Friday, February 29, 2008

Enable execution OF Power Shell scripts

Powershell is a shell for windows just like Bash is for unix, It is an excellent tool to automate tasks on windows machines but it also opens a lot of attack vectors like malicious scripts getting executed and hence microsoft decided to disable the auto execution of scripts and that means you need to type a few commands or mess with registry to enable quick execution of scripts.

There are four types of execution policies.

Execution Policy :
Restricted - Individual cmdlets can run, but not saved scripts. This is the default setting.
AllSigned - can run, but must have a digital signature even if written on the local computer. Prompts you before running scripts from trusted publishers.
RemoteSigned - Scripts written on the local computer do not need a digital signature, but any script downloaded from outside (email, IM, Internet) must have a signature to execute.
Unrestricted - Any script can run, but scripts downloaded from outside will run with a warning.

You can change the execution policy by editing the registry or the quickest is to do it from powershell itself.

To change it from registry go to
HKLMSOFTWAREMicrosoftPowerShell1ShellIdsMicrosoft.PowerShell. Find execution policy and type the policy which suits you.

Second one is to do it from powershell (recommended)
Type get-executionpolicy
then it will ask you for type of policy, type a policy suitable to you and press enter.

You are done, write as many scripts as you want and quickly run them.. ./crash

No comments: