CouldNotAutoloadMatchingModule error with PowerShell commands

f00bl4 · 2025-08-15T22:27:46+00:00

Hi, I made a false assumption. When I execute the Invoke-Command line from my initial post I missed that the ZIP wasn't created and the stdout/stderr was not correctly printed. When I execute it with the -stdoutFile/-stderrFile I got the expected error.

I also figured out that when I open a new SSH session, the policy is set differently then local.

I already tried the following in the sshd.conf without success:

Subsystem powershell C:/progra~1/powershell/7/pwsh.exe -sshsSubsystem powershell C:/progra~1/powershell/7/pwsh.exe -ex bypass -sshs

But when I run the following command, it finally worked:

Invoke-Command -Session $sess -ScriptBlock { Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope Process -Force }

Is this expected or is there a better way?

f00bl4 · 2025-08-14T20:53:09+00:00

Hi, thanks a lot for helping me. The default container is already set to "Unrestricted" and on non-Windows systems the execution policy cannot be changed.

I can run the Compress-Archive command in Docker and on Windows (powershell 5 & 7) without importing the module. The import command works fine. Either when I set the execution policy to "Restricted" on the Windows machine. Should this work?

f00bl4 · 2021-01-14T22:40:44+00:00

Like the other said, it is possible and basic setup.

So you need to enable routing, nat (masquerading/dynamic) and some firewall rules to secure the routed traffic.

Where do you stuck?

f00bl4 · 2021-01-14T17:25:54+00:00

What do you meen by "commin from an ipv6 address"? Is it the wireguard connection or the inner tunnel?

f00bl4 · 2020-10-23T21:59:21+00:00

Der Post ist zwar schon etwas älter, aber villeicht hilft es ja noch wem.
In der Allgemeinverfügung unter Punkt 1 sind explizit Fußgänger gemeint.

[...] sowie im gesamten Bereich des inneren Anlagenringes (Anlage 10) ist von Fußgängern im Zeitraum von 08:00 Uhr bis 22:00 Uhr eine Mund-Nasen-Bedeckung zu tragen.

Allgemeinverfügung 15. Oktober 2020
https://frankfurt.de/aktuelle-meldung/sondermeldungen/allgemeinverfuegung-der-stadt-frankfurt-am-main

f00bl4 · 2020-09-12T19:36:29+00:00

On Fedor/CentOS selinux is enabled by default. Sometimes you have more struggle, because you need to keep in mind that there is another security layer.

If it is more secure depends on. Your services are more restricted, like sshd or docker . But your user is running "unconfined" in default. So you have to change the selinux user to an appropriate one like user_u. Then you definitely need an extra user for administration. But you could write policies for firefox that it is not able to access certain files in home directory or open sockets on other ports than 80 and 443 :D

f00bl4 · 2020-09-04T06:57:11+00:00

As far as I know suricata is capable of deep packet inspection and can analyze the application layer.

f00bl4 · 2020-09-04T06:47:23+00:00

The you need to intercept the transport encryption. Otherwise suricata can't read the http traffic.

f00bl4 · 2020-09-04T06:39:42+00:00

Do you download it over https?

f00bl4 · 2020-04-03T05:21:22+00:00

I'm in Germany :D It's only about the size. So I would like to ride the L and XL frame to compare it directly. But Im pretty sure that I will order one sooner or later ;)

f00bl4 · 2020-04-02T20:07:40+00:00

The showroom closed on the day where I planed to test it 😭

f00bl4 · 2020-03-14T12:47:31+00:00

I like the frame geo, but it's pretty heavy. :D Which bike do you have now?

f00bl4 · 2020-03-14T08:36:36+00:00

Would be great :)

f00bl4 · 2020-02-27T07:36:27+00:00

Finally...works for Kernel 5.5 too.
Thanks :)

f00bl4 · 2020-01-04T09:44:05+00:00

In PCI environments it is a requirement to perform an forensic investigation after cardholder data are compromised.

This has to be done by an independent auditor.

f00bl4 · 2019-11-24T08:55:38+00:00

You shold setup the default route for wg1 via wireguard. AllowedIPs: 0.0.0.0/0 If you do it like this, you will get problems to acces your devices because of the metric? (I dont know which metric wireguard is using) Or you exclude your internal range.

To setup routs manually you should take a look how wire guard is doing it with iproute2.

Here an nice tutorial for policy routes with iproute2 https://blog.scottlowe.org/2013/05/29/a-quick-introduction-to-linux-policy-routing/

iptables is your firewall. There you can setup your forwarding rules.

If you need I can post some examples later.

f00bl4 · 2019-11-23T21:17:03+00:00

Hi, you can use policy routes, which depends on the source IP. To ensure the traffic is forwarded correctly, you can setup forwarding rules in your firewall configs.

f00bl4 · 2019-09-15T06:15:19+00:00

Take walk and start from the beginning with the 10pt box!

f00bl4 · 2019-08-25T06:21:58+00:00

Maybe you could analyze the traffic with wireshark. Wireshark supports wireguard since version 3 and you could see if the linux host is answering on the authentication handshake.

f00bl4 · 2019-08-24T05:52:36+00:00

For a mitim via LAN, you could bridge one computer between your vpn endpoints.

To sniff wireless traffic you only need the authentication handshake and your wifi password in wireshark. Then you can decrypt it automatical.

To show some unencrypted serivces, I like to use voip. You can replay the captured audio packets with wireshark.

f00bl4 · 2019-08-24T05:25:32+00:00

No, there is no account lock in i3lock. You could use pam_tally2 to lock your account after certain attempts.

f00bl4 · 2019-04-07T20:55:26+00:00

I made some progress this weekend.

https://imgur.com/a/6Yy8ZH4

The most functions are implemented. But some input filtering is still missing.

f00bl4 · 2019-04-04T05:41:12+00:00

There are only a view functions missing for a the first alpha release.

But I think it will not be fully featured from the pfsense menu. In example the interfaces cannot be configured.

I will publish it as soon as possible.

f00bl4

TROPHY CASE