Saturday, February 2, 2013

PowerShellASP: Combining PowerShell, ASP, and HTML using IIS 7.x


PowerShellASP websites have the ability to run PowerShell on remote computers, much the same way as using -computername and -credential.  The site can detect the visitors client and retrieve information about their computer in order for the restricted user to perform elevated functions like install IP-based printers.

Here is a sample .ps1x file portion which creates a web form, asks for a username and password which is able to connect via RWMI, detects the visitors IP address, which OS they're using, connects to it using remote WMI and displays the Windows version in the web browser.  This is just a sample of what system administrators can do via this great product.  I encourage those who wish to automate processes and give limited elevated functionality to their users to visit the PowerShell ASP website and leverage this tool.

<form method="POST" action="" enctype="multipart/ form-data">
Username:  <input type=text name="username" size="20"value="<%=$request['username']%>" />
Password: <input type=password name="password" size="20" value="<%=$request['password']%>" />
<input type=submit  value="Check OS Version" />
</form>
<%
if($request.HttpMethod -eq "POST") {
$remotehost = [net.IPAddress]::Parse($request.UserHostAddress)
$remoteIP = [System.Net.Dns]::GetHostAddresses($remotehost)| ? {$_.AddressFamily -eq "InterNetwork"}
$username = ("$remoteip" + "\" + $request['username'])
$securePassword = ConvertTo-SecureString $request['password'] -AsPlainText -Force
$Credentials = New-Object System.Management.Automation.PsCredential($username,$securePassword)
$session = new-PSSession -credential $Credentials -computer 192.168.1.145
$command = {Gwmi -Class Win32_OperatingSystem|convertto-html -fragment -property version}
$remote = Invoke-Command -session $session -scriptblock $command
write-host $remote}
%>

No comments: