Archive for the ‘PowerShell’ Category
Posted by jpluimers on 2025/04/23
A while ago, I needed to investigate reboot events on some Windows 10 systems. I wanted to use the console instead of the eventvwr GUI Event Viewer.
There is a tool for that called wevtutil which – like eventvwr – uses XPath query parameters and produces XML output.
Postprocessing XML can be a thing, but since .NET has great XML support, you can use PowerShell for that (which for me often is way easier than going the XSLT route, for instance because Windows lacks built-in console XSLT tooling).
Based on the help and the below links, my query command then on these machines turned out to be this: Read the rest of this entry »
Posted in Batch-Files, CommandLine, Development, PowerShell, PowerShell, Scripting, Software Development, XML, XML/XSD, XPath, XSLT | Leave a Comment »
Posted by jpluimers on 2025/03/31
A few years back I had an error happen a while on one of my Windows machines after a git pull: fatal: detected dubious ownership in repository at 'C:/versioned/repository' followed by a few lines with Windows SIDs (Security Identifiers) that I had to map to actual users.
I thought I had it scheduled, but my notes were in a draft post, so when I bumped into it again when upgrading an old virtual machine with new versions I finished it and scheduled it for now.
The first time I got the error was after git for Windows fixed security vulnerability [Wayback/Archive] CVE-2022-24765 and included the quote from [Wayback/Archive] Uncontrolled search for the Git directory in Git for Windows · Advisory · git-for-windows/git:
Read the rest of this entry »
Posted in CommandLine, Development, DVCS - Distributed Version Control, git, Power User, PowerShell, PowerShell, Scripting, Software Development, Source Code Management, Windows, Windows 10, Windows 11, Windows 7 | Tagged: 11 | Leave a Comment »
Posted by jpluimers on 2025/03/26
Posted in .NET, C#, Chocolatey, CommandLine, Development, Power User, PowerShell, PowerShell, Scripting, Software Development, Windows | Tagged: 1018 | Leave a Comment »
Posted by jpluimers on 2025/03/19
Earlier this months I wrote Writing a tool that restarts the Google Chat desktop app Window (and hopefully the Google Duo desktop app Window too) promising I would rewrite the Delphi code into C# and integrate it into PowerShell.
This is the beginning on porting the basics of the Delphi code (which had a flaw!) to C# and contains EnumWindows/EnumChildWindows and error handling tricks and tips.
Read the rest of this entry »
Posted in .NET, C#, Conference Topics, Conferences, Delphi, Development, Event, PowerShell, Scripting, Software Development, __Unfinished | Tagged: 46843, 51505, 600 | Leave a Comment »
Posted by jpluimers on 2025/03/04
In the past, the Google Hangouts desktop app on Windows would integrate with the system “tray” (actually the notification area) and show you missed chats and calls.
The [Wayback/Archive] Google Chat desktop app does not. It shows missed messages only as a number on the taskbar icon. Even worse: when you close the Window, the taskbar application icon does not show that number any more.
The odd thing is that the Google Duo desktop app does stay active and shows a notification popup on incoming calls. The Google Chat desktop app does not.
So I wanted to restart the Google Chat desktop app automatically when the Window was closed. But there is a catch:
Read the rest of this entry »
Posted in .NET, C#, CommandLine, Delphi, Development, PowerShell, PowerShell, Scripting, Software Development | Tagged: 37 | Leave a Comment »
Posted by jpluimers on 2025/01/07
Since every now and then, like testing software developed with older tools, you need to run older software.
This always works: [Wayback /Archive] Deploy .NET Framework 3.5 by using Deployment Image Servicing and Management (DISM) | Microsoft Learn
DISM /Online /Enable-Feature /FeatureName:NetFx3 /All
Use /All to enable all parent features of the specified feature.
(The /All is needed because software requiring .NET Framework 3.5 also require the parent features).
Notes:
- Tested on Windows 10 and Windows 11 in 2022.
- It can take a really long time (more than just a few minutes!) even on fast connections.
- Installing through Chocolatey with `choco install
dotnet3.5 fails on Windows 11 (have not tried on Windows 10) with the classical red on black PowerShell default error theme*:
ERROR: The term 'wmic' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
The install of DotNet3.5 was NOT successful.
Error while running 'C:\ProgramData\chocolatey\lib\DotNet3.5\Tools\ChocolateyInstall.ps1'.
Read the rest of this entry »
Posted in .NET, .NET 3.0, .NET 3.5, C#, Chocolatey, Development, Power User, PowerShell, Software Development, Windows, Windows 10, Windows 11 | Leave a Comment »
Posted by jpluimers on 2024/12/12
Simple (but fully working) code for NPLogonNotify(). The function obtains logon data, including cleartext password.
[Wayback/Archive] PSBits/PasswordStealing/NPPSpy at master · gtworek/PSBits has been used in the wild since about 2022 (the code is from 2020).
The code is a ~100 line C file resulting in a DLL exporting the NPGetCaps() and NPLogonNotify() functions.
Background/related:
Read the rest of this entry »
Posted in .NET, Blue team, C, CommandLine, Development, Power User, PowerShell, PowerShell, Red team, Scripting, Security, Software Development, Windows Development | Tagged: NPPSPY | 1 Comment »
Posted by jpluimers on 2024/10/09
Note that the below methods likely will cause security warnings if a Windows machine has been properly configured, but in most cases at least one of them works.
- using cURL (Widows 10 and up)
curl --url https://speed.hetzner.de/100MB.bin --output %TEMP%\100MB.bin
- using [Wayback/Archive]
certutil | Microsoft Docs (at least Windows 7 and up; needs UAC elevation)
certutil.exe -urlcache -split -f https://speed.hetzner.de/100MB.bin %TEMP%\100MB.bin
- using PowerShell (at least Windows Vista and up)
powershell.exe -Command (New-Object System.Net.WebClient).DownloadFile('https://speed.hetzner.de/100MB.bin','%TEMP%\100MB.bin')
I think it works for all versions of curl, certutil, and PowerShell though I did not have anything older than up-to-date Windows 7 (having PowerShell version 3) and recent to test on.
Read the rest of this entry »
Posted in *nix, *nix-tools, .NET, Batch-Files, CommandLine, cURL, Development, Power User, PowerShell, PowerShell, Scripting, Software Development, Windows, Windows 10, Windows 11, Windows 7, Windows 8, Windows 8.1, Windows Development, Windows Vista | Leave a Comment »
Posted by jpluimers on 2024/09/19
Reminder to check-out of the 2015 issue mentioned in the tweets below has been had any progress.
At the time of tweeting, choco has no notion of [Wayback/Archive] status.chocolatey.org which would be very helpful to point to in case of errors on time-outs on chocolatey server calls especially if it could interrogate and inform of maintenance windows and outages when things fail on the client side.
Read the rest of this entry »
Posted in .NET, Chocolatey, CommandLine, Development, PowerShell, PowerShell, Scripting, Software Development, Windows | Leave a Comment »
The Wiert Corner - irregular stream of stuff 