1. Open regedit.exe
2. Export copy of the registry
3. Navigate to
HKEY_CLASSES_ROOT\Microsoft.PowerShellScript.1\Shell
4. Change the default from 'Open' to '0'
5. Could change default parameters to powershell.exe in HKEY_CLASSES_ROOT\Microsoft.PowerShellScript.1\Shell\0\Command
Another option:
3. Navigate in registry to HKEY_CLASSES_ROOT\Microsoft.PowerShellScript.1\Shell\Open\Command\
4. Change Old Value:
"C:\Windows\System32\notepad.exe" "%1"
to New Value:
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -NoProfile -NonInteractive -ExecutionPolicy "Bypass" -File "%1"
Why not do this:
This makes it easy for dangerous .ps1 files to be executed. With great power comes great responsibility.
No comments:
Post a Comment