Hacking For Beginners – Manthan Desai
Going Beyond the Defaults:
2010
The default Execution Policy in PowerShell is very secure. It does not allow for any scripts to be run, from anywhere. So,scripts that you create and put on a system won’t run. Scripts that you download from the Internet won’t run. Scripts thatyou even sign and secure to the nth degree won’t run. Therefore, you will need to reset the level of Execution Policybefore you can run your scripts.
Setting the Execution Policy Level
There are four levels of the Execution Policy. These four levels provide you with great security over what scripts can runand what requirements need to be associated with the script to run. The four levels and the requirements include:
Restricted
This is the default configuration in PowerShell. This setting means that no script can run, regardless signature. Theonly things that can be run in PowerShell with this setting are individual commands.
All Signed
This setting does allow scripts to run in PowerShell. The script must have an associated digital signature from a trustedpublisher. There will be a prompt before you run the scripts from trusted publishers. This exposes you to running signed,but malicious, scripts.
Remote Signed
This setting allows scripts to be run, but requires that the script configuration files that are downloaded from theInternet have an associated digital signature from a trusted publisher. Scripts run from local computer don’t need to besigned. There are no prompts before running the script. Still exposes scripts that are signed, yet malicious.
Unrestricted
This is not a suggested setting! This allows unsigned scripts to run, including all scripts and configuration files downloadedfrom the Internet. This will include files Outlook and Messenger. The risk here is running scripts without anysignature or security.
To set anyone of these levels, just type set-execution policy <level>, as shown in Figure 4.
Figure 4: Setting the Execution Policy is as easy as running the set-execution policy command.
Using Group Policy
PowerShell is great, but if scripts can’t run on computers in your environment, it does have limitations. First, you must getPowerShell on each computer. Since PowerShell is installed via an EXE, it is very easy to install the application. You caneither use a ZAP file or push it out using Group Policy, or you can use your current centralized method of installingapplications. Keep in mind that PowerShell is considered a hot fix, so Windows Update can also push out the installationof PowerShell.
www.hackingtech.co.tv
Page 213