PowerShell For Pentesters Part 2: The essentials of PowerShell

PowerShell represents one of the most interesting and powerful languages for a pentesting purpose as we explained in the first part of this lab series.

For the first part of this series of labs, we discovered together an introduction to PowerShell and CMDLETS, which represent one of the most importing things to learn before beginning to think about using PowerShell for a pentesting purpose.

In this article, we will try to discover the essentials of this beautiful and powerful language.

The first thing that we will discover together represents operators.

Operators in PowerShell is closely similar in what we find in some other scripting language, here are the most critical operators that we will discover together.

Figure 1: Operators in PowerShell

For more details about the role of each operator you can visit the official documentation:

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/?view=powershell-6

Let’s take a tour to discover the utilization of operators.

First, let’s discover some basic operators like addition (+) or multiplication (*), it’s used simply, as we can see in the following screenshot:

Figure 2: Basic Operators (+ and -)

We can also use arithmetic operators, precisely the addition one with Strings (that will do a concatenation between strings or between strings and numeric characters, or multiplication (*) with a string character (it will multiplicate the number of characters), which can be very useful for us in a fuzzing context, let’s see that:

Figure 3: Arithmetic Operators (+ and *) with Strings

We can also use it with variables.

To declare variables, you can do it with a “$” sign before the name of your variable. Here’s an example of creating variables (in our example the variable “var” is created using “$var” and manipulate them using assignation operators (very similar to assignment operators present in other languages):

Figure (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Kondah Hamza. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/bokyxODs4UQ/