PowerShell Team

Automating the world one-liner at a time…

PowerShell Module Function Export in Constrained Language

PowerShell Module Exporting Functions in Constrained Language PowerShell offers a number of ways to expose functions in a script module. But some options have serious performance or security drawbacks. In this blog I describe these issues and provide simple guidance for creating performant and secure script modules. Look for a module soon in ...

PowerShell Injection Hunter: Security Auditing for PowerShell Scripts

At the DEFCON security conference last year, we presented the session: "Get $pwnd: Attacking Battle Hardened Windows Server". In this talk, we went through some of the incredibly powerful ways that administrators can secure their high-value systems (for example, Just Enough Administration) and also dove into some of the mistakes that administrators sometimes make when exposing their PowerShell code to an attacker. The most common form of mistake is script injection, where a script author takes a parameter value (supplied by an attacker) and runs it in a trusted context (such as a function exposed in a Just Enough Administration endpoint).
Comments are closed.0