psexec_enable-psremoting

1. Starting Powershell elevated from PSExec (enable-psremoting)
2. psexec.exe \server cmd /c "echo . | powershell (-verb runas -argumentlist (enable-psremoting -force))"
3.    
4. $c = Get-Credential
5. $u = $c.UserName
6. $p = $c.GetNetworkCredential().Password
7.  
8. $path = "C:SysinternalsSuite"
9. & "$pathpsexec.exe" \server -u $u -p $p powershell.exe -Command "Enable-PSRemoting -Force"
10.    
11. $user = "youruser"
12. $p = Read-Host "Enter domain password for $adminuser"
13. cls
14.  
15. $expression1 = "enable-psremoting -force"
16. $commandBytes1 = [System.Text.Encoding]::Unicode.GetBytes($expression1)
17. $encodedCommand1 = [Convert]::ToBase64String($commandBytes1)
18.  
19. $expression2 = "Set-ExecutionPolicy remotesigned -Force”
20. $commandBytes2 = [System.Text.Encoding]::Unicode.GetBytes($expression2)
21. $encodedCommand2 = [Convert]::ToBase64String($commandBytes2)
22.  
23. $expression3 = "Restart-Service winrm”
24. $commandBytes3 = [System.Text.Encoding]::Unicode.GetBytes($expression3)
25. $encodedCommand3 = [Convert]::ToBase64String($commandBytes3)
26.  
27. foreach ($server in (get-content c:tempenablepsremotinglist.txt))
28. {
29.     echo " "
30.     echo "Running on $server"  
31.     echo "--------------------------------------- "
32.     echo " "    
33.     psexec.exe \$server -h -u no$user -p $p cmd /c "echo . | powershell -EncodedCommand $encodedCommand1"
34.     psexec.exe \$server -h -u no$user -p $p cmd /c "echo . | powershell -EncodedCommand $encodedCommand2"
35.     psexec.exe \$server -h -u no$user -p $p cmd /c "echo . | powershell -EncodedCommand $encodedCommand3"
36. }