Practical PowerShell Programming for Professional People

Practical PowerShell Programming
for
Professional People
Ben Ten
(@Ben0xA)
Converge Detroit 2014

Practical PowerShell Programming for Professional People
Converge Detroit - Ben Ten (@Ben0xA)
About Me
Ben Ten (0xA)
@Ben0xA - twitter
Chicago - #burbsec
Vice President
Security Officer
Developer
PoshSec Framework Developer / Creator
Gamer
Geek

Overview
● Languages and Development
● PowerShell Scripting
● Resources
● Q&A
● PSA: This is mostly live code scripting in
PowerShell. Please code along with me!

Overview
Feel free to interrupt and ask questions!

Languages and Development
Before we begin, a bit of a primer!
● Styles of Coding
● Syntax
● Getting Help
● Starting Out

Styles of Coding/Scripting/Development
● Novice
● Avid Scripter
● Full Time Developer
● Code Monkey

Syntax
syn•tax (sĭn tăks ) – the rules that governˈ ˌ
how a script, or program, is developed in a
given language.

Syntax
White Space, parens (), commas, periods,
quotes (“ vs '), tabs, braces [], curly
brackets {}, colons :, semi-colons ;, all play
an integral part in the syntax of a
language!

Getting Help!
RTF Manual/Docs/Reference
Often times, the documentation will have
an answer for what you are trying to
accomplish. *NOT ALWAYS THOUGH*

Getting Help!
Interactive Help
● ?
● F1
● Intellisense (Ctrl+Space)
● Get-Help

Getting Help!
Search Engines FTW!
Google is not the end all in searches. For
Development I prefer DuckDuckGo!
https://duckduckgo.com

PowerShell
Overview
PowerShell is a task automation and
configuration management framework
from Microsoft, consisting of a command-
line shell and associated scripting
language built on the .NET Framework.

PowerShell
Overview
PowerShell was designed by :
● Jeffrey Snover (@jsnover)
● Bruce Payette (@BrucePayette)
● James Truher
Initial release was November 14, 2006

PowerShell
Overview
PowerShell is a part of the Windows
Management Framework. WMF 5.0 was
released on April 3, 2014.
For today's scripting we will be using WMF
3.0.

PowerShell
You will need:
● Windows Management Framework 3.0
● Microsoft .NET Framework 4.5
● Text Editor (your choice)
● Sublime Text http://www.sublimetext.com/
● Komodo Edit http://komodoide.com/komodo-edit/
● PowerShell ISE (comes with WMF)

PowerShell
File Name Extensions
.ps1 – Script Files
.psm1 – Script Module Files
.psd1 – Script Manifest Files
.ps1xml – Formatting and Type Files
.dll - Cmdlet and Provider Assemblies

PowerShell
Cmdlets, Functions, and Scripts Oh My!
From a functional standpoint, cmdlets,
functions, and scripts are practically the
same.
They are a way to call a specific block of
code.

PowerShell
Cmdlet:
Written in a compiled .NET language.
Easier to deploy.
Help files are easier to write.
Has support for parameter validation.

PowerShell
Function:
Written in a PowerShell language.
Has to be deployed with a library.
Help is written inside the function.
Parameter validation has to be done in the
function itself.

PowerShell
Script:
Written in a PowerShell language.
Is invoked by calling the .ps1 file.
Deployed by itself or in a manifest file.
Can contain functions.

PowerShell
Set-ExecutionPolicy
Before you can run your custom scripts
you have to set the ExecutionPolicy to
RemoteSigned.
In PowerShell type:
Set-ExecutionPolicy RemoteSigned

PowerShell

PowerShell
HelloWorld.ps1
Enough of the primer! Let's get coding!
This is where you code along with me if
you can!

HelloWorld.ps1

HelloWorld.ps1
Variable(s):
a symbolic name associated with a value
and whose associated value may be
changed.

HelloWorld.ps1
Hard-Coded:
Typing the value directly into your script.
Our “Hello World” text was hard-coded.

HelloWorld.ps1
PowerShell Variables:
A PowerShell variable is defined with the
dollar sign $ followed by the name of the
variable.
For example: $message is a variable.

HelloWorld.ps1
PowerShell Variables:
Let's rewrite our HelloWorld.ps1 to use a
variable $message with our text “Hello
World”.

HelloWorld.ps1
Quotes! Single vs Double
Double Quotes (“) will attempt to resolve
any variables before anything is printed to
the screen.
Single Quotes (') will print exactly what is
typed between the quotes.

HelloWorld.ps1
Backtick `
The backtick, or grave accent, is a special
escape character. This means that you
want the next character to be printed and
not interpreted in anyway.

Getting Input
Write-Output is great. But how do you get
information from a user?
Read-Host

Getting Input

Conditional Logic
A Condition is:
a feature of a programming language
which perform a different set of
computations or actions depending on
whether a programmer-specified boolean
condition evaluates to true or false.

Conditional Logic
A Condition is:
Is the stop light is green? Keep going.
Is the stop light is red? Stop.
Is the stop light is yellow? Floor it!!!!

Conditional Logic
A Condition expressed:
● If - Beginning of the condition.
● Else - Evaluates only if preceding condition(s)
is(are) false.
● ElseIf – Evaluates if preceding condition(s)
is(are) false with a new condition.
● Switch – Multiple conditions for a single
variable or object.

Conditional Logic
A Conditional Operator:
-and = both conditions must be true.
-or = only one of the conditions must be
true.

Conditional Logic
-eq = Equals
-lt = Less Than
-gt = Greater Than
-ne = Not Equal
-ge = Great Than or Equal
-le = Less Than or Equal

Conditional Logic
-Like
-NotLike
-Match
-NotMatch
-Contains
-NotContains
-In
-NotIn
-Replace

Conditional Logic

Conditional Logic
Operator Precedence:
When operators have equal precedence,
Windows PowerShell evaluates them from
left to right. The exceptions are the
assignment operators, the cast operators,
and the negation operators (!, -not, -bnot),
which are evaluated from right to left.

Conditional Logic
Operator Precedence:
You can use enclosures, such as
parentheses, to override the standard
precedence order and force Windows
PowerShell to evaluate the enclosed part
of an expression before an unenclosed
part.

Parameters
A Parameter is:
A variable that allows you to pass an
object to a Cmdlet, Function, or Script.
Get-ChildItem

Parameters

Parameters
Get-Help Get-ChildItem
Get-ChildItem [[-Path] <String[]>] [[-Filter] <String>] [-Exclude <String[]>
[-Name] [-Recurse] [-UseTransaction [<SwitchParameter>]]
[<CommonParameters>
Get-ChildItem [[-Filter] <String>] [-Exclude <String[]>] [-Force] [-Include
-LiteralPath <String[]> [-UseTransaction [<SwitchParameter>]]
[<CommonParame
Get-ChildItem [-Attributes <FileAttributes]>] [-Directory] [-File] [-Force]
[-UseTransaction] [<CommonParameters>]

Objects vs Text
PowerShell is Object Based.
Even if you see text on the screen, that
text is actually a “String” object.
You can access the members of the object
using the . operator after the variable
name.

Objects vs Text

Piping
Piping is:
a way of moving something, unchanged,
from one place to another.

Piping
Piping is represented by the | (pipe)
character.
A pipe takes the object from the left side
and passes it to the right side.
Note: When passing to another cmdlet, $_
is used to reference the passed object.

Piping

Loops
Loops:
A way to perform the same block of code
for a specific number of times, until a
specific condition is met, or while a
specific condition exists.

Loops
Loops:
● ForEach
● ForEach-Object
● For
● While
● Do While
● Do Until

Loops

Comments
Comments are defined by the # symbol.
Block comments are enclosed with <# and
#>.
.SYNOPSIS
.DESCRIPTION
.PARAMETER
.EXAMPLE

Comments

Putting it all Together
The final program!
Requirements:
● Search all files.
● Find the ones that were modified in a
specific date range.
● Create a list of those files and display
them.

Pitfalls
Don't overuse the Pipe! Not everything has
to be done in a single line.
It's more important that you understand
the code before you try to condense it to a
single line.

Pitfalls
With Loops, start small then open the
valve all the way!
You can get more than you wanted, or get
stuck in an endless loop.
Especially true when doing File operations!

Resources
Freenode (irc.freenode.net)
#PowerShell, #pssec, #poshsec channels.
Learn Windows PowerShell in a Month of
Lunches ~ Don Jones
Carlos Perez – PowerShell Workshop at
DerbyCon.

Contact - Q&A
Ben Ten (0xA)
@Ben0xA - twitter
http://ben0xa.com
https://poshsec.org
web@ben0xa.com
Ben0xA – LinkedIn, Github, keybase, etc.
irc.freenode.net
#burbsec, #poshsec, #pssec
QUESTIONS?!

Thank You!

Practical PowerShell Programming for Professional People

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Andere mochten auch

Andere mochten auch (20)

Ähnlich wie Practical PowerShell Programming for Professional People

Ähnlich wie Practical PowerShell Programming for Professional People (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Practical PowerShell Programming for Professional People