forked from LeeHolmes/PowerShellCookbook
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathInventory.ps1
115 lines (93 loc) · 3.76 KB
/
Inventory.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
##############################################################################
##
## Inventory
##
## From Windows PowerShell Cookbook (O'Reilly)
## by Lee Holmes (http://www.leeholmes.com/guide)
##
##############################################################################
<#
.SYNOPSIS
Serves as the configuration script for a custom remoting endpoint that
exposes only the Get-Inventory custom command.
.EXAMPLE
PS >Register-PsSessionConfiguration Inventory `
-StartupScript 'C:\Program Files\Endpoints\Inventory.ps1'
PS >Enter-PsSession leeholmes1c23 -ConfigurationName Inventory
[leeholmes1c23]: [Inventory] > Get-Command
CommandType Name Definition
----------- ---- ----------
Function Exit-PSSession [CmdletBinding()]...
Function Get-Command [CmdletBinding()]...
Function Get-FormatData [CmdletBinding()]...
Function Get-Help [CmdletBinding()]...
Function Get-Inventory ...
Function Measure-Object [CmdletBinding()]...
Function Out-Default [CmdletBinding()]...
Function prompt ...
Function Select-Object [CmdletBinding()]...
[leeholmes1c23]: [Inventory] > Get-Inventory
SystemDirectory : C:\Windows\system32
Organization :
BuildNumber : 6002
RegisteredUser : Lee Holmes
SerialNumber : 89580-433-1295803-71477
Version : 6.0.6002
[leeholmes1c23]: [Inventory] > 1+1
The syntax is not supported by this runspace. This might be because it is
in no-language mode.
+ CategoryInfo :
+ FullyQualifiedErrorId : ScriptsNotAllowed
[leeholmes1c23]: [Inventory] > Exit-PsSession
PS >
#>
Set-StrictMode -Off
## Create a new function to get inventory
function Get-Inventory
{
Get-WmiObject Win32_OperatingSystem
}
## Customize the prompt
function Prompt
{
"[Inventory] > "
}
## Remember which functions we want to expose to the user
$exportedCommands = "Get-Inventory","Prompt"
## The System.Management.Automation.Runspaces.InitialSessionState class
## has a CreateRestricted() method that creates a default locked-down
## secure configuration for a remote session. This configuration only
## supports the bare minimum required for interactive remoting.
$issType = [System.Management.Automation.Runspaces.InitialSessionState]
$iss = $issType::CreateRestricted("RemoteServer")
## Add the commands to a hashtable so that we can access them easily
$issHashtable = @{}
foreach($command in $iss.Commands)
{
$issHashtable[$command.Name + "-" + $command.CommandType] = $command
}
## Go through all of functions built into the restricted runspace and add
## them to this session. These are proxy functions to limit the functionality
## of commands that we need (such as Get-Command, Select-Object, etc.)
foreach($function in $iss.Commands |
Where-Object { $_.CommandType -eq "Function" })
{
Set-Content "function:\$($function.Name)" -Value $function.Definition
}
## Go through all of the commands in this session
foreach($command in Get-Command)
{
## If it was one of our exported commands, keep it Public
if($exportedCommands -contains $command.Name) { continue }
## If the current command is defined as Private in the initial session
## state, mark it as private here as well.
$issCommand = $issHashtable[$command.Name + "-" + $command.CommandType]
if((-not $issCommand) -or ($issCommand.Visibility -ne "Public"))
{
$command.Visibility = "Private"
}
}
## Finally, prevent all access to the PowerShell language
$executionContext.SessionState.Scripts.Clear()
$executionContext.SessionState.Applications.Clear()
$executionContext.SessionState.LanguageMode = "NoLanguage"