Insert Passwords for Powershell Script

ericl42 · May 23, 2019, 1:48pm

Hello,

I’m fairly new to Jupyter and have had been creating various Python playbooks which have worked very well. However, for Incident Response, I need to call PowerShell as well to access remote computers. To do this, I installed PowerShell on CentOS and started getting some basic commands working within Jupyter. Below is working code.

%%bash
pwsh -c '$computer_name = "xxxxx.domain.com";
new-item -ItemType Directory -Force -path /home/centos/Investigations/$computer_name/; 
$credentials = Import-Clixml -Path "/home/centos/cred.xml"; 
Invoke-Command -ComputerName $computer_name -Authentication Negotiate -Credential $credentials -ScriptBlock {Get-Service} | Where-Object {$_.status -eq "running"} | select-object Name, DisplayName, Status | out-file /home/centos/Investigations/$computer_name/Services.csv;
Invoke-Command -ComputerName $computer_name -Authentication Negotiate -Credential $credentials -ScriptBlock {schtasks /query /fo list /v} | out-file /home/centos/Investigations/$computer_name/ScheduledTasks.txt;
Invoke-Command -ComputerName $computer_name -Authentication Negotiate -Credential $credentials -ScriptBlock {tasklist /v} | out-file /home/centos/Investigations/$computer_name/TaskList.txt;
Invoke-Command -ComputerName $computer_name -Authentication Negotiate -Credential $credentials -ScriptBlock {netstat -naob} | out-file /home/centos/Investigations/$computer_name/Netstat.txt;
Invoke-Command -ComputerName $computer_name -Authentication Negotiate -Credential $credentials -ScriptBlock {Get-WmiObject Win32_NetworkConnection} | out-file /home/centos/Investigations/$computer_name/OutboundSessions.txt'

The issue I have with this is keeping the cred.xml file stored on the computer. I would like to make it where I interactively put in the username/password, but I"m not sure how to do that. I looked at using Python’s getpass module and moving these bash commands into os.system or subprocess, but I’m having some issues with that since I need to put in the username, password, and computer name variable and have them inserted into one long Powershell command.

Any help would be greatly appreciated.

ericl42 · May 23, 2019, 2:35pm

I actually found a decent way to do this that works but please let me know if this is the best method.

computername = input('Enter the computername including domain: ')
username = input('Enter your username: ')
password = getpass.getpass('Enter your password: ')

os.system("pwsh -c '$computer_name = \"" + computername + "\"; new-item -ItemType Directory -Force -path /home/centos/Investigations/$computer_name/;'")

os.system("pwsh -c '$username = \"" + username + "\"; $password = \"" + password + "\"; $userPassword = ConvertTo-SecureString -String \"" + password + "\" -AsPlainText -Force; $credentials = New-Object System.Management.Automation.PSCredential -ArgumentList $Username,$userpassword; Invoke-Command -ComputerName " + computername + " -Authentication Negotiate -Credential $credentials -ScriptBlock {netstat -naob} | out-file \"/home/centos/Investigations/" + computername + "/Netstat.txt\"'")

Topic		Replies	Views
PAM Authentication for admin created user General	1	642	October 2, 2019
Authentication with kerberos / AD JupyterHub	3	6391	November 15, 2021
Jupyter-server keeps asking for token login Notebook	1	2617	August 10, 2023
How do I pass the password in the URL for Jupyter? Notebook how-to	0	970	November 19, 2020
Jupyterhub LDAP bind password in encryption mode or passing it from a file JupyterHub jupyterlab , jupyterhub	3	159	January 11, 2024

Insert Passwords for Powershell Script

Related Topics