Late October PowerShell V2 was released for almost all Windows platforms. Check out http://support.microsoft.com/kb/968929 and download the version you need.
Happy scripting!
Chris and Mario presented and demonstrated the new Metasploit modules that are designed to find and identify Oracle databases, find the SIDs, brute force passwords and escalate privileges.
An interesting comment is that they where actually able to evade Snort detection by base64 encoding the attack.
Finding the next available driveletter on a system, excluding reserved driveletters, can be done using the following PowerShell 1-liner.
[char[]]”DEFGJKLMNOPQRTUVWXY” | ?{!(gdr $_ -ea ‘SilentlyContinue’)} | select -f 1
The character array containing only valid driveletters (in this example A, B, C, H, I, S and Z are not to be used) is piped to the where-object cmdlet which uses Get-PSDrive to filter out the non-used drive letters. These are then passed to the Select-Object cmdlet which only displays the 1st match.
Beware: the line above returns only the bare driveletter – no colon is appended.
Have a look at this script from Stephane Chazelas appeared in the Appendix A of a very old version of the “Advanced Bash-Scripting Guide”.
#!/bin/bash
# obj-oriented.sh: Object-oriented programming in a shell script.
# Script by Stephane Chazelas.
person.new() # Looks almost like a class declaration in C++.
{
local obj_name=$1 name=$2 firstname=$3 birthdate=$4
eval "$obj_name.set_name() {
eval \"$obj_name.get_name() {
echo \$1
}\"
}"
eval "$obj_name.set_firstname() {
eval \"$obj_name.get_firstname() {
echo \$1
}\"
}"
eval "$obj_name.set_birthdate() {
eval \"$obj_name.get_birthdate() {
echo \$1
}\"
eval \"$obj_name.show_birthdate() {
echo \$(date -d \"1/1/1970 0:0:\$1 GMT\")
}\"
eval \"$obj_name.get_age() {
echo \$(( (\$(date +%s) - \$1) / 3600 / 24 / 365 ))
}\"
}"
$obj_name.set_name $name
$obj_name.set_firstname $firstname
$obj_name.set_birthdate $birthdate
}
echo
person.new self Bozeman Bozo 101272413
# Create an instance of "person.new" (actually passing args to the function).
self.get_firstname # Bozo
self.get_name # Bozeman
self.get_age # 28
self.get_birthdate # 101272413
self.show_birthdate # Sat Mar 17 20:13:33 MST 1973
echo
# typeset -f
# to see the created functions (careful, it scrolls off the page).
exit 0
Comparing version numbers can be tricky from time to time, before you know it you end up in auto-casting issues comparing strings to integers etc. The most common format of a version number in Windows is “Major. Minor. Build. Revision” where each individual item is a figure, but because of the separating dots PowerShell will treat each item as a string.
The .Net System.Version assembly offers a CompareTo method which can do the trick, as shown in the figure below.
The CompareTo method will return 1, 0 or -1 depending whether the compare to version is higher, equal or lower.
Thanks to Shay Levi (see the comment) I now know a better/faster method for comparing version numbers (thaks Shay). PowerShell has its own [vesion] type. This removes the need of loading the assembly and using New-Object. It still allows for using the CompareTo method and direct compare via -ge, -gt, etc.
The CompareTo method will distinguish between the 3 possibilities (>, < or =), but direct comparison might be sufficient in a script.
PowerShell allows for inline parameter control for some of its cmdlet parameters. Based upon commandline and/or inputfile content you might want to turm some of the cmdlet parameters on or off.
For example: scripts manipulating files will often use the Get-ChildItem cmdlet in combination with the -recurse parameter, but not allways the subfolder files are required. Instead off having multiple Get-ChildItem commandlines (each with their own set of parameters) a single line might be possible.
The following examples use the Get-ChildItem cmdlet to show what I mean.
The command in figure below will display all *.tmp files in the current folder and its subfolders.
By extending -recurse with :$false recursive lookup will be turned off.
On the otherhand, replacing $false with $true will turn recursive lookup on again.
So using a boolean variable we can turn recursive lookup on or off from within the script (-recurse:$RecurseOnOff). And of course this method also works for other parameters.
And it does get stranger….. in some occasions you can also reverse the default action of a parameter. Hence the following figure.
The 1st command will show all files with exception of the *.tmp files. By appending :$false to -exclude, we turn -exclude into -include as demonstrated by the 2nd command.
This form of parameter manipulation offers a scala of possibilities. Using script parameters to control cmdlet behaviour can both decrease script size and complexity.
Have fun experimenting with this little trick