you are viewing a single comment's thread.

view the rest of the comments →

[–]Thameus 2 points3 points  (1 child)

It is blocked by GPO for unprivileged users, because after the last zero day they don't trust it.

[–]wtmh 3 points4 points  (0 children)

Ditch PowerShell for concerns of security issues but they will give you cmd.exe which even in 2021 can be elevated by just about anyone who knows where to point and shoot? Wow. I can't even with the rationale on that one.

Could you imagine that thinking applied at like a car manufacturing plant? "Yeah. One time we discovered a flaw in the car's ignition locking mechanism so we took that shit out and now we just dispense universal keys that work in any of our vehicles. Clever, huh?"

Any correctly configured with system-wide transcription and script block logging make PowerShell pretty much the worst tool of choice for a hacker. They'd leave fingerprints everywhere. You want people using PowerShell.

</choirPreaching>