Reading Time: 2 minutes

PowerShell for Hackers

As I’m learning more PowerShell and dabbling into hacking I will be composing a list of techniques and scripts that I find very beneficial for administration and pen-testing.

Basics

Linux Watch Command but with PowerShell

System Running Processes

IP to Hostname

Is Server Virtual or Physical?

Lookup User Information

Change File Modified Date and Time

Find Apps Running on Port

Base64

Querying Databases

https://gist.github.com/cmatskas/08411b916ab01e3f1439#file-powershellsqlquery-ps1

Domain Controllers

Downloading Files with PowerShell

PowerShell Reverse Shells

https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md#powershell

Loading Executables in PowerShell

If you screw up and have to unload your assembly try closing PowerShell. When an assembly is loaded like this in PowerShell it’s loaded into the AppDomain and remains there for the lifecycle of PowerShell.

Windows Exploit Suggester

While this is a python script. You will need to get the system info using PowerShell/CMD.

https://github.com/AonCyberLabs/Windows-Exploit-Suggester

Copy and paste the results into a file and then commands can easily be ran against Windows Exploit Suggester which will help with privilege escalation.

PowerShell Frameworks & Tools

These are proven frameworks that can be used to reliably exploit a Windows environment.

Using Vim with PowerShell

First, you’ll need to install Vim. Download, run and install the file “gvim82.exe” (as of 02/06/2020)…

https://www.vim.org/download.php#pc

Once Vim is installed you’ll need to run PowerShell in Administrator mode to configure the integration.

You can learn more from this article.
https://codeandkeep.com/PowerShell-And-Vim/