.

Powershell

<<

yatz

Full Member
Full Member

Posts: 222

Joined: Tue May 25, 2010 2:58 pm

Post Mon Jun 14, 2010 1:28 pm

Powershell

Hey I was just thinking about using Powershell as a remote shell instead of the standard cmd.exe.  Has anyone done this before?  If you have, what capabilities did you use that were not available in the standard shell?

I only wonder because I was doing some SharePoint scripting using Powershell and it showed a LOT of potential inherent to the shell that otherwise would have required some kind of programming language (duh, because powershell is basically an interpreter).
"Live as though you would die tomorrow, learn as though you would live forever."

CCNA, MCSA, MCTS, Sec+, Net+, Linux+, CEH
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Tue Jun 15, 2010 6:18 am

Re: Powershell

"Remote shell" for a pentest? I wouldn't bother with it. In a penetration testing gig your role is using to validate the ability to get into a system. While you may make mention of installation of software in your tactical plan to your client, what purpose would it serve. If you already got into a machine, you've done your job especially if you can install software on the machine so updloading Monad (powershell) unto a machine is pointless. It's kind of like saying "I broke into a bank and once there I decided to change the camera system to show X..." Eliminate all but the first five words... "I broke into a bank" your role is done. Installing software on a machine you've pentested can potentially break something somewhere down the line especially with Windows systems where reliance on DLL files are high.
<<

yatz

Full Member
Full Member

Posts: 222

Joined: Tue May 25, 2010 2:58 pm

Post Tue Jun 15, 2010 8:18 am

Re: Powershell

A pentest is more than just exploiting one host my friend...

My point is more along the lines of using Powershell to easily access network resources using the added features.  Also you don't necessarily need to install it since it is required for certain server apps like Exchange 2010, and Windows Server 2008 has it as a built in feature (not to mention Server Core).

Plus, it's basically the same as running python and having the immediate interpreter at your fingertips, except it's PS rather than PY.
"Live as though you would die tomorrow, learn as though you would live forever."

CCNA, MCSA, MCTS, Sec+, Net+, Linux+, CEH
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Tue Jun 15, 2010 9:19 am

Re: Powershell

True indeed that pentesting is more than just one machine, but you've missed the gist of what I was trying to get at. In most instances I try to avoid leaving footprints via way of software installs and even tool usage since many tools are pretty noisy. I've found that with a minimalist set of tools one can still accomplish most tasks. E.g. using telnet + sleep as opposed to always using nmap.

In using tools already in place, you're less likely to set off alarms or get tripped up if an admin (while doing say a zero knowledge) sees you and cuts you off. I personally like to enumerate and send targeted attacks as opposed to scripted ones to confirm/validate something. This is something automation is not good at (finding discrepancies). To each their own though. I would not install software if I didn't have to especially for the sake of automating the testing.
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sun Jun 27, 2010 5:53 pm

Re: Powershell

It's worth noting that powershell is included in all Windows versions going forward, as well as other MS server products such as Exchange, SQL Server, etc.

Powershell is really powerful, and if it's there, I don't see any reason not to use it.

Also, if you haven't seen it, check out this module: http://code.msdn.microsoft.com/bsonposh
The day you stop learning is the day you start becoming obsolete.

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software