-%20Powershell%20omfg%20-%20Video.m4v
-
I'm not sure about the "Set-ExecutionPolicy" thing not meant for security. In the security section of his book, Bruce Payette(Co-Designer of powershell) goes on about a virus and a worm written in powershell, and then a method to counter it:
13.3.1 No execution of scripts by default
PowerShell is installed in such a way that it won’t run scripts by default. It can only be
used as an interactive command interpreter.
Before scripts can be run, the user has to take explicit action to change the execution
policy for PowerShell to allow script execution. In the default configuration, the
only way to execute code is if the user manually starts PowerShell and types commands
in at the prompt. This is covered in detail in the section 13.3.3.
So PowerShell is secure by default because it doesn’t do much of anything. Now
let’s see how to make it useful by enabling script execution. But first, we’ll cover a
somewhat more mundane topic. PowerShell uses the PATH environment variable to
find commands. This has some security implications, so we’ll review those first before
we talk abut how to enable scripting.
Worth a read(Windows PowerShell In Action[6.83MB]):
http://www.mediafire.com/?0arx0z08gaya5f3 (http://www.mediafire.com/?0arx0z08gaya5f3)
-
The link doesnt work for me im not sure if its the same for everyone
-
The link doesnt work for me im not sure if its the same for everyone
Does work for me ;),