Screenconnect commandline

From SWKLS WIKI
Jump to navigation Jump to search

Examples of various commandline and Powershell commands.

Contents

CLI Notes

Running Commands

There exist a few ways to issue CLI commands in ScreenConnect / Connectwise Control.

  • Right-Clicking on a session and choosing 'Run Command'
  • Clicking on the 'Commands' icon in the right-hand panel
  • Right-Clicking on a session, selecting 'Join With Options' and then selecting 'Backstage'

Normal (CMD) style commands do not require anything other than the command itself to be issued. Powershell commands require being prefaced with one of the two listed examples:

  • #!ps
  • powershell

Timeouts

Commands may time out if running for too long. The default time-out value can be overridden by using

#timout=90000

replacing 90000 with the desired interval.

Truncated Output

The output from a command may be truncated, but can be extended by overriding the default using

#maxlength=1000000

replacing 1000000 with desired output length.

Example of Options

1 #!ps
2 #timeout=90000
3 Get-Process sam* | Select-object name

Enable Remote Execution

1 Set-ExecutionPolicy RemoteSigned

Drive and File Operations

Show Drives and Space Usage

1 #!ps
2 get-psdrive -psprovider filesystem

List Drive Letters

1 wmic logicaldisk get caption

Create folder, set local NTFS permissions to everyone, network share permissions to 'scan' user

1 mkdir c:\scan
2 icacls "C:\scan" /grant Everyone:(OI)(CI)F
3 net share scan=c:\scan /GRANT:scan,FULL
4 Share C: as pcx_c to my_username
5 net share pcx_c=c:\ /GRANT:my_username,FULL

Share profile directory to my_username

1 net share user_prof=c:\users\my_username /GRANT:username,FULL

Unshare pcx_c

1 NET SHARE pcx_c /Y /delete

Get Free Disk Space

1 #!ps
2 #timeout=90000
3 $disk = Get-WmiObject Win32_LogicalDisk -Filter "DeviceID='C:'" | Select-Object Size, FreeSpace
4 Write-Host ("{0}GB total" -f [math]::truncate($disk.Size / 1GB))
5 Write-Host ("{0}GB free" -f [math]::truncate($disk.FreeSpace / 1GB))

Check for Bad Blocks or NTFS Corruption

 1 #!ps
 2 #timeout=90000
 3 Get-EventLog -Newest 10 -LogName "System" -EntryType Error -Source "Ntfs"
 4 
 5 
 6 #!ps
 7 #timeout=90000
 8 Get-EventLog -Newest 10 -LogName "System" -EntryType Error -Source "Disk"
 9 
10 
11 #!ps
12 #timeout=90000
13 Get-EventLog -Newest 10 -LogName "System" -EntryType Error -Source "Ntfs" | select -ExpandProperty message
14 
15 
16 #!ps
17 #timeout=90000
18 Get-EventLog -Newest 10 -LogName "System" -EntryType Error -Source "Disk" | select -ExpandProperty message


Check if disk is marked as dirty

1 fsutil dirty query c:

Mark disk as dirty to force check at restart

1 fsutil dirty set C:

File Downloads & Creation

Download a file to a directory (full paths required)

1 #!ps
2 [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
3 (new-object System.Net.WebClient).Downloadfile("http://myurl.com/somefile.jpg", "C:\Users\bob\Desktop\somefile.jpg")

Download a large file to a directory (full paths required)

1 #!ps
2 #timeout=9000000
3 [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
4 (new-object System.Net.WebClient).Downloadfile("http://myurl.com/large.zip", "C:\temp\large.zip")

Create a file and write contents

1 #!ps
2 new-item c:\users\director\Desktop\login.txt
3 set-content c:\users\director\Desktop\login.txt 'myaccount@readinks.info mysecretpassword'

Create a Desktop shortcut to a folder

1 #!ps
2 $TargetFile = "C:\scan\"
3 $ShortcutFile = "$env:Public\Desktop\folder.lnk"
4 $WScriptShell = New-Object -ComObject WScript.Shell
5 $Shortcut = $WScriptShell.CreateShortcut($ShortcutFile)
6 $Shortcut.TargetPath = $TargetFile
7 $Shortcut.Save()

Hyper-V

List Hyper-V VMs and file paths

1 #!ps
2 #timeout=90000
3 get-vm | Get-VMHardDiskDrive | select vmname, path

Miscellaneous Commands

Retrieve Serial Number

1 wmic bios get serialnumber

Set Power Options (Always On)

1 powercfg -x monitor-timeout-ac 0
2 powercfg -x disk-timeout-ac 0
3 powercfg -x standby-timeout-ac 0
4 powercfg -x hibernate-timeout-ac 0

Show Wireless Signal Strength

1 #timeout=720000
2 #maxlength=10000
3 netsh wlan show networks mode=bssid

Change / Activate Wireless Profile

1 netsh wlan connect name=LibSec

Refresh General Info Tab

 1 #!ps
 2 #maxlength=100000
 3 #timeout=90000
 4 echo "INFORMATIONREQUEST-RESPONSE/1"
 5 echo "CommandType: General"
 6 echo "ContentType: xml"
 7 echo ""
 8 $Host.UI.RawUI.BufferSize = New-Object Management.Automation.Host.Size (500, 25)
 9 $computer = get-wmiobject win32_computersystem | select Manufacturer, Model
10 $bios = get-wmiobject win32_bios | select Name, SerialNumber
11 write-output $computer.Manufacturer, $computer.Model, $bios.Name, $bios.SerialNumber| ConvertTo-Xml -As Stream

Check Version/InstallDate of a Program

1 #!ps
2 #timeout=15000
3 Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Where { $_.DisplayName -eq "Program_Name" } | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate

Enable WinRM for Remote Management

1 winrm.cmd quickconfig -q

Retreive Monitor Information (manufacturer, model, serial[not a complete serial])

 1 #!ps
 2 $Monitors = Get-WmiObject WmiMonitorID -Namespace root\wmi
 3 
 4  function Decode {
 5      If ($args[0] -is [System.Array]) {
 6          [System.Text.Encoding]::ASCII.GetString($args[0])
 7      }
 8      Else {
 9          "Not Found"
10      }
11  }
12     
13  echo "Manufacturer, Name, Serial"
14     
15  ForEach ($Monitor in $Monitors) {  
16      $Manufacturer = Decode $Monitor.ManufacturerName -notmatch 0
17      $Name = Decode $Monitor.UserFriendlyName -notmatch 0
18      $Serial = Decode $Monitor.SerialNumberID -notmatch 0
19     
20      echo "$Manufacturer, $Name, $Serial"
21  }

Network

Find DNS Cache Entries for Domain

1 #!ps
2 #timeout=90000
3 Get-DnsClientCache -Name "*auto-graphics.com*" | Format-Table Entry, Data

Check Network Location

1 #!ps
2 #maxlength=5000
3 #timeout=600000
4 Get-NetConnectionProfile

Change Network Location to Private

1 #!ps
2 #maxlength=5000
3 #timeout=600000
4 Get-NetConnectionProfile -NetworkCategory 'Public' | Set-NetConnectionProfile -NetworkCategory 'Private'

Processes and Services

Show Processes Names Like X

1 #!ps
2 Get-Process sam* | Select-object name

Test if Service is Running

1 #!ps
2 (Get-Service -Name 'Spooler').Status -eq 'Running'

Stop / Start Service

1 net stop "Service_Name"
2 net start "Service_Name"

Show Registered Services Name Like 'sam'

1 sc queryex type= service state= all | find /i "sam"

Show Detail of Service Name 'SamClientManager'

1 sc queryex SamClientManager

Show Running Processes

1 tasklist

Kill Process

1 tskill ProcessID or ProcessName
2 Example: tskill notepad
3 Example: tskill 6543

Printers

Show default printer

1 #!ps
2 Get-WmiObject -Query "SELECT * FROM Win32_Printer WHERE Default=$true"

Set default printer

1 #!ps
2 (Get-WmiObject -ComputerName . -Class Win32_Printer -Filter "Name='HP Color LaserJet Pro MFP M477 PCL 6'").SetDefaultPrinter()

Remove Printers

1 printui.exe /dl /n "Fax" /q
2 printui.exe /dl /n "Microsoft XPS Document Writer" /q
3 printui.exe /dl /n "Send To OneNote 2016" /q

Add printer port

1 Cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prnport.vbs -a -r IP_192.168.24.132 -h 192.168.24.132 -o raw -n 9100

Change printer port

1 cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prncnfg.vbs -t -p "Brother HL-2270DW" -r IP_192.168.24.132

Rename printer

1 cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prncnfg.vbs -x -p "NPI3AEC0A (HP Color LaserJet CM1312nfi MFP)" -z "HP CM1312"

List print drivers (may truncate)

1 cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prndrvr.vbs -l

List printer configuration

1 cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prncnfg.vbs -g -p "hp LaserJet 1300 PCL 5"

Clear print queue

1 net stop spooler
2 del %systemroot%\System32\spool\printers\* /Q /F /S
3 net start spooler

Find printers with WSD port

1 wmic printer where "PortName LIKE 'WSD%%'" get name,portname

Delete printers with WSD port

1 wmic printer where "PortName LIKE 'WSD%%'" delete

Disable Auto Install of Network Devices (WSD Printer Ports, etc.)

1 reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\NcdAutoSetup\Private" /v "AutoSetup" /t REG_SZ /d "0" /f

RDP

Enable RDP

1 reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f

RDP Firewall Exception

1 netsh advfirewall firewall set rule group="remote desktop" new enable=Yes

Add non-admin user to RDP group

1 NET LOCALGROUP "Remote Desktop Users" patron /ADD

SAM

Various commands for SAM time & print management software

SAM Local Server

Open port 100

1 netsh advfirewall firewall add rule name="SAM10 Port 100" dir=in action=allow protocol=TCP profile=any localport=100

Allow FTP access

1 netsh advfirewall firewall add rule name="FTP (no SSL)" action=allow protocol=TCP dir=in profile=any localport=21
2 netsh advfirewall set global StatefulFtp enable

Stop and Start FTP service

1 net stop ftpsvc
2 net start ftpsvc

SAM Clients

Enable / Disable / Show Firewall state (for testing !!!)

1 NetSh Advfirewall set allprofiles state off
2 NetSh Advfirewall set allprofiles state on
3 Netsh Advfirewall show allprofiles

Set permissions on SAM_10 folder(s)

1 icacls "C:\Program Files\SAM_10" /grant Everyone:(OI)(CI)F
2 icacls "C:\Program Files (x86)\SAM_10" /grant Everyone:(OI)(CI)F

Set permissions on ACM and SAM folder (staff machines or SAM9 clients)

1 icacls "C:\ACM" /grant Everyone:(OI)(CI)F
2 icacls "C:\SAM" /grant Everyone:(OI)(CI)F

Check ACL Permissions on C:\SAM Folder

1 #!ps
2 get-acl c:\sam | format-list


Allow port 2002 TCP traffic

1 netsh advfirewall firewall add rule name="SAM Client Port 2002" dir=in action=allow protocol=TCP profile=any localport=2002

Check for Listening Port 2002 on Local Machine

1 netstat -a -n

Check for Listening Port 2002 on Local Machine (Powershell 4+)

1 #!ps
2 #timeout=90000
3 Test-NetConnection -ComputerName localhost -Port 2002

Check for Firewall Rule Port 2002 (Powershell 4+)

1 #!ps
2 #timeout=9000
3 Get-NetFirewallPortFilter Protocol TCP | Where { $_.localport eq 2002 } | Get-NetFirewallRule

Determine if SAM client or SAM printing processes are running

1 tasklist /fi "Imagename eq SamClient10.exe"
2 tasklist /fi "Imagename eq SamPrinting.exe"

Check for existence of themes folder via ScreenConnect CLI

1 dir "C:\Program Files\SAM_10\Themes"

Kill all SAM processes

1 #!ps
2 #timeout=90000
3 Stop-Process -processname sam* -Force

Scheduled Tasks

Create a task to reboot PC at 5AM

1 schtasks /create /ru SYSTEM /sc daily /tn restart /tr "shutdown -r -f -c ""restart""" /st 05:00

Check for the existence of task named 'restart'

1 schtasks /Query /tn restart

Remove task named 'restart'

1 schtasks /delete /tn restart /f


Time

See Current Timezone

1 #!ps
2 [System.TimeZone]::CurrentTimeZone

User Accounts

Add User Account

1 net user /add Bob bobspassword

Set User password to never expire

1 WMIC USERACCOUNT WHERE "Name='Bob'" SET PasswordExpires=FALSE

Add or Delete user to / from Administrators group

1 net localgroup administrators Bob /add
2 net localgroup administrators Bob /delete

Disable and account

1 net user "Administrator" /active:no

Diable Password Expiration

1 net accounts /maxpwage:unlimited

VPN

===List VPN Phonebook Entries

1 #!ps
2 Get-VpnConnection -AllUserConnection

Import Certificate to Root store

1 #!ps
2 Import-Certificate -CertStoreLocation cert:\LocalMachine\Root -Filepath "C:\Users\myuser\Documents\cert_export_ca.crt"

Create SSTP VPN Connection to IP 100.100.100.100 on port 4430

1 #!ps
2 Add-VpnConnection -Name "MyVPN SSTP" -ServerAddress "100.100.100.100:4430" -TunnelType "Sstp" -EncryptionLevel "Required" -AuthenticationMethod MSChapv2 -AllUserConnection -RememberCredential

View cert with DnsName of 100.100.100.100

1 #!ps
2 #timeout=90000
3 SET-LOCATION CERT:\LOCALMACHINE\ROOT; get-childitem -dnsname '100.100.100.100'

Remove Cert with DnsName of 100.100.100.100

1 #!ps
2 Get-ChildItem cert:\LocalMachine\Root -dnsname '100.100.100.100' | Remove-Item