Powershell

Basics

1
get-command set* # Searches for all cmdlets that start with "set"
2
alias # List all aliases in shell
3
Get-ChildItem # Same as ls, dir, and gci
4
Copy-Item # Same as cp, copy, and cpi
5
Move-Item # Same as mv, move, and mi
6
Select-String # Same as sls and similar to grep
7
Get-Help # Get help!!
8
Get-Content # Same as cat, type, gc
9
Get-Process # Same as ps, gps
10
Get-Location # Same as pwd, gl
11
Get-Member # Get properties and methods of objects - USEFUL!!!!
12
ps | format-list -property name, id, starttime # Formatted list of process properties
13
ls env: # List all PS environment variables
14
ls variable: # List all PS variables
Copied!

Getting Help

1
help gci # displays help for Get-ChildItem
2
help gci -detailed # Very verbose help information
3
help gci -examples # Examples on how to USE it!!!
4
help gci -full # Pretty much everything it has about it
5
Remove-Item *.* -WhatIf # Explains what WOULD happen, but not actually do it
Copied!

Pipeline Objects

Used to help automate between operations in a pipe. The % is an alias for ForEach-Object command. The current object in an array of objects is referred to as $_. Pipeline objects can be filtered with the ? alias for Where-Object. Command below will write out all names and PIDs of processes returned by ps alias.
1
ps | gm # Find all properties and methods first
2
ps | % {write-host "name is" $_.name " and pid is " $_.ID}
3
ps | ? {write-host "Running PID name is " $_.status -eq "running"}
4
​
5
# Counting loops to move between two sets of numbers
6
1..10 | % {echo $_}
7
1..255 | % {ping -n 1 192.168.0.$_ | select-string ttl}
Copied!

Searching

Looking for files and directories.
1
# Search the entire C:\ dir for anything with "password" in the filename. Put stderr in null where it belongs
2
gci -recurse C:\ password 2>$null | % {echo $_.fullname}
3
​
4
# Select-string works similar to grep
5
select-string -path C:\Users\*.txt -pattern password
6
​
7
# Put both together! Look in each file for the string "password"
8
gci -recurse C:\ | % {select-string -path $_ -pattern password} 2>$null
Copied!
1
# Can navigate Reg just like the file system using tab completion
2
cd HKLM:\
Copied!
Launch Browsers and reach a specific page
1
"C:\Program Files\Internet Explorer\iexplore.exe" m4lwhere.org
2
"C:\Program Files\Mozilla Firefox\firefox.exe" m4lwhere.org
Copied!

Networking

Quick and dirty way to check if a port is open on a remote computer
1
New-Object System.Net.Sockets.TCPClient –Argument "10.0.0.1","389"
Copied!

Speaking to the Users!

This is a hilarious way to download a random cat fact and have it speak to the user through the speaker.
1
Add-Type -AssemblyName System.Speech
2
$SpeechSynth = New-Object System.Speech.Synthesis.SpeechSynthesizer
3
$SpeechSynth.SelectVoice("Microsoft Zira Desktop")
4
$Browser = New-Object System.Net.WebClient
5
$Browser.Proxy.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials
6
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
7
$CatFact = (ConvertFrom-Json (Invoke-WebRequest -Verbose -Uri https://catfact.ninja/fact -UseBasicParsing))
8
$CatFact.fact
9
$SpeechSynth.Speak("Did you know ?")
10
$SpeechSynth.Speak($CatFact.fact)
Copied!
Last modified 13d ago