Allow PowerShell to Traverse a Secure Proxy

综合技术 2016-06-24

One of the first things I like to do when setting up my development machine in a new environment is to update PowerShell help with the update-help
cmdlet. After that, I will then go and download a slew of modules from the PowerShell Gallery
.

However, recently I needed to set up my development machine on an environment that is behind an internet proxy that requires authentication. This meant that a lot of PowerShell cmdlets can’t be used because they don’t have support for traversing a proxy – or at least, not one that requires authentication. Take the aforementioned update-help
and install-module
cmdlets – I just couldn’t do with out these.

So I set about trying to find a way around this. So after lots of googling and trial and error (and also getting my Active Directory account locked out on more than one occasion) I came up with a solution.

Basically it requires using the NETSH
command to configure the proxy settings and then configure the web client with my proxy credentials (which were AD integrated):

The code I needed to traverse the proxy could then be executed. Once it has completed the task using the proxy I would then reset it back to the default state (using settings from internet explorer):

After using this a bit I thought it would be great to turn it into a function that I could just call, passing a script block that I wanted to be able to traverse the proxy with. So I came up with this:

To use this script, simply save it as a PS1 file (e.g. Use-Proxy.ps1), customizing the default proxy URL if you like and then dot source the file. Once it has been dot sourced it can be called, optionally passing the URL of the proxy server and credentials to use to authenticate to it:

If you don’t pass any credentials, you will be prompted to enter them. I also added some code into this function so that you can specify a global variable containing the credentials to use to traverse the proxy. This can save on lots of typing, but might be frowned upon by your security team.

Finally, I also added the proxy reset code into the finally
block of a try
catch
to ensure that if the code in the script block throws an error the proxy will be reset. In my case I also loaded this function into a PowerShell module that can be distributed to other team members.

Happy proxy traversing!

责编内容by:dscottraynsford (源链)。感谢您的支持!

您可能感兴趣的

Quickly deploying all the things from Excel with P... As an ex-Excel Developer, I tend to resolve any perceived inefficiencies when dealing with any tabular data by automating the snot out of it with Exce...
Get public IP on a Windows Server via PowerShell Every so often I need a quick way of getting the public IP of a Windows server . There are several ways of doing this but my preferred method lev...
绕过AppLocker系列之MSIEXEC的利用 MSIEXEC是Windows操作系统中的一个实用程序,可用于从命令行安装或配置产品。 如果环境配置不正确,则使用.MSI文件就可以允许攻击者执行权限升级或绕过AppLocker规则。 本文的以下内容表明,当系统配置为不阻止所有用户执行MSI文件时,那么系统就得不到正确的保护,因为任何一个Ap...
Fileless malware attack against US restaurants wen... Researchers have detected a brazen attack on restaurants across the United States that uses a relatively new technique to keep its malware undetect...
SIEM Training Needs a Better Focus on the Human Fa... The problem with security information and event management systems isn't the solutions themselves but the training that people receive. Logging solu...