Determine DLLs hosted by Process

tasklist /m /fi "IMAGENAME eq wmiprvse.exe"

/M     [module]         Lists all tasks currently using the given
exe/dll name. If the module name is not
specified all loaded modules are displayed.

/FI    filter           Displays a set of tasks that match a
given criteria specified by the filter.

If you want DLL's hosted by any/all processes, remove the /FI filter parameter. In the example, we list dll's in use by the WMIPRVSE services.

Another example might be;

tasklist /m /fi "IMAGENAME eq cmd.exe"

You can filter on many different items, such as PID. Below we list dll's used by the SYSTEM process.

tasklist /m /fi "pid eq 4"

UDP Client Testing

There are many applications that use UDP ports in operation. When firewalls are in place, it can be difficult to determine if the problem connecting is due to the firewall, or simply the application.

The attached files can help with this.

udpserv.ps1 is a quick PowerShell script that will listen on a defined port for incoming UDP data and display the received data on the screen.

To use the udpserv.ps1 script;

  •  Change $port = 2020 to the port you want to test.
  • Open a PowerShell window.
  • Change to script download location
  • Execute script by typing ".\udpserv.ps1" and process enter. The script will block until complete.

The client script udpclient.ps1 will connect to the defined port on the defined server and will send 10 lines indicating the iteration of the UDP test.

To use the udpclient.ps1 script;

  • Change the $IP = "" line to match the IP of the system running udpserv.ps1.
  • Change the [int] $Port = 2020 to match the port specified in the udpserv.ps1 script above.
  • Open a PowerShell window.
  • Change to script download location
  • Execute script by typing ".\udpclient.ps1" and process enter.

You can download the file which contains the client and server scripts.

WordPress Error Table ‘alertadigital.wp_wc_follow_users’ doesn’t exist

If you receive an error message like

Apache — Redirect all HTTP requests to HTTPS

This post describes the process of forcing all HTTP traffic to HTTPs.

If we all lived in a perfect world, there would be no need for security. However, we don't, so there is.

One way you can help increase the security of your site and therefore your data, is to only implement ssl protocol in the server, or to block non ssl traffic via the firewall.

Continue reading Apache — Redirect all HTTP requests to HTTPS

Remotely Add Users to the Local Admins Group with Powershell

I can't tell you how many times I have had to reach out and touch multiple servers to add a service account to one of the systems local groups. This can be a time consuming endeavor when you get above a few machines.

This post lists the code needed to add a user to the local administrators group of a remote system.

To use the script, change the following;

  • PATH_TO_SERVER_LIST, Change this to the path to the list of servers on which to add the user.
  • DOMAIN_NAME, Change to your domain name
  • USER_TO_ADD, Change to the domain user you want to add to the remote systems local administrators group.

That's all you need.

The script makes an ADSI connection to the server

$AdminGroup = [ADSI]"WinNT://$s/Administrators,group"

The script then loads the user AD object.

 $User = [ADSI]"WinNT://$DomainName/$UserName,user"

And finally the script attempts to add the user to the local administrators group.

Note that each of the commands is wrapped in a try/catch block which outputs an error indicating where the problem occurs.

$servers = gc "PATH_TO_SERVER_LIST"
$DomainName = "DOMAIN_NAME"
$UserName = "USER_TO_ADD"

foreach($s in $servers){
   try{ $AdminGroup = [ADSI]"WinNT://$s/Administrators,group" }
   catch{ write-warning "Failed to connect to [$s]" }
   try{ $User = [ADSI]"WinNT://$DomainName/$UserName,user" }
   catch{ write-warning "Failed to obtain record for [$DomainName] [$UserName]" }
   try{ $AdminGroup.Add($User.Path) }
   catch{ write-warning "Failed to add user [$DomainName\\$UserName] to [$s]" }

Note: You can select the group by changing the word Administrators in the connection line to the group to which you want to add the user.

For example, to use the local users group instead of administrators, the line would be;

  • $AdminGroup = [ADSI]"WinNT://$s/Users,group"

Use ADSI and Powershell to Monitor Group Access

Several years ago, I was tasked with putting together a script to output a list of all users and groups on a server. Additionally, management wanted to know the membership of the local groups. If the groups contained other groups, the contents of those groups should be listed as well. Continue reading Use ADSI and Powershell to Monitor Group Access