jborean93’s gists

jborean93 / Appx-Server2025.ps1

Created November 10, 2024 21:40

Fix Appx in PSRemoting for Server 2025

	# Server 2025 fails to run Get-AppxPackage and other DISM module commands in
	# a PSRemoting (psrp) session as it has a dependency on some dll's not present
	# in the GAC and only in the powershell.exe directory. As PSRP runs through
	# wsmprovhost.exe, it fails to find those dlls. This hack will manually load
	# the 4 required dlls into the GAC. This is a hack and should be removed in the
	# future if MS fix their bug on 2025.

	Add-Type -AssemblyName "System.EnterpriseServices"
	$publish = [System.EnterpriseServices.Internal.Publish]::new()

jborean93 / Get-ValidatedScriptBlock.ps1

Last active September 17, 2024 22:04

WDAC Investigations for Ansible

	Function Get-ValidatedScriptBlock {
	[OutputType([ScriptBlock])]
	param (
	[Parameter(Mandatory)]
	[string]
	$Name,

	[Parameter(Mandatory)]
	[string]
	$ScriptAsBase64

jborean93 / New-ScheduledTaskSession.ps1

Last active September 21, 2024 10:58

Creates a PSSession that targets a scheduled task process

	# Copyright: (c) 2024, Jordan Borean (@jborean93) <[email protected]>
	# MIT License (see LICENSE or https://opensource.org/licenses/MIT)

	Function New-ScheduledTaskSession {
	<#
	.SYNOPSIS
	Creates a PSSession for a process running as a scheduled task.

	.DESCRIPTION
	Creates a PSSession that can be used to run code inside a scheduled task

jborean93 / Invoke-AsScheduledJob.ps1

Created August 23, 2024 04:39

Invokes a PowerShell script as a scheduled task changing the logon type to a BATCH logon.

	# Copyright: (c) 2024, Jordan Borean (@jborean93) <[email protected]>
	# MIT License (see LICENSE or https://opensource.org/licenses/MIT)

	Function Invoke-AsScheduledJob {
	<#
	.SYNOPSIS
	Runs a scriptblock as a scheduled job.

	.DESCRIPTION
	This is a helper function to run PowerShell code as a scheduled task.

jborean93 / smb_list_shares.py

Last active August 9, 2024 11:09

List SMB shares using smbprotocol library

	#!/usr/bin/env python3
	# Copyright: (c) 2024, Jordan Borean (@jborean93) <[email protected]>
	# MIT License (see LICENSE or https://opensource.org/licenses/MIT)
	# PYTHON_ARGCOMPLETE_OK

	# Big thanks to pysmb for help with the RPC structures
	# https://github.com/miketeo/pysmb

	from __future__ import annotations

jborean93 / parse_openssh_key.py

Last active July 28, 2024 01:57

Parses an OpenSSH Private Key file

jborean93 / Split-ExeArgument.ps1

Last active August 19, 2024 19:40

Splits the input string using the Win32 argument splitter

	# Copyright: (c) 2024, Jordan Borean (@jborean93) <[email protected]>
	# MIT License (see LICENSE or https://opensource.org/licenses/MIT)

	#Requires -Module Ctypes

	Function Split-ExeArgument {
	[OutputType([string])]
	[CmdletBinding()]
	param (
	[Parameter(Mandatory, ValueFromPipeline)]

jborean93 / libvirt-network-dns.py

Created June 3, 2024 00:34

Script that can automatically configure DNS domain resolvers for systemd-resolved on QEMU network adapters

	#!/usr/bin/python

	import os.path
	import subprocess
	import sys
	import xml.etree.ElementTree as ET

	def main():
	iface = sys.argv[1]
	hook_case = sys.argv[2]

jborean93 / Get-FileProcess.ps1

Created May 30, 2024 23:18

Gets the process ids that has the requested file(s) opened

	# Copyright: (c) 2024, Jordan Borean (@jborean93) <[email protected]>
	# MIT License (see LICENSE or https://opensource.org/licenses/MIT)

	#Requires -Module Ctypes
	#Requires -Version 7.3

	Function Get-FileProcess {
	<#
	.SYNOPSIS
	Get the process that has opened the requested file.

jborean93 / WinVerifyTrust-Catalog.ps1

Created May 21, 2024 04:53

Test code to testing WinVerifyTrust with a catalog file.

	ctypes_struct WINTRUST_DATA {
	[int]$cbStruct
	[IntPtr]$pPolicyCallbackData
	[IntPtr]$pSIPClientData
	[int]$dwUIChoice
	[int]$fdwRevocationChecks
	[int]$dwUnionChoice
	[IntPtr]$pCatalog
	[int]$dwStateAction
	[IntPtr]$hWVTStateData

Jordan Borean jborean93