Get-History don't work - powershell

I have strange problem with new servers where is installed Windows Server 2016 Datacenter Core (Insider Preview 16257), Powershell 5.1. I can see all the commands used with up and down arrows, but I get nothing with Get-History cmdlet. Even when I enter some new cmdlets, Get-history did nothing at all. I need to save the history. I'm logged in with the same credentials. Thanks

Starting with Windows 10 / Server 2016, the PSReadline Module is included by default. This includes it's own per user history file. This file can be found with this command: (Get-PSReadlineOption).HistorySavePath.
This file is separate that than the per session history that is accessible with the Get-History command.

Related

Command line showing nothing no output

I have been studying privilege escalation on windows and came across some powershell script that look up vulnderabilties.
When i run these ( multiple scripts) I get no output while the documentation i find on them and video's all show output. Unless I specifically tell it to output it to a file,
This makes me think it has something to do with my system. I am running windows 7 64-bit on a local standard user.
For example i used:
https://github.com/rasta-mouse/Sherlock
and:
https://github.com/PowerShellEmpire/PowerTools/tree/master/PowerUp
Did you try to check if your current user has changed to Administrator ?Maybe there is a GPO or theses privileges esclations are not working for your version

Fetch 'Copyright' info field for an exe using commandline in Windows Server 2016

I am interested in getting the 'Copyright' information field using the cmd or PowerShell. Manually, it can be accessed by
RighClick the executable -> Properties -> Details -> Copyright
I am aware of the wmic datafile command,
wmic datafile where Name="C:\Windows\System32\cmd.exe" get
Manufacturer,Name,Version
but it does not give most of the detailed information from the Details tab in the file properties.
How do I get this info using cmd or PowerShell? I believe Python should be able to solve it easily, but sometimes it is not an option to install python on production server.
Powershell actually gives you a plethora of information in the VersionInfo property.
(Get-Item "C:\Windows\System32\cmd.exe").VersionInfo.LegalCopyright
Here is a technet article with more information if you need it.
https://blogs.technet.microsoft.com/askpfeplat/2014/12/07/how-to-correctly-check-file-versions-with-powershell/

Is it possible to log all powershell commands run on a machine?

We have some .net applications running on a server that run powershell scripts. Is there a setting where we can log every single powershell command run on that machine, without modifying our existing applications? I already tried start-transcript . That command only captures the commands run in the current session.
I believe Microsoft calls what you're after "Over the Shoulder Transcription". It's described here, and will be available in WMF5.

Server Core Installation of Windows Server 2012

I am new to server core installations so to understand them better I created a VM through Hyper V, installed Windows Server 2012 as Server Core. Accessed the computer and kept trying to run the Netdom.exe RenameComputer function.
I switched over to my main server and then switched back and I have lost the Command Line prompt.
How do I get this back? Cntrl+Alt+Del do not seem to have an option to launch it?
Press CTRL+ALT+DELETE, click Start Task Manager, click File, click Run, and then type cmd.exe. Alternatively, you can log off and log back on.
Press Ctrl+Shift+Escape to run Task Manager. Choose Expand Details, then File | Run | cmd.exe.
Or File | Run | powershell.exe if you want PowerShell instead of Command Prompt (which you should :-).

Check installed Windows Server Features with NSIS

I'm trying to install a custom build software on Windows Server 2008R2, 2008 and 2003. The software needs the "Desktop-Experience" feature from Windows to be installed.
I know I can check with servermanagercmd.exe (even though it's kind of cumbersome) in 2003 and 2008 - unfortunately, this does no longer work in 2008R2 (64bit) from inside an NSIS installer - it does work if I just run the command. Called from the installer, I'm getting a "servermanagercmd.exe is not recognized as an internal or external command, operable program or batch file."-error, even if I'm setting the working directory to c:\windows\system32 (yes, on a 64 bit machine, but there's no servermanagercmd.exe in sysWOW64).
Here's the line of code inside NSIS:
nsExec::ExecToStack 'servermanagercmd.exe -query | findstr "Desktop-Experience"'
In 2008R2, I thought the situation would actually improve, as PowerShell is now installed by default. However, when trying to get the information, I need to first load the ServerManager module inside PowerShell - but this module is not available for reading for Trusted Installer . So I'm facing the same situation again: If I'm running my powershell command from a command line, it works, but not from inside the NSIS installer.
Again, here's the line of code inside NSIS:
nsExec::ExecToStack 'powershell.exe "& "Import-Module ServerManager"'
The three(!) (double)quotation marks are actually correct.
So, does anybody know of a way to check whether Desktop-Experience is installed (and install it if not) in Windows Server 2008R2 from inside an NSIS installer? The solution does not need to work on Server2003 or 2008, because the string parsing from servermanagercmd.exe works there.
Are you using the macros in x64.nsh to turn off WOW64 redirection? (Or use "$windir\sysnative\servermanagercmd.exe")