Skip to content

Instantly share code, notes, and snippets.

@Adkali

Adkali/PSWA.md

Forked from MHaggis/PSWA.md
Created November 5, 2024 16:31
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save Adkali/b555338a2f2471f02bced914ff77d050 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save Adkali/b555338a2f2471f02bced914ff77d050 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
PSWA.md

Enable PowerShell Web Access like an APT

Ref: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a

PowerShell:

# PrivCheck
if (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
    Write-Warning "Please run this script as an Administrator!"
    Exit
}

# Install Windows PowerShell Web Access feature
try {
    Install-WindowsFeature -Name WindowsPowerShellWebAccess -IncludeManagementTools
    Write-Host "Windows PowerShell Web Access feature installed successfully." -ForegroundColor Green
} catch {
    Write-Error "Failed to install Windows PowerShell Web Access feature: $_"
    Exit
}

# Install and configure IIS if not already installed
if (!(Get-WindowsFeature Web-Server).Installed) {
    Install-WindowsFeature -Name Web-Server -IncludeManagementTools
    Write-Host "IIS installed successfully." -ForegroundColor Green
}

# Configure PowerShell Web Access gateway
try {
    Install-PswaWebApplication -UseTestCertificate
    Write-Host "PowerShell Web Access gateway configured successfully." -ForegroundColor Green
} catch {
    Write-Error "Failed to configure PowerShell Web Access gateway: $_"
    Exit
}

# Add a rule to allow all users to access all computers
Add-PswaAuthorizationRule -UserName * -ComputerName * -ConfigurationName *

Write-Host "PowerShell Web Access has been enabled and configured." -ForegroundColor Green
Write-Host "Warning: This configuration allows all users to access all computers. Please adjust the authorization rules for your specific security requirements." -ForegroundColor Yellow

Cmd

@echo off
setlocal

:: Check for admin privileges
net session >nul 2>&1
if %errorLevel% neq 0 (
    echo Please run this script as an Administrator!
    exit /b 1
)

dism /online /enable-feature /featurename:WindowsPowerShellWebAccess /all

dism /online /enable-feature /featurename:IIS-WebServerRole /all

powershell -Command "& {Install-PswaWebApplication -UseTestCertificate}"

powershell -Command "& {Add-PswaAuthorizationRule -UserName * -ComputerName * -ConfigurationName *}"

echo PowerShell Web Access has been enabled and configured.
echo Warning: This configuration allows all users to access all computers. Please adjust the authorization rules for your specific security requirements.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment