Skip to content

Commit b4851a1

Browse files
PowerShellCrackPowerShellCrack
committed
2 parents 0e70909 + ec54b3b commit b4851a1

File tree

5 files changed

+144
-51
lines changed

5 files changed

+144
-51
lines changed

.vscode/launch.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
// Use IntelliSense to learn about possible attributes.
3+
// Hover to view descriptions of existing attributes.
4+
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
5+
"version": "0.2.0",
6+
"configurations": [
7+
{
8+
"name": "PowerShell Launch Current File",
9+
"type": "PowerShell",
10+
"request": "launch",
11+
"script": "${file}",
12+
"args": [],
13+
"cwd": "${file}"
14+
},
15+
{
16+
"name": "PowerShell Launch Current File in Temporary Console",
17+
"type": "PowerShell",
18+
"request": "launch",
19+
"script": "${file}",
20+
"args": [],
21+
"cwd": "${file}",
22+
"createTemporaryIntegratedConsole": true
23+
},
24+
{
25+
"name": "PowerShell Launch Current File w/Args Prompt",
26+
"type": "PowerShell",
27+
"request": "launch",
28+
"script": "${file}",
29+
"args": [
30+
"${command:SpecifyScriptArgs}"
31+
],
32+
"cwd": "${file}"
33+
},
34+
{
35+
"name": "PowerShell Attach to Host Process",
36+
"type": "PowerShell",
37+
"request": "attach"
38+
},
39+
{
40+
"name": "PowerShell Interactive Session",
41+
"type": "PowerShell",
42+
"request": "launch",
43+
"cwd": ""
44+
},
45+
{
46+
"name": "PowerShell Attach Interactive Session Runspace",
47+
"type": "PowerShell",
48+
"request": "attach",
49+
"processId": "current"
50+
}
51+
]
52+
}

AppOptimizeAndConfig.ps1

Lines changed: 50 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,12 @@
77
Utilizes LGPO.exe to apply group policy item where neceassary.
88
Utilizes MDT/SCCM TaskSequence property control
99
Configurable using custom variables in MDT/SCCM
10+
11+
.EXAMPLE
12+
powershell.exe -ExecutionPolicy Bypass -file "AppOptimizeAndConfig.ps1"
13+
1014
.INFO
15+
Script: AppOptimizeAndConfig.ps1
1116
Author: Richard Tracy
1217
Email: richard.tracy@hotmail.com
1318
Twitter: @rick2_1979
@@ -237,7 +242,7 @@ Function Write-LogEntry{
237242
Out-File -InputObject $LogFormat -Append -NoClobber -Encoding Default -FilePath $OutputLogFile -ErrorAction Stop
238243
}
239244
catch {
240-
Write-Host ("[{0}] [{1}] :: Unable to append log entry to [{1}], error: {2}" -f $LogTimePlusBias,$ScriptSource,$OutputLogFile,$_.Exception.ErrorMessage) -ForegroundColor Red
245+
Write-Host ("[{0}] [{1}] :: Unable to append log entry to [{1}], error: {2}" -f $LogTimePlusBias,$ScriptSource,$OutputLogFile,$_.Exception.Message) -ForegroundColor Red
241246
}
242247
}
243248
End{
@@ -516,17 +521,20 @@ Function Set-SystemSetting {
516521
#verify the registry value has been set
517522
Try{
518523
If( -not(Test-Path ($RegHive +'\'+ $RegKeyPath)) ){
519-
Write-LogEntry ("Key was not set; Hardcoding registry keys [{0}\{1}] with value [{2}]" -f ($RegHive +'\'+ $RegKeyPath),$RegKeyName,$Value) -Severity 0 -Source ${CmdletName}
520-
New-Item -Path ($RegHive +'\'+ $RegKeyPath) -Force -WhatIf:$WhatIfPreference -ErrorAction SilentlyContinue | Out-Null
521-
New-ItemProperty -Path ($RegHive +'\'+ $RegKeyPath) -Name $RegKeyName -PropertyType $Type -Value $Value -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction SilentlyContinue -PassThru
524+
Write-LogEntry ("Path was not found; Creating path and setting registry keys [{0}\{1}] with value [{2}]" -f ($RegHive +'\'+ $RegKeyPath),$RegKeyName,$Value) -Severity 0 -Source ${CmdletName}
525+
#New-Item -Path ($RegHive +'\'+ $RegKeyPath) -Force -WhatIf:$WhatIfPreference -ErrorAction Stop | Out-Null
526+
New-Item ($RegHive +'\'+ $RegKeyPath) -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction Stop | New-ItemProperty -Name $RegKeyName -PropertyType $Type -Value $Value -Force:$Force -ErrorAction Stop | Out-Null
527+
#wait for registry path to popluate (only on slower systems)
528+
#start-sleep 2
529+
#New-ItemProperty -Path ($RegHive +'\'+ $RegKeyPath) -Name $RegKeyName -PropertyType $Type -Value $Value -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction Stop | Out-Null
522530
}
523531
Else{
524-
Write-LogEntry ("Key name not found. Creating key name [{1}] at path [{0}] with value [{2}]" -f ($RegHive +'\'+ $RegKeyPath),$RegKeyName,$Value) -Source ${CmdletName}
525-
Set-ItemProperty -Path ($RegHive +'\'+ $RegKeyPath) -Name $RegKeyName -Value $Value -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction SilentlyContinue -PassThru
532+
Write-LogEntry ("Setting key name [{1}] at path [{0}] with value [{2}]" -f ($RegHive +'\'+ $RegKeyPath),$RegKeyName,$Value) -Source ${CmdletName}
533+
Set-ItemProperty -Path ($RegHive +'\'+ $RegKeyPath) -Name $RegKeyName -Value $Value -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction Stop | Out-Null
526534
}
527535
}
528536
Catch{
529-
Write-LogEntry ("Unable to set registry key [{0}\{1}\{2}] with value [{3}]" -f $RegHive,$RegKeyPath,$RegKeyName,$Value) -Severity 2 -Source ${CmdletName}
537+
Write-LogEntry ("Unable to configure registry key [{0}\{1}\{2}]. {4}" -f $RegHive,$RegKeyPath,$RegKeyName,$Value,$_.Exception.Message) -Severity 3 -Source ${CmdletName}
530538
}
531539

532540
}
@@ -701,7 +709,12 @@ Function Set-UserSetting {
701709
If ($HiveLoaded -eq $true) {
702710
If($Message){Write-LogEntry ("{0} for User [{1}].." -f $Message,$UserName)}
703711
If($Remove){
704-
Remove-ItemProperty "$RegHive\$($UserProfile.SID)\$RegKeyPath" -Name $RegKeyName -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction SilentlyContinue | Out-Null
712+
Try{
713+
Remove-ItemProperty "$RegHive\$($UserProfile.SID)\$RegKeyPath" -Name $RegKeyName -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction SilentlyContinue | Out-Null
714+
}
715+
Catch{
716+
Write-LogEntry ("Unable to remove registry key [{0}\{1}\{2}]. {4}" -f $RegHive,$RegKeyPath,$RegKeyName,$Value,$_.Exception.Message) -Severity 3 -Source ${CmdletName}
717+
}
705718
}
706719
Else{
707720
Set-SystemSetting -Path "$RegHive\$($UserProfile.SID)\$RegKeyPath" -Name $RegKeyName -Type $Type -Value $Value -Force:$Force -WhatIf:$WhatIfPreference -TryLGPO:$TryLGPO
@@ -720,7 +733,12 @@ Function Set-UserSetting {
720733
Else{
721734
If($Message){Write-LogEntry ("{0} for [{1}].." -f $Message,$ProfileList.UserName)}
722735
If($Remove){
723-
Remove-ItemProperty "$RegHive\$RegKeyPath\$RegKeyPath" -Name $RegKeyName -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction SilentlyContinue | Out-Null
736+
Try{
737+
Remove-ItemProperty "$RegHive\$RegKeyPath\$RegKeyPath" -Name $RegKeyName -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction SilentlyContinue | Out-Null
738+
}
739+
Catch{
740+
Write-LogEntry ("Unable to remove registry key [{0}\{1}\{2}]. {4}" -f $RegHive,$RegKeyPath,$RegKeyName,$Value,$_.Exception.Message) -Severity 3 -Source ${CmdletName}
741+
}
724742
}
725743
Else{
726744
Set-SystemSetting -Path "$RegHive\$RegKeyPath" -Name $RegKeyName -Type $Type -Value $Value -Force:$Force -WhatIf:$WhatIfPreference -TryLGPO:$TryLGPO
@@ -1104,6 +1122,7 @@ If($RemoveAppxPackages)
11041122

11051123
$p = 1
11061124
$c = 0
1125+
$d = 0
11071126
# Loop through the list of appx packages
11081127
foreach ($App in $AppArrayList) {
11091128

@@ -1113,49 +1132,57 @@ If($RemoveAppxPackages)
11131132
}
11141133
else {
11151134
# Gather package names
1116-
$AppPackageFullName = Get-AppxPackage -Name $App.Name | Select-Object -ExpandProperty PackageFullName
1135+
$AppPackageDetails = Get-AppxPackage -AllUsers -Name $App.Name
11171136

1118-
$AppProvisioningPackageName = Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -like $App.Name } | Select-Object -ExpandProperty PackageName
1137+
$AppProvisioningPackageName = Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -like $AppPackageDetails.Name } | Select-Object -ExpandProperty PackageName
11191138

11201139
# Attempt to remove AppxPackage
1121-
if ($null -ne $AppPackageFullName) {
1122-
Show-ProgressStatus -Message ("Removing application package: {0}" -f $App.Name) -Step $p -MaxStep $AppArrayList.count
1140+
if ($null -ne $AppPackageDetails) {
1141+
Show-ProgressStatus -Message ("Removing application package: {0}" -f $AppPackageDetails.Name) -Step $p -MaxStep $AppArrayList.count
11231142

11241143
try {
1125-
Remove-AppxPackage -Package $AppPackageFullName -ErrorAction Stop | Out-Null
1144+
Remove-AppxPackage -AllUsers -Package $AppPackageDetails.PackageFullName -ErrorAction Stop | Out-Null
11261145

1127-
Write-LogEntry -Message ("Successfully removed application package: {0}" -f $App.Name) -Outhost
1146+
Write-LogEntry -Message ("Successfully removed application package: {0}" -f $AppPackageDetails.PackageFullName) -Outhost
11281147
$c++
11291148
}
11301149
catch [System.Exception] {
1131-
Write-LogEntry -Message ("Failed removing AppxPackage: {0}" -f $_.Message) -Severity 3 -Outhost
1150+
Write-LogEntry -Message ("Failed removing AppxPackage: {0}" -f $_) -Severity 3 -Outhost
1151+
}
1152+
Finally{
1153+
Write-LogEntry -Message ("--------------------------------------------------" ) -Outhost
11321154
}
11331155
}
11341156
else {
1135-
Write-LogEntry -Message ("Unable to locate AppxPackage for app: {0}" -f $App.Name) -Outhost
1157+
Write-LogEntry -Message ("Unable to locate AppxPackage for app: {0}" -f $AppPackageDetails.Name) -Outhost
11361158
}
11371159

11381160
# Attempt to remove AppxProvisioningPackage
1139-
if ($null -eq $AppProvisioningPackageName) {
1140-
Write-LogEntry -Message ("Removing application provisioning package: {0}" -f $AppProvisioningPackageName)
1161+
if ($null -ne $AppProvisioningPackageName) {
1162+
Write-LogEntry -Message ("Removing application PROVISIONED package: {0}" -f $AppProvisioningPackageName)
11411163
try {
11421164
Remove-AppxProvisionedPackage -PackageName $AppProvisioningPackageName -Online -ErrorAction Stop | Out-Null
1143-
Write-LogEntry -Message ("Successfully removed application provisioning package: {0}" -f $AppProvisioningPackageName) -Outhost
1165+
Write-LogEntry -Message ("Successfully removed application PROVISIONED package: {0}" -f $AppProvisioningPackageName) -Outhost
1166+
$d++
11441167
}
11451168
catch [System.Exception] {
1146-
Write-LogEntry -Message ("Failed removing Appx Provisioning Package: {0}" -f $_.Message) -Severity 3 -Outhost
1169+
Write-LogEntry -Message ("Failed removing Appx PROVISIONED Package: {0}" -f $_) -Severity 3 -Outhost
1170+
}
1171+
Finally{
1172+
Write-LogEntry -Message ("--------------------------------------------------" ) -Outhost
11471173
}
11481174
}
11491175
else {
1150-
Write-LogEntry -Message ("Unable to locate Appx Provisioning Package for app: {0}" -f $App.Name) -Outhost
1176+
Write-LogEntry -Message ("Unable to locate Appx PROVISIONED Package for app: {0}" -f $AppPackageDetails.Name) -Outhost
11511177
}
11521178

11531179
}
11541180

11551181
$p++
11561182
}
11571183

1158-
Write-LogEntry -Message ("Removed {0} built-in AppxPackage and AppxProvisioningPackage" -f $c) -Outhost
1184+
Write-LogEntry -Message ("Removed {0} All Users App Package's" -f $c) -Outhost
1185+
Write-LogEntry -Message ("Removed {0} built-in App PROVISIONED Package's" -f $d) -Outhost
11591186
}
11601187
Else{$stepCounter++}
11611188

Svr16OptimizeAndConfig.ps1

310 Bytes
Binary file not shown.

Win10OptimizeAndConfig.ps1

Lines changed: 21 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,11 @@
88
Utilizes MDT/SCCM TaskSequence property control
99
Configurable using custom variables in MDT/SCCM
1010
11+
.EXAMPLE
12+
powershell.exe -ExecutionPolicy Bypass -file "Win10OptimizeAndConfig.ps1"
13+
1114
.INFO
15+
Script: Win10OptimizeAndConfig.ps1
1216
Author: Richard Tracy
1317
Email: richard.tracy@hotmail.com
1418
Twitter: @rick2_1979
@@ -349,7 +353,7 @@ Function Write-LogEntry{
349353
Out-File -InputObject $LogFormat -Append -NoClobber -Encoding Default -FilePath $OutputLogFile -ErrorAction Stop
350354
}
351355
catch {
352-
Write-Host ("[{0}] [{1}] :: Unable to append log entry to [{1}], error: {2}" -f $LogTimePlusBias,$ScriptSource,$OutputLogFile,$_.Exception.ErrorMessage) -ForegroundColor Red
356+
Write-Host ("[{0}] [{1}] :: Unable to append log entry to [{1}], error: {2}" -f $LogTimePlusBias,$ScriptSource,$OutputLogFile,$_.Exception.Message) -ForegroundColor Red
353357
}
354358
}
355359
End{
@@ -486,7 +490,7 @@ Function Set-Bluetooth{
486490
Await ($bluetooth.SetStateAsync($DeviceStatus)) ([Windows.Devices.Radios.RadioAccessStatus]) | Out-Null
487491
}
488492
Catch{
489-
Write-LogEntry ("Unable to configure Bluetooth Settings: {0}" -f $_.Exception.ErrorMessage) -Severity 3 -Source ${CmdletName}
493+
Write-LogEntry ("Unable to configure Bluetooth Settings: {0}" -f $_.Exception.Message) -Severity 3 -Source ${CmdletName}
490494
}
491495
Finally{
492496
#If ((Get-Service bthserv).Status -eq 'Stopped') { Start-Service bthserv }
@@ -670,28 +674,31 @@ Function Set-SystemSetting {
670674
}
671675
Catch{
672676
If($TryLGPO -and $LGPOExe){
673-
Write-LogEntry ("LGPO failed to run. exit code: {0}. Hardcoding registry keys [{1}\{2}\{3}]" -f $result.ExitCode,$RegHive,$RegKeyPath,$RegKeyName) -Severity 3 -Source ${CmdletName}
677+
Write-LogEntry ("LGPO failed to run. exit code: {0}. Setting registry keys [{1}\{2}\{3}] instead" -f $result.ExitCode,$RegHive,$RegKeyPath,$RegKeyName) -Severity 3 -Source ${CmdletName}
674678
}
675679
}
676680
Finally
677681
{
678682
#wait for LGPO file to finish generating
679683
start-sleep 1
680-
684+
681685
#verify the registry value has been set
682686
Try{
683687
If( -not(Test-Path ($RegHive +'\'+ $RegKeyPath)) ){
684-
Write-LogEntry ("Key was not set; Hardcoding registry keys [{0}\{1}] with value [{2}]" -f ($RegHive +'\'+ $RegKeyPath),$RegKeyName,$Value) -Severity 0 -Source ${CmdletName}
685-
New-Item -Path ($RegHive +'\'+ $RegKeyPath) -Force -WhatIf:$WhatIfPreference -ErrorAction SilentlyContinue | Out-Null
686-
New-ItemProperty -Path ($RegHive +'\'+ $RegKeyPath) -Name $RegKeyName -PropertyType $Type -Value $Value -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction SilentlyContinue -PassThru
688+
Write-LogEntry ("Path was not found; Creating path and setting registry keys [{0}\{1}] with value [{2}]" -f ($RegHive +'\'+ $RegKeyPath),$RegKeyName,$Value) -Severity 0 -Source ${CmdletName}
689+
#New-Item -Path ($RegHive +'\'+ $RegKeyPath) -Force -WhatIf:$WhatIfPreference -ErrorAction Stop | Out-Null
690+
New-Item ($RegHive +'\'+ $RegKeyPath) -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction Stop | New-ItemProperty -Name $RegKeyName -PropertyType $Type -Value $Value -Force:$Force -ErrorAction Stop | Out-Null
691+
#wait for registry path to popluate (only on slower systems)
692+
#start-sleep 2
693+
#New-ItemProperty -Path ($RegHive +'\'+ $RegKeyPath) -Name $RegKeyName -PropertyType $Type -Value $Value -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction Stop | Out-Null
687694
}
688695
Else{
689-
Write-LogEntry ("Key name not found. Creating key name [{1}] at path [{0}] with value [{2}]" -f ($RegHive +'\'+ $RegKeyPath),$RegKeyName,$Value) -Source ${CmdletName}
690-
Set-ItemProperty -Path ($RegHive +'\'+ $RegKeyPath) -Name $RegKeyName -Value $Value -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction SilentlyContinue -PassThru
696+
Write-LogEntry ("Setting key name [{1}] at path [{0}] with value [{2}]" -f ($RegHive +'\'+ $RegKeyPath),$RegKeyName,$Value) -Source ${CmdletName}
697+
Set-ItemProperty -Path ($RegHive +'\'+ $RegKeyPath) -Name $RegKeyName -Value $Value -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction Stop | Out-Null
691698
}
692699
}
693700
Catch{
694-
Write-LogEntry ("Unable to set registry key [{0}\{1}\{2}] with value [{3}]" -f $RegHive,$RegKeyPath,$RegKeyName,$Value) -Severity 2 -Source ${CmdletName}
701+
Write-LogEntry ("Unable to configure registry key [{0}\{1}\{2}]. {4}" -f $RegHive,$RegKeyPath,$RegKeyName,$Value,$_.Exception.Message) -Severity 3 -Source ${CmdletName}
695702
}
696703

697704
}
@@ -2592,7 +2599,7 @@ If ($EnableWinRM)
25922599

25932600
}
25942601
Catch{
2595-
Write-LogEntry ("Unable to setup WinRM: {0}" -f $_.Exception.ErrorMessage) -Severity 3
2602+
Write-LogEntry ("Unable to setup WinRM: {0}" -f $_.Exception.Message) -Severity 3
25962603
}
25972604
}
25982605
Else{$stepCounter++}
@@ -2735,7 +2742,7 @@ If($EnableCredGuard)
27352742
Write-LogEntry "Successfully enabled Microsoft-Hyper-V-HyperVisor feature"
27362743
}
27372744
catch [System.Exception] {
2738-
Write-LogEntry ("An error occured when enabling Microsoft-Hyper-V-HyperVisor. Error: -f $_") -Severity 3
2745+
Write-LogEntry ("An error occured when enabling Microsoft-Hyper-V-HyperVisor. {0}" -f $_) -Severity 3
27392746
}
27402747

27412748
try {
@@ -2744,7 +2751,7 @@ If($EnableCredGuard)
27442751
Write-LogEntry "Successfully enabled IsolatedUserMode feature"
27452752
}
27462753
catch [System.Exception] {
2747-
Write-LogEntry ("An error occured when enabling IsolatedUserMode. Error: -f $_") -Severity 3
2754+
Write-LogEntry ("An error occured when enabling IsolatedUserMode. {0}" -f $_) -Severity 3
27482755
}
27492756
}
27502757

@@ -2759,7 +2766,7 @@ If($EnableCredGuard)
27592766
Set-SystemSetting -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity' -Name 'Enabled' -Type DWord -Value 1 -Force
27602767
Set-SystemSetting -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity' -Name 'Locked' -Type DWord -Value 0 -Force
27612768

2762-
Write-LogEntry "STIG Rule ID: SV-78089r7_rule :: Enabling Credential Guard on domain-joined systems"
2769+
Write-LogEntry "Enabling Credential Guard on domain-joined systems"
27632770
Set-SystemSetting -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa' -Name 'LsaCfgFlags' -Type DWord -Value 1 -Force
27642771

27652772
$DeviceGuardProperty = Get-CimInstance –ClassName Win32_DeviceGuard –Namespace root\Microsoft\Windows\DeviceGuard

0 commit comments

Comments
 (0)