Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Powershell - What every haXor needs to know

Jameel Haffejee
October 02, 2010
Programming
1
97

Powershell - What every haXor needs to know

An intro to power shell for the security specialist

Jameel Haffejee

October 02, 2010
Tweet

More Decks by Jameel Haffejee

See All by Jameel Haffejee
Testing Antivirus Engines To determine their effectiveness as a security layer
rc1140
0
120
Mac OS Sandboxing
rc1140
2
160

Other Decks in Programming

See All in Programming
アクターシステムに頼らずEvent Sourcingする方法について
j5ik2o
4
360
PSR-15 はあなたのための ものではない? - phpcon2024
myamagishi
0
180
testcontainers のススメ
sgash708
1
130
テストコード書いてみませんか?
onopon
2
210
良いユニットテストを書こう
mototakatsu
8
3.1k
今年のアップデートで振り返るCDKセキュリティのシフトレフト/2024-cdk-security-shift-left
tomoki10
0
230
技術的負債と向き合うカイゼン活動を1年続けて分かった "持続可能" なプロダクト開発
yuichiro_serita
0
150
MCP with Cloudflare Workers
yusukebe
2
230
Fibonacci Function Gallery - Part 1
philipschwarz
PRO
0
230
php-conference-japan-2024
tasuku43
0
360
競技プログラミングへのお誘い@阪大BOOSTセミナー
kotamanegi
0
360
数十万行のプロジェクトを Scala 2から3に完全移行した
xuwei_k
0
350

Featured

See All Featured
Statistics for Hackers
jakevdp
796
220k
Automating Front-end Workflow
addyosmani
1366
200k
Music & Morning Musume
bryan
46
6.2k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
A Tale of Four Properties
chriscoyier
157
23k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
VelocityConf: Rendering Performance Case Studies
addyosmani
326
24k
Testing 201, or: Great Expectations
jmmastey
41
7.1k
Navigating Team Friction
lara
183
15k
Art, The Web, and Tiny UX
lynnandtonic
298
20k
Embracing the Ebb and Flow
colly
84
4.5k
Documentation Writing (for coders)
carmenintech
67
4.5k

Transcript

  1. PowerShell – what every haXor needs to know Jameel  Haffejee

     /  RC1140    

  2. What is PowerShell Its awesome

  3. Why Should you care ?  Its installed by default on

    a growing number of MS OS’s   Windows 7   Windows Server 2K8R2  Optional On Windows XP SP 3  Its an alternate scriptable way to access the OS  It’s a unchecked environment at the moment

  4. Accessing PowerShell •  Can be accessed via the Start Menu

    or Run •  Can be called from within batch files •  Accessed via its hostable core in any supported language

  5. Execution Policies •  Restricted (Default) •  Signed •  Remote Signed

    •  Unrestricted •  Bypass •  PowerShell Does not require admin privileges to run and most commands work without the need for admin access.

  6. PowerShell Trinity  Where it all begins and ends, Get-Help ,

    Get-Command ,Get- member

  7. Hello World •  Variables •  String Types •  Loops • 

    Running a script •  ISE , Yes is comes with a ISE :P

  8. Poking the System with PowerShell  One Liners – Because everyone

    has to count their keystrokes till doom  Accessing windows through WMI and COM  Making use of Active Directory to index machines on the network  What can we do with more than one line

  9. Knock Knock – Is that port open  No direct PowerShell

    interfaces so we have to resort to .Net  Making socket connections in PowerShell   $tcpclient = new-Object system.Net.Sockets.TcpClient   $tcpclient.Connect('localhost','80')  Creating and using a Port Scanner in PowerShell  Finally setting up a basic bind interface to listen on our port of choice i.e Basic netcat

  10. Breaking Down the front door  Brute Forcing RDP/SQL with PowerShell

  11. Popped The Cork   So now that you have access

    to a PC/Server what can you do ?   Dumping Hashes   Complete control over IIS from the command line   Setting up a bot with PowerShell   Setting up backdoor access in 60 seconds, Assuming you have physical access (Still possible without physical access as well )

  12. Questions and Contact Info Twi3er  :  h3p://twi3er.com/RC1140   Mail  

             :  [email protected]   IRC          :  #ZaCon  (On  Atrum)                #PowerShell  (On  FreeNode)   Code          :  h3p://github.com/rc1140/zacon