Skip to main content

PowerShell For Ethical Hackers Part 2



PowerShell for Ethical Hackers Blog Series

                   

Part2:  Understanding PowerShell Basics Commands 

Hello All, Today we will see why understanding PowerShell basics is important as a ethical hacker or a penetration testing, as all we know basics is most important part for gaining advance knowledge. So, same in my blogpost we are going to learn Powershell from basics today i am going to show you usage of commands in powershell which we will use later in Hacking 😃😄  

NOTE: I am going to present only those cmdlets which are useful in penetration testing.

What is Cmdlet?

A cmdlet is a lightweight command that is used in the Windows PowerShell environment. The Windows PowerShell runtime invokes these cmdlets within the context of automation scripts that are provided at the command line. The Windows PowerShell runtime also invoke them programmatically through Windows PowerShell APIs.

Example: "Get-Command, Get-Process" is  a Cmdlet. 

You can read more about Cmdlet here: Cmdlet Overview


1. Get-LocalUser: This cmdlet is used for listing local user in windows system but only from those which are not in AD environment. if you want to list AD User you have to use Get-ADUser.

   
Listing Local Users
2. Get-ItemProperty: This cmdlet is used for view the results in registry as we all know understanding the registry hives and keys are most important in Post Exploitation Part. we can extract so much juicy information from windows registry. in this example, we are going to extract the Browser History related to Internet Explorer from Windows Registry .

PowerShell Cmdlet for Internet Explorer History:  

 Get-ItemProperty -path registry::'HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs'

Extracted URLs

3. Invoke-Command: This cmdlet is mostly used by ethical hackers and penetration testers. using invoke-command we can execute command on local and remote systems. In later blog series we will use Invoke-Command in Depth. 

In this example we are executing powershell script on remote computers this script will export Internet Explorer history and save it in CSV file.

Invoke-Command
Thats all for this Post. Stay Tuned for next blog post till then Happy Hacking 😊😉

#HappyHacking #Blogger #Security #Learner



Comments

Post a Comment

Popular posts from this blog

PowerShell for Ethical Hackers

                                                                                                              PowerShell For Ethical Hackers Blog Series  Hello my hacking buddies, Finally i am back with my blog series PowerShell for Ethical Hackers. we all know what is powershell and it easies our task same like linux bash scripting. in this blog series i'll show you some useful test cases which i have performed in real life penetration testing and i am going to show you how to write powershell script from basics to advance level. So, let's Start 😊😉 Part 1: Introduction to PowerShell, why PowerShell is important for Ethical Hackers and PowerShell Framework. Penetration Testing using PowerShell...
14 comments
Read more

PowerShell for Ethical Hackers Part 3 Introduction to PowerShell ISE & PowerShell ISE Add-On

PowerShell for Ethical Hackers Blog Series                       Part 3: Introduction to PowerShell ISE and PowerShell  ISE Add-On PowerShell ISE is Integrated Scripting Environment. In PowerShell ISE you can run commands, write scripts ,test and debug your scripts in Graphic User Interface Application.  Windows PowerShell ISE provides you many features which you can use in PowerShell ISE for do your task easy some of the features are mentioned below. Multiline Editing Selective Execution PowerShell ISE Modules Restart Manager and Auto Save Description of PowerShell ISE Features Multiline Editing: Multi Line editing is a nice feature in PowerShell ISE it saves a lot of time because at a same time you can edit multiple lines in a same file. Selective Execution:   Selective execution provides you capability to run the selective code which you want to test it means you can select...
Post a Comment
Read more

Session HI-Jacking

                       Session Hijacking in XSS to MYSQL File Hi, after a long Time i am coming with my new post how to Hijack The someone Session. sounds Interesting. is it possible to hijacking or steal someone cookie or someone Session. Yes! it's possible. I am going to telling you how's it Possible.   First! of All, it is also a Web-App Vulnerability. In OWASP TOP-10  A-2 Broken authentication   and Session managment. Covers the Session managment issues. (1) Session sniffing (2) Session fixation (3) Session hijacking First, for non-technical persons, they want to know what is Session or what is Cookie? A session can be defined as a server-side storage of information that is desired to persist throughout the user's interaction with the web site or web application.  A cookie is a small piece of text stored on a user's comp...
Post a Comment
Read more