- Toe fa'aaogaina WinRM/WS-Man (HTTP/HTTPS) ma fa'ataga le 1-i-1, 1-to-tele, ma fa'aauau sauniga fa'atasi ma le puipuiga malu.
- Enable-PSRemoting configures le 'auʻaunaga, faʻalogo, ma firewall; HTTPS mana'omia se tusi faamaonia ma CN/SAN fetaui.
- O i'uga ua toe fa'afo'i fa'alilolilo; o lo'o fa'aogaina auala i totonu o le scriptblock mamao ma o fa'ailoga masani e fa'aaogaina mo le tu'uina atu lelei.
Atonu ua uma ona e otometi le tele o galuega i le PowerShell i le lotoifale, ae o fea e te faia E faia e le PowerShell Remoting le eseesega O le taimi e te faʻatautaia ai faʻatonuga i masini mamao, pe toalaiti pe selau, fefaʻasoaaʻi pe tutusa. O lenei tekinolosi, avanoa talu mai le Windows PowerShell 2.0 ma faʻaleleia talu mai le 3.0, e faʻavae i luga ole WS-Management (WinRM) ma tagata liliu mai. PowerShell i totonu o se auala fa'afoe mamao e malosi, fa'alautele ma malupuipuia.
Muamua lava, e taua le malamalama i manatu autu e lua: cmdlets with -Fa'aigoa Komepiuta (fa'ata'ita'iga, Get-Process or Get-Service) e le o se auala umi na fautuaina e Microsoft, ma e le galue le PowerShell Remoting o se "hack." Ae o le mea moni, fa'amalosia le fa'amaoni fa'atasi, fa'amaumauga su'etusi ma fa'aaloalo i au fa'atagaga masani, e aunoa ma le teuina o fa'amaumauga po'o le fa'aogaina fa'amaneta so'o se mea e iai fa'amanuiaga sili.
O le a le PowerShell Remoting ma aisea e fa'aaogaina ai?
con Faʻaleleia o le PowerShell e mafai fa'atino toetoe lava o so'o se fa'atonuga mamao e mafai ona e fa'alauiloa i se sauniga fa'apitonu'u, mai au'aunaga su'esu'e i le fa'atinoina o fa'atonuga, ma faia i luga o le selau o komepiuta i le taimi e tasi. E le pei o cmdlets e talia -ComputerName (tele e faʻaaoga DCOM/RPC), Remoting malaga mai WS-Man (HTTP/HTTPS), lea e sili atu ona fa'auo i le firewall, fa'ataga le tutusa ma le fa'agaoioiga e galue i le tagata talimalo mamao, ae le o le kalani.
O lenei mea e fa'aliliuina i ni fa'amanuiaga fa'atino e tolu: sili atu le fa'atinoga i fa'atinoga tetele, fa'aitiitia fe'ese'esea'iga i feso'ota'iga faʻatasi ai ma tulafono faʻasaʻo ma se faʻataʻitaʻiga saogalemu e ogatasi ma Kerberos/HTTPS. E le gata i lea, e ala i le le faʻalagolago i cmdlet taʻitasi e faʻatino lona lava mamao, Remoting E aoga mo so'o se tusitusiga po'o se matafaioi o lo'o avanoa i le mea e alu i ai.
Ona o le faaletonu, Windows Servers lata mai e sau ma le Remoting enabled; i totonu Windows 10/11 e te fa'agaoioia ma se cmdlet tasi. Ma ioe, e mafai ona e faʻaogaina isi faʻamaoniga, sauniga faifaipea, faʻailoga masani, ma isi mea.
Fa'aaliga: O le aveeseina e le tutusa ma le tatalaina o mea uma. Ona o le faaletonu, na'o pule E mafai ona latou faʻafesoʻotaʻi, ma faʻatino gaioiga i lalo o latou faʻasinomaga. Afai e te mana'omia le tu'ufa'atasiga lelei, o fa'ailoga fa'aleaganu'u e mafai ai ona e fa'aalia na'o tulafono taua.
Auala e galue ai i totonu: WinRM, WS-Man ma ports
E galue le PowerShell Remoting i se fa'ata'ita'iga a tagata-server. E auina atu e le kalani talosaga WS-Management e ala i HTTP (5985/TCP) poʻo le HTTPS (5986/TCP). I luga o le taulaiga, o le Windows Remote Management (WinRM) auaunaga e faʻalogo, foia le pito (faʻatulagaina o sauniga), ma faʻafeiloaʻi le PowerShell sauniga i tua (wsmprovhost.exe process), toe fa'afo'i fa'ai'uga fa'asologa i le kalani i le XML e ala i le SOAP.
O le taimi muamua e te fa'aagaina ai le Remoting, fa'afofoga fa'afofoga fa'afofoga, tatala le fa'amatu'u o le firewall talafeagai, ma fa'atupuina fa'asologa o sauniga. Mai le PowerShell 6+, e tele lomiga o lo'o ola fa'atasi, ma Enable-PSRemoting Lesitala pito pito i igoa e atagia ai le lomiga (mo se faataitaiga, PowerShell.7 ma PowerShell.7.xy).
Afai e te faatagaina HTTPS i lou siosiomaga, e mafai ona e fatuina se fa'alogo saogalemu fa'atasi ai ma se tusi fa'amaonia na tu'uina atu e se CA fa'alagolago (fautua). I le isi itu, o le isi filifiliga o le faʻaaogaina o TrustedHosts i se faʻatapulaʻaina, faʻalavelave faʻapitoa, mo faʻataʻitaʻiga kulupu poʻo komepiuta e le faʻaogaina.
Manatua o le Powershell Remoting e mafai ona ola faʻatasi ma cmdlets ma -ComputerName, ae Ua tuleia e Microsoft le WS-Man e pei o le tulaga masani ma le lumanaʻi-faʻamaonia auala mo pulega mamao.
Fa'agaoioi le PowerShell Remoting ma Fa'aoga Fa'atatau
I luga o Windows, naʻo le tatalaina o le PowerShell e avea ma pule ma tamoe Enable-PSRemoting. O le faiga e amata WinRM, configures autostart, e mafai ai e le tagata faʻalogo, ma fatuina tulafono faʻapipiʻi talafeagai. I luga o tagata o loʻo iai se faʻamatalaga fesoʻotaʻiga lautele, e mafai ona e faʻatagaina ma le loto i ai -SkipNetworkProfileCheck (ona faʻamalosia lea i tulafono faʻapitoa):
Enable-PSRemoting
Enable-PSRemoting -Force
Enable-PSRemoting -SkipNetworkProfileCheck -Force
E mafai foi e le syntax, -Faamautu y -Fa'afefea mo le puleaina o suiga. Manatua: E na'o Windows e maua, ma e tatau ona e faʻatautaia le faʻamafanafanaga maualuga. O tulafono na faia e eseese i le va o le Server ma le Client lomiga, aemaise lava i luga o fesoʻotaʻiga lautele, pe a le mafai ona faʻatapulaʻaina i le subnet i le lotoifale seʻi vagana ua e faʻalauteleina le lautele (mo se faʻataʻitaʻiga, Set-NetFirewallRule).
Ina ia lisiina faʻamaumauga o sauniga ua uma ona faamaumauina ma faʻamaonia ua saunia mea uma, faʻaoga Maua-PSSessionConfigurationAfai e aliali mai le PowerShell.x ma Workflow endpoints, o le Remoting framework o loʻo faʻaogaina.
Fa'aoga auala: 1 i le 1, 1 i le tele, ma sauniga faifai pea
A e manaʻomia se faʻamafanafanaga fesoʻotaʻi i luga o se komepiuta e tasi, liliu i Ulufale-PSSessionO le a aliali mai le faʻamalosi, ma o mea uma e te faʻatinoina o le a alu i le talimalo mamao. E mafai ona e toe fa'aogaina fa'amaoniga i le Get-Credential e 'alofia ai le toe fa'aofiina i taimi uma:
$cred = Get-Credential
Enter-PSSession -ComputerName dc01 -Credential $cred
Exit-PSSessionAfai o le mea o loʻo e suʻeina o le tuʻuina atu lea o poloaiga i le tele o komepiuta i le taimi e tasi, o le meafaigaluega Faʻasalaga-Poloaiga ma se poloka mau. E ala i le le mafai, e faʻalauiloa i luga ole 32 fesoʻotaʻiga faʻatasi (faʻafetaui ma -ThrottleLimit). O i'uga e toe fa'afo'i mai e pei o mea fa'aleaga (e aunoa ma auala "ola"):
Invoke-Command -ComputerName dc01,sql02,web01 -ScriptBlock { Get-Service -Name W32Time } -Credential $credMana'omia le fa'aogaina o se metotia pei ole .Stop() po'o le .Start()? Fai loa. totonu o le scriptblock i le tulaga mamao, ae le o le mea i le lotoifale deserialized, ma o le mea lena. Afai ei ai se cmdlet tutusa (Stop-Service/Start-Service), e masani lava ona lelei le faʻaaogaina mo le manino.
Ina ia aloese mai le tau o le amataina ma le fa'ai'uga o sauniga i valaau ta'itasi, fai se PSSession faifai pea ma toe fa'aoga i le tele o talosaga. Fa'aaoga le New-PSSession e fai ai le feso'ota'iga, ma fa'aoga Invoke-Command-Session e toe fa'aoga ai le alavai. Aua nei galo e tapuni i le Aveese-PSSession pe a uma.
Fa'asologa, tapula'a ma faiga lelei
O se faʻamatalaga taua: pe a faimalaga, mea "+faʻamafola" ma taunuu mai fa'ata'ita'iga fa'aleaga, ma meatotino ae leai ni metotia. O lenei mea e faʻamoemoeina ma faʻasaoina le bandwidth, ae o lona uiga e le mafai ona e faʻaogaina tagata o loʻo faʻatinoina manatu (pei o .Kill()) i luga o le kopi i le lotoifale. E manino le fofo: faʻaogaina na metotia. i maotua ma afai e te manaʻomia naʻo ni vaega faʻapitoa, faʻamama ma Select-Object e lafo faʻaitiitia faʻamatalaga.
I tusitusiga, aloese mai le Ulufale-PSSession (faʻamoemoe mo le faʻaogaina o fesoʻotaʻiga) ma faʻaoga Invoke-Command ma poloka tusitusiga. Afai e te faʻamoemoe i le tele o telefoni pe manaʻomia le faʻasaoina o le setete (suiga, faʻaulufaleina modules), fa'aaoga sauniga faifai pea ma, pe a talafeagai, motusia / toe faʻafesoʻotaʻi i latou i le Disconnect-PSSession/Connect-PSSession i le PowerShell 3.0+.
Fa'amaoniaga, HTTPS, ma Fa'aaliga Fa'asao-Domain
I totonu o se vaega, o le fa'amaoni fa'ale-aganu'u Kerberos Ma o mea uma e tafe. A le mafai e le masini ona faʻamaonia le igoa o le server, pe e te faʻafesoʻotaʻi i se CNAME IP poʻo se igoa, e te manaʻomia se tasi o nei filifiliga e lua: 1) Faʻalogo HTTPS ma tusi faamaonia tu'uina atu e le CA e te fa'atuatuaina, po'o le 2) fa'aopoopo le taunu'uga (igoa po'o le IP) i TrustedHosts ma fa'aoga fa'ailogaO le filifiliga lona lua e faʻagata ai le faʻamaoniaina o le tasi mo lena talimalo, o lea e faʻaitiitia ai le lautele i le pito sili ona manaʻomia.
O le faʻatulagaina o se faʻalogo HTTPS e manaʻomia ai se tusi faamaonia (lelei mai lau PKI poʻo se CA lautele), faʻapipiʻi i le faleoloa a le au ma fusia i WinRM. Ona tatala lea o le Port 5986/TCP i le pa puipui ma, mai le kalani, fa'aaoga. -UseSSL i cmdlets mamao. Mo le fa'amaoniga o le tusipasi a le tagata o tausia, e mafai ona e fa'afanua se tusipasi i se tala fa'apitonu'u ma fa'afeso'ota'i ma -CertificateThumbprint (Enter-PSSession e le talia sa'o lenei mea; fai le sauniga muamua ma New-PSSession.)
O le oso lona lua ma le tu'uina atu o fa'amaoniga
O le lauiloa "double hop" e aliali mai pe a uma ona faʻafesoʻotaʻi i se 'auʻaunaga, e te manaʻomia lena 'auʻaunaga e faʻaoga a punaoa lona tolu e fai ma ou sui (fa'ata'ita'iga, se sea SMB). E lua auala e fa'ataga ai lenei mea: CredSSP ma fa'atatau i puna'oa fa'atulafonoina Kerberos.
con CredSSP E te fa'atagaina le kalani ma le tagata faufautua e tu'u sa'o mai fa'amaoniga, ma e te setiina se faiga fa'avae (GPO) e fa'ataga ai le tu'uina atu i komepiuta patino. E vave ona fetuutuuna'i, ae le malu puipuia ona o fa'ailoga e fealua'i i tusitusiga manino i totonu o le alāvai fa'ailoga. Faatapulaa i taimi uma puna ma taunuuga.
O le mea e sili ona fiafia i ai ile vaega ole taofiofia le aumalaga a Kerberos (tulaga fa'atauva'a fa'avae puna'oa) i aso nei AD. Ole mea lea e fa'atagaina ai le fa'ai'uga e fa'alagolago ile mauaina o le tu'uina atu mai le ogatotonu mo auaunaga fa'apitoa, aloese mai le fa'aalia o lou fa'asinomaga ile ulua'i feso'ota'iga. E mana'omia ni pule'aga lata mai ma se RSAT fa'afouina.
Fa'ailoga Fa'apitoa (Fa'atonuga o Sauniga)
O se tasi o mea taua a Remoting o le mafai lea ona resitalaina nofoaga fesoʻotaʻi ma fetaui lelei ma tapulaa. Muamua e te fatuina se faila i le New-PSSessionConfigurationFile (modules e preload, galuega vaaia, aliases, ExecutionPolicy, LanguageMode, ma isi), ona e lesitalaina lea i le Register-PSSessionConfiguration, lea e mafai ona e setiina RunAsCredential ma fa'atagaga (SDDL po'o le GUI fa'atasi ma -ShowSecurityDescriptorUI).
Mo le saogalemu o le tuʻuina atu, faʻaalia naʻo mea e manaʻomia ile -VisibleCmdlets/-VisibleFunctions ma faʻamalo le tusitusi saoloto pe a talafeagai ma Gagana Fa'atapula'aina Gagana pe leai se Gagana. Afai e te tuua le FullLanguage, e mafai e se tasi ona faʻaogaina se poloka tusitusiga e faʻaogaina ai tulafono e leʻi faʻaalia, lea, faʻatasi ma RunAs, o le a avea ma pu. Fua nei mea fa'ai'uga i se selu-nifo lelei ma fa'amaumau lo latou lautele.
Domains, GPOs, ma Groupware
I le AD e mafai ona e faʻaogaina le Powershell Remoting i le fua faʻatasi ma le GPO: faʻatagaina le faʻaogaina otometi a WinRM faʻalogologo, seti le tautua ile Automatic, ma faia le tuusaunoaga firewall. Manatua o GPO e suia tulaga, ae latou te le o taimi uma latou te kiina le auaunaga i le taimi lava lena; o nisi taimi e te manaʻomia e toe amata pe faʻamalosi se gpupdate.
I totonu o kulupu faigaluega (e le o se vaega), configure Remoting ma Enable-PSRemoting, seti TrustedHosts i luga o le kalani (winrm set winrm/config/client @{TrustedHosts=»host1,host2″}) ma faʻaoga faʻamatalaga i le lotoifale. Mo HTTPS, e mafai ona e faʻapipiʻi tusi pasi saini a le tagata lava ia, e ui lava e fautuaina e faʻaaoga se CA faʻalagolago ma fa'amaonia le igoa e te fa'aogaina i totonu -ComputerName i le tusi faamaonia (CN/SAN match).
Fa'asinomaga autu ma le syntax
O le lima o commandos e ufiufi ai le 90% o fa'aaliga o aso ta'itasi. E fa'agaoioi/fa'ate'aina:
Enable-PSRemoting
Disable-PSRemotingSauniga fegalegaleai 1 i le 1 ma alu ese:
Enter-PSSession -ComputerName SEC504STUDENT
Exit-PSSession1 i le tele, fa'atasi ai ma fa'ailoga:
Invoke-Command -ComputerName dc01,sql02,web01 -ScriptBlock { Get-Service W32Time } -Credential $credSauniga faifai pea ma toe fa'aoga:
$s = New-PSSession -ComputerName localhost -ConfigurationName PowerShell.7
Invoke-Command -Session $s -ScriptBlock { $PSVersionTable }
Remove-PSSession $sSu'ega ma WinRM aoga:
Test-WSMan -ComputerName host
winrm get winrm/config
winrm enumerate winrm/config/listener
winrm quickconfig -transport:httpsFa'amatalaga fa'ata'ita'i ile firewall, network ma ports
Tatala le 5985/TCP mo HTTP ma le 5986/TCP mo HTTPS i luga ole komipiuta fa'atatau ma luga. so'o se pa puipui vavaloI luga o tagata fa'atau Windows, Enable-PSRemoting e fatuina tulafono mo fa'alapotopotoga ma fa'amatalaga patino; mo fa'amatalaga fa'alaua'itele, e fa'atapula'a i le subnet fa'apitonu'u se'i vagana ua e suia le lautele ile Set-NetFirewallRule -RemoteAddress Any (se tau e mafai ona e iloiloina e fa'atatau i lou tulaga lamatia).
Afai e te fa'aogaina SOAR/SIEM tu'ufa'atasiga o lo'o fa'atautaia tulafono mamao (fa'ata'ita'iga mai le XSOAR), ia mautinoa o lo'o i ai i le 'au'aunaga. DNS iugafono i le au talimalo, feso'ota'iga i le 5985/5986, ma fa'amaoniga e lava fa'atagaga fa'alotoifale. I nisi tulaga, ole NTLM/Basic authentication e ono mana'omia se fetuutuuna'i (fa'ata'ita'iga, fa'aaoga se tagata fa'apitonu'u ile Basic with SSL).
Fa'aaga-PSRemoting Parameters (Otootoga Fa'agaioiga)
- Fa'amaonia talosaga mo se fa'amaoniga a'o le'i fa'atinoina; - Malosi ua le amanaiaina lapataiga ma faia suiga talafeagai; -SkipNetworkProfileCheck e mafai ai le Remoting i luga o fesoʻotaiga a tagata lautele (faʻatapulaʻa ona o le faaletonu ile subnet i le lotoifale); -WhatIf faʻaali atu ia te oe le mea e tupu e aunoa ma le faʻaaogaina o suiga. E le gata i lea, pei o soʻo se cmdlet masani, e lagolagoina tapula'a masani (-Verbose, -ErrorAction, ma isi).
Manatua o le "Enable" e le fatuina ai le au faʻalogo HTTPS poʻo ni tusi faamaonia mo oe; pe afai e te manaʻomia faʻamatalaga faʻamaufaʻailoga mai le amataga ma le faʻamaoniga e faʻavae i luga tusi faamaonia, fetuutuunai le HTTPS faʻalogo ma faʻamaonia CN / SAN e faasaga i le igoa o le a e faʻaogaina i totonu -ComputerName.
Fa'aoga WinRM ma le PowerShell Remoting Poloaiga
O nisi mea taua i autafa o le moega mo le olaga i aso uma:
winrm get winrm/config
winrm enumerate winrm/config/listener
Set-NetFirewallRule -Name 'WINRM-HTTP-In-TCP' -RemoteAddress Any
Test-WSMan -ComputerName host -Authentication Default -Credential (Get-Credential)
New-PSSession -ComputerName host
Enter-PSSession -ComputerName host
Enable-PSRemoting -SkipNetworkProfileCheck -ForcePe a pulea Windows i le fua, Remoting e mafai ai ona e alu ese mai le "komepiuta-i-komepiuta" i se auala faʻaalia ma saogalemu. E ala i le tuʻufaʻatasia o sauniga faifai pea, faʻamaoniga malosi (Kerberos/HTTPS), faʻatapulaʻaina pito, ma faʻailoga manino mo faʻamaʻi, e te maua le saoasaoa ma le pulea e aunoa ma le ositaulagaina o le puipuiga po o le sueina faasuetusi. Afai e te faʻatulagaina foʻi le GPO activation ma faʻatautaia mataupu faʻapitoa (TrustedHosts, double hop, tusipasi), o le ae maua se faʻavae mamao mamao mo gaioiga i aso uma ma tali faʻalavelave.
Fa'atonu fa'apitoa i fa'amatalaga fa'atekonolosi ma initaneti ma le sili atu ma le sefulu tausaga o le poto masani i fa'asalalauga fa'atekinolosi eseese. Sa ou galue o se faatonu ma fatuga o mataupu mo e-pisinisi, fesoʻotaʻiga, maketi i luga ole laiga ma kamupani faʻasalalauga. Na ou tusia foi i luga o le tamaoaiga, tupe ma isi vaega upega tafaʻilagi. O laʻu galuega o loʻu fiafia foi. O lenei, e ala i aʻu tusiga i Tecnobits, Ou te taumafai e suʻesuʻe uma tala fou ma avanoa fou e ofoina mai e le lalolagi o tekinolosi ia i tatou i aso uma e faʻaleleia ai o tatou olaga.