How to improve the script?

Welcome Forums General PowerShell Q&A How to improve the script?

Viewing 8 reply threads
  • Author
    Posts
    • #192214
      Participant
      Topics: 1
      Replies: 2
      Points: 17
      Rank: Member

      I am a complete layman so I can't do it alone. I don't know anything about PS However, the task seems to be simple.
      I have a script – but you can only process single files with it at a time. I would like to be able to use it for several files at once – just e.g. for * .xxx in the directory. The output files may have the same name.
      Can someone modify this script or give me a different one that will apply the first to all files in a given location at once?
      Thank you in advance for any help. Here is the script:

      # Usage: ps\xorcrypt.ps1 bin\input.bin bin\output.bin
      
      param (
      [Parameter(Mandatory=$true)]
      [string] $file1, #First File
      [Parameter(Mandatory=$true)]
      [string] $out #Output File
      ) #end param
      
      [Environment]::CurrentDirectory = (Get-Location -PSProvider FileSystem).ProviderPath
      $file1_b = [System.IO.File]::ReadAllBytes($file1)
      $xord_byte_array = New-Object Byte[] $file1_b.Count
      
      # Put your key here
      [Byte[]] $key =0x55,0x66,0x77,0x88
      $key_position = 0
      
      # XOR
      for($i=0; $i -lt $file1_b.Count; $i++)
      {
      $xord_byte_array[$i] = $file1_b[$i] -bxor $key[$key_position]
      $key_position += 1
      if ($key_position -eq $key.Length) {$key_position = 0}
      }
      # Write the XORd bytes to the output file
      [System.IO.File]::WriteAllBytes("$out", $xord_byte_array)
      
      Write-host "$out" -foregroundcolor yellow -nonewline; Write-host ".";

       

    • #192367
      Participant
      Topics: 10
      Replies: 1381
      Points: 1,509
      Helping Hand
      Rank: Community Hero

      The forums are not a script writing service, you should make an effort. Start by looking at Get-ChildItem, you can do this by doing:

      Get-Help Get-ChildItem -Full

      There are examples to look at a directory and to return specific extensions. Next, you need to do a loop, which is

      foreach

      in the loop, you would be able to call the script with dot (.) notation (script is in the root of working directory):

      .\xorcrypt.ps1

      or

      . C:\Scripts\xorcrypt.ps1

      If you even search this forum for Get-ChildItem, you will find thousands of examples.

    • #192445
      Participant
      Topics: 1
      Replies: 2
      Points: 17
      Rank: Member

      Yeah. I will process these files one by one faster than I will learn the basics of PS.

      Anyway – thanks

    • #192457
      Participant
      Topics: 2
      Replies: 1693
      Points: 3,368
      Helping Hand
      Rank: Community Hero

      Yeah. I will process these files one by one faster than I will learn the basics of PS.

      Anyway ‚Äď thanks

      But if you start to learn the basics of Powershell now it would help you in the future to accomplish tasks like this much much faster than to do it one by one by hand. If you plan to keep working in Windows environments it will definitely pay off for you in the future. ūüėČ

    • #192472
      Participant
      Topics: 1
      Replies: 2
      Points: 17
      Rank: Member

      I need no such wisdom. Instead, I would like someone to improve my script. For experts it is probably a piece of cake

    • #192379
      Participant
      Topics: 0
      Replies: 2
      Points: 29
      Rank: Member

      Greeting Friend. I am actually trying to create a script that gets all logs files on a number of remote computers. I decided to use Get-WinEvent. However, from what I observe, Get-WinEvent  get all the logs file but categorize them using RecordCount. please, could there be a way of expanding each of these recodCount values and get all log files related to each logName? For the meantime, I was able to come up with the below script, I don't know if this is the best way. A suggestion for this will be appreciated.

      param (
      [parameter(Mandatory=$true,
      valueFromPipeLine=$true)] $groupName,
      [switch]$LogErrors,
      $CSVPath
      )
      #——————————————-Create¬†a¬†Folder¬†in¬†C:\¬†write¬†files¬†to¬†it———————————————
      if(Test-path -path C:\file){
          Write-Verbose "A Folder Called Filed exist in this path"
          Get-ADGroupMember -Identity $groupName | Select-Object name |Export-Csv 'C:\File\ApplicationErrorLog.csv' -NoTypeInformation
      } Else {
          Write-Verbose "No Folder Called File Exist in the Path, Folder Created"
          New-Item -Name File -itemType Directory -Path C:\
          Get-ADGroupMember -Identity $groupName | Select-Object name |Export-Csv 'C:\File\ApplicationErrorLog.csv' -NoTypeInformation
      }
      #——————————————-Importing¬†file¬†applicattionErrorLog¬†From¬†File——————————————
      $impComps = Import-Csv -Path C:\File\ApplicationErrorLog.csv
      #——————————————Using¬†For¬†Each¬†to¬†loop¬†through¬†each¬†Computer————————————————————————-
      Foreach($comps in $impComps.name){
          Write-Progress "Please Wait why we collate all error Logs"
          Get-WinEvent -LogName System -ComputerName $comps -ErrorAction SilentlyContinue -ErrorVariable Err |
          Select-Object machineName, id, TimeCreated, user,LogName,levelDisplay, LevelName, Message |
          Out-File -FilePath C:\File\CompsErrorLogs.txt -Append
          Get-WinEvent -LogName Application -ComputerName $comps -ErrorAction SilentlyContinue -ErrorVariable Err |
          Select-Object machineName, id, TimeCreated, userid,LogName,levelDisplay, LevelName, Message |
          Out-File -FilePath C:\File\CompsErrorLogs.txt -Append
          Get-WinEvent -LogName Security -ComputerName $comps -ErrorAction SilentlyContinue -ErrorVariable Err |
          Select-Object machineName, id, TimeCreated, userid,LogName,levelDisplay, LevelName, Message |
          Out-File -FilePath C:\File\CompsErrorLogs.txt -Append
          $err | Out-File -FilePath C:\File\Errors.txt -Append
      }
    • #192799
      Moderator
      Topics: 3
      Replies: 87
      Points: 464
      Helping Hand
      Rank: Contributor

      Instead, I would like someone to improve my script.

      Is this to be used in a work environment? For security reasons, you should not accept code from a stranger on the Internet and run it on your computer if you don't understand how it works or what it does. If your company has security people who are paying attention, you might get fired for running unverified code. If not, you might break something and then get fired.

      For experts it is probably a piece of cake.

      If you don't understand how it works, how would you know? A mechanic may know how to fix a car engine, but that doesn't mean it's "a piece of cake" to do it.

    • #193370
      Participant
      Topics: 0
      Replies: 2
      Points: 29
      Rank: Member

      The script was actually scripted by me. Why i posted the script on the forum is to know if it follows Powershell best practice. And if there could be a better way of improving my lines of codes.

    • #193394
      Participant
      Topics: 5
      Replies: 105
      Points: 262
      Helping Hand
      Rank: Contributor

      The script was actually scripted by me. Why i posted the script on the forum is to know if it follows Powershell best practice. And if there could be a better way of improving my lines of codes.

      I think you are trying to use PS in a place where I would not (even though I always prefer to use PS).
      Check out this, it might be the solution you are after:
      https://docs.microsoft.com/en-us/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection

Viewing 8 reply threads
  • You must be logged in to reply to this topic.