Thursday, May 2, 2013

PowerShell for your Network Adapter

Recently, I needed to buy a new computer for my development work. While I could have shopped around and bought either an earlier version of Windows, or just a good machine for a Linux distro. However, since the particular laptop I needed to replace was a Windows Vista box, I decided to stick with Windows and set my dev environment up the same way.

This is how I came to own a Windows 8 laptop. I now have a Windows 8 phone as well (thanks to T-Mobile NOT having a single Droid phone that I liked), and while it syncs well with my new laptop, it's a whole different domain of complaints. It is a complaint of my Windows 8 laptop that has caused me to right this long overdue entry to this blog: after my computer sleeps for some [apparently] arbitrary amount of time, my Wi-Fi adapter is disconnected and will not successfully reconnect. I should say that the adapater will not connect without disabling and then re-enabling the adapter. Since I am already playing around a bit with PowerShell, I figured, why not write a script that I can just run when needed. The following covers my efforts (successful efforts, of course!).

Before creating a PowerShell script, it is important to know if you can actually execute said script. As with almost everything else in Windows since the UAC was introduced, just logging in as an administrator doesn't automatically cause every process you start to have the same credentials. PowerShell scripts are no different, so here are a couple key points.

1. Your environment must allow for the running of the PowerShell scripts that you want to save and execute.
2. For writing and testing your scripts, I find it best to open PowerShell (either the command line or the ISE) with "Run as Administrator".

Number 2 above is easy...at least I hope it is for anyone who has read to at least this point of this entry. :-) However, Number 1 may cause some heartache for someone. So, and without a big long description of using PowerShell itself, to determine if you can save and execute PowerShell scripts:

PS C:\Get-ExecutionPolicy
...should return either "RemoteSigned" or "Unrestricted"
I tend to prefer the Unrestricted option while I am working.

To change the execution policy:
PS C:\Set-ExecutionPolicy unrestricted

Now that this is out of the way, time for the hard and complicated stuff.

Before I continue though, I want to report that I happen to like PowerShell. I have been tinkering with it in my tiny bit of free time (when I should probably be doing more with helping test SecurityOnion -- an absolutely AWESOME product!!!). Until today, I have been approaching PS from a standpoint of what it can/can't do for a pentest, flow data, and remote execution (from an SA standpoint). Today, I needed something quick that would let me avoid having to open up multiple windows and go through the disable/enable motions. Below is the fruit of this strenuous labor.

#***********************************************************
#RenewWiFi.ps1
#author: me
#notes: this was way too easy #***********************************************************
#disable Wi-Fi adapter and DO NOT show the confirm window
Disable-NetAdapter -Name wi-fi -Confirm:$false

#Re-enable adaptor Enable-NetAdapter -Name wi-fi #***********************************************************

...and that's it. Really, an actual script file isn't even needed to do this...but it let's me double-click once and get back to something REALLY important, checking on my Detroit Tigers!!!

dw