How to improve the script?

Welcome Forums General PowerShell Q&A How to improve the script?

Viewing 9 reply threads
  • Author
    Posts
    • #192214
      Participant
      Topics: 1
      Replies: 2
      Points: 17
      Rank: Member

      I am a complete layman so I can’t do it alone. I don’t know anything about PS However, the task seems to be simple.
      I have a script – but you can only process single files with it at a time. I would like to be able to use it for several files at once – just e.g. for * .xxx in the directory. The output files may have the same name.
      Can someone modify this script or give me a different one that will apply the first to all files in a given location at once?
      Thank you in advance for any help. Here is the script:

      # Usage: ps\xorcrypt.ps1 bin\input.bin bin\output.bin
      
      param (
      [Parameter(Mandatory=$true)]
      [string] $file1, #First File
      [Parameter(Mandatory=$true)]
      [string] $out #Output File
      ) #end param
      
      [Environment]::CurrentDirectory = (Get-Location -PSProvider FileSystem).ProviderPath
      $file1_b = [System.IO.File]::ReadAllBytes($file1)
      $xord_byte_array = New-Object Byte[] $file1_b.Count
      
      # Put your key here
      [Byte[]] $key =0x55,0x66,0x77,0x88
      $key_position = 0
      
      # XOR
      for($i=0; $i -lt $file1_b.Count; $i++)
      {
      $xord_byte_array[$i] = $file1_b[$i] -bxor $key[$key_position]
      $key_position += 1
      if ($key_position -eq $key.Length) {$key_position = 0}
      }
      # Write the XORd bytes to the output file
      [System.IO.File]::WriteAllBytes("$out", $xord_byte_array)
      
      Write-host "$out" -foregroundcolor yellow -nonewline; Write-host ".";

       

    • #192367
      Participant
      Topics: 12
      Replies: 1488
      Points: 1,982
      Helping Hand
      Rank: Community Hero

      The forums are not a script writing service, you should make an effort. Start by looking at Get-ChildItem, you can do this by doing:

      Get-Help Get-ChildItem -Full

      There are examples to look at a directory and to return specific extensions. Next, you need to do a loop, which is

      foreach

      in the loop, you would be able to call the script with dot (.) notation (script is in the root of working directory):

      .\xorcrypt.ps1

      or

      . C:\Scripts\xorcrypt.ps1

      If you even search this forum for Get-ChildItem, you will find thousands of examples.

    • #192445
      Participant
      Topics: 1
      Replies: 2
      Points: 17
      Rank: Member

      Yeah. I will process these files one by one faster than I will learn the basics of PS.

      Anyway – thanks

    • #192457
      Participant
      Topics: 4
      Replies: 1906
      Points: 4,250
      Helping Hand
      Rank: Community Hero

      Yeah. I will process these files one by one faster than I will learn the basics of PS.

      Anyway ‚Äď thanks

      But if you start to learn the basics of Powershell now it would help you in the future to accomplish tasks like this much much faster than to do it one by one by hand. If you plan to keep working in Windows environments it will definitely pay off for you in the future. ūüėČ

    • #192472
      Participant
      Topics: 1
      Replies: 2
      Points: 17
      Rank: Member

      I need no such wisdom. Instead, I would like someone to improve my script. For experts it is probably a piece of cake

    • #192379
      Participant
      Topics: 0
      Replies: 3
      Points: 29
      Rank: Member

      Greeting Friend. I am actually trying to create a script that gets all logs files on a number of remote computers. I decided to use Get-WinEvent. However, from what I observe, Get-WinEvent¬† get all the logs file but categorize them using RecordCount. please, could there be a way of expanding each of these recodCount values and get all log files related to each logName? For the meantime, I was able to come up with the below script, I don’t know if this is the best way. A suggestion for this will be appreciated.

      param (
      [parameter(Mandatory=$true,
      valueFromPipeLine=$true)] $groupName,
      [switch]$LogErrors,
      $CSVPath
      )
      #——————————————-Create¬†a¬†Folder¬†in¬†C:\¬†write¬†files¬†to¬†it———————————————
      if(Test-path -path C:\file){
      ¬†¬†¬†¬†Write-Verbose¬†“A¬†Folder¬†Called¬†Filed¬†exist¬†in¬†this¬†path”
      ¬†¬†¬†¬†Get-ADGroupMember¬†-Identity¬†$groupName¬†|¬†Select-Object¬†name¬†|Export-Csv¬†‘C:\File\ApplicationErrorLog.csv’¬†-NoTypeInformation
      } Else {
      ¬†¬†¬†¬†Write-Verbose¬†“No¬†Folder¬†Called¬†File¬†Exist¬†in¬†the¬†Path,¬†Folder¬†Created”
          New-Item -Name File -itemType Directory -Path C:\
      ¬†¬†¬†¬†Get-ADGroupMember¬†-Identity¬†$groupName¬†|¬†Select-Object¬†name¬†|Export-Csv¬†‘C:\File\ApplicationErrorLog.csv’¬†-NoTypeInformation
      }
      #——————————————-Importing¬†file¬†applicattionErrorLog¬†From¬†File——————————————
      $impComps = Import-Csv -Path C:\File\ApplicationErrorLog.csv
      #——————————————Using¬†For¬†Each¬†to¬†loop¬†through¬†each¬†Computer————————————————————————-
      Foreach($comps in $impComps.name){
      ¬†¬†¬†¬†Write-Progress¬†“Please¬†Wait¬†why¬†we¬†collate¬†all¬†error¬†Logs”
          Get-WinEvent -LogName System -ComputerName $comps -ErrorAction SilentlyContinue -ErrorVariable Err |
          Select-Object machineName, id, TimeCreated, user,LogName,levelDisplay, LevelName, Message |
          Out-File -FilePath C:\File\CompsErrorLogs.txt -Append
          Get-WinEvent -LogName Application -ComputerName $comps -ErrorAction SilentlyContinue -ErrorVariable Err |
          Select-Object machineName, id, TimeCreated, userid,LogName,levelDisplay, LevelName, Message |
          Out-File -FilePath C:\File\CompsErrorLogs.txt -Append
          Get-WinEvent -LogName Security -ComputerName $comps -ErrorAction SilentlyContinue -ErrorVariable Err |
          Select-Object machineName, id, TimeCreated, userid,LogName,levelDisplay, LevelName, Message |
          Out-File -FilePath C:\File\CompsErrorLogs.txt -Append
          $err | Out-File -FilePath C:\File\Errors.txt -Append
      }
    • #192799
      Senior Moderator
      Topics: 3
      Replies: 121
      Points: 638
      Helping Hand
      Rank: Major Contributor

      Instead, I would like someone to improve my script.

      Is this to be used in a work environment? For security reasons, you should not accept code from a stranger on the Internet and run it on your computer if you don’t understand how it works or what it does. If your company has security people who are paying attention, you might get fired for running unverified code. If not, you might break something and then get fired.

      For experts it is probably a piece of cake.

      If you don’t understand how it works, how would you know? A mechanic may know how to fix a car engine, but that doesn’t mean it’s “a piece of cake” to do it.

    • #193370
      Participant
      Topics: 0
      Replies: 3
      Points: 29
      Rank: Member

      The script was actually scripted by me. Why i posted the script on the forum is to know if it follows Powershell best practice. And if there could be a better way of improving my lines of codes.

    • #193394
      Participant
      Topics: 5
      Replies: 106
      Points: 272
      Helping Hand
      Rank: Contributor

      The script was actually scripted by me. Why i posted the script on the forum is to know if it follows Powershell best practice. And if there could be a better way of improving my lines of codes.

      I think you are trying to use PS in a place where I would not (even though I always prefer to use PS).
      Check out this, it might be the solution you are after:
      https://docs.microsoft.com/en-us/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection

    • #195062
      Participant
      Topics: 0
      Replies: 3
      Points: 29
      Rank: Member

      Thanks Aapeli. The article you posted is really helpful. However, I was able to come up with the below script ¬†as the final solution to the problem I’m trying to resolve.

      [Cmdletbinding ()]
      param (
      [parameter(Mandatory=$true,
      valueFromPipeLine=$true)] $groupName,
      [switch]$LogErrors,
      $exportFileLocation
      )
      #———–Pending Development——————————–Declearing the start and End Date ————————————————-
      <#$Str_date = Read-Host ‘Enter Start Date (mm/dd/yyyy)’
      $start_Date = Get-date $Str_date

      $input_End_Date = Read-Host ‘Enter End Date (mm/dd/yyyy)’
      $End_Date = Get-Date -Date $input_End_Date
      #>

      #——————————————-Create a Folder in C:\ write files to it———————————————
      if(Test-path -path C:\file){
      Write-Verbose “A Folder Called Filed exist in this path”
      Get-ADGroupMember -Identity $groupName | Select-Object name |Export-Csv ‘C:\File\ApplicationErrorLog.csv’ -NoTypeInformation
      } Else {
      Write-Verbose “No Folder Called File Exist in the Path, Folder Created”
      New-Item -Name File -itemType Directory -Path C:\
      Get-ADGroupMember -Identity $groupName | Select-Object name |Export-Csv ‘C:\File\ApplicationErrorLog.csv’ -NoTypeInformation
      }

      #——————————————-Importing file applicattionErrorLog From File——————————————
      $impComps = Import-Csv -Path C:\File\ApplicationErrorLog.csv

      #——————————————Using For Each to loop through each Computer——————————————–

      Foreach($comps in $impComps.name) {
      try {
      Invoke-Command -ComputerName $comps -ScriptBlock {Get-EventLog -LogName Security -EntryType FailureAudit |
      Select-Object MachineName,UserName,TimeWritten, Source, EventID,message |
      Format-Table -Wrap} -ErrorAction Stop -ErrorVariable Err |
      Out-file -FilePath C:\Users\ealbert\Desktop\Checked\SecurityErrorDetails.txt -append

      Invoke-Command -ComputerName $comps -ScriptBlock {Get-EventLog -LogName System -EntryType Error |
      Select-Object MachineName,UserName,TimeWritten, Source, EventID,message |
      Format-Table -Wrap} -ErrorAction Stop -ErrorVariable Err |
      Out-file -FilePath C:\Users\ealbert\Desktop\Checked\SystemErrorDetails.txt -append

      }
      catch {
      if($LogErrors){
      write-host “$Comps Not responding, Error Has Been Writting to a file in C:\Users\ealbert\Desktop\Checked\Error.txt”
      $Err | Out-File -FilePath C:\Users\ealbert\Desktop\Checked\Error.txt -Append
      } Else {
      Write-Output “Computers Not Responding will not be cached”
      }
      }
      }

Viewing 9 reply threads
  • The topic ‘How to improve the script?’ is closed to new replies.