PowerShell.org

Community Hub

Podcast

Episode 174 – Matt Graeber using PowerShell in Infosec

Jonathan Walz
3 min read
Share:

Listen to this Episode

Audio available

A Podcast about Windows PowerShell. Listen:

****

  In This Episode





  **Tonight on the PowerScripting Podcast, we talk to Matt Graeber about using PowerShell in the Infosec industry

**

  News





  This segment is brought to you by TrainSignal





  Get online computer based training for you and your whole staff from TrainSignal. TrainSignal offers more than 80 IT training courses in the areas of Security, Network Administration, Virtualization, PowerShell and more. With 24/7 online access, TrainSignal"™s training courses are accessible on almost any device including PC, Mac, iPhone, iPad, Android smartphones, and more.  For more info and a list of courses, visit [TrainSignal.com](http://trainsignal.com/).





  - 


      Columbus, OH gets the world"™s first PowerShell Saturday event! Block out March 10th on your calendar. Details [will be announced here soon](http://powershellgroup.org/central.oh)!





  - 


      Version 2.7 of PowerWF and PowerSE [are now available](http://poshoholic.com/2012/01/24/powerwf-and-powerse-2-7-are-now-available/)





  - 


      Version 1.1 of the [iLO PowerShell Library is out](http://practicaladmin.wordpress.com/2012/01/17/ilo-powershell-library-1-1-update/)


  Interview





  This segment brought to you by Start-Automating





  Start Scripting to Your Fullest Potential.  At Start-Automating, we can help you unleash the full Power of PowerShell V2.  You can use our deep PowerShell expertise to build rich PowerShell solutions, or we can train you to use PowerShell like a pro. Isn"™t it time you Save-Time, Save-Money, and Start-Automating?  Find out more at [Start-Automating.com](http://start-automating.com/).


  Links





  - 


      Matt"™s blog: [http://www.exploit-monday.com/](http://www.exploit-monday.com/)


  Chatroom Banter





  **

**

  [21:51:04]  ## How does he get around the execution policy remotely?





  [21:51:32]  "Post Exploitation" - an important point is that PowerShell is a glorious language to do what he could have already done in other ways





  [21:52:04]  Excel macros can also do all the stuff Syringe does





  [21:54:47]  http://technet.microsoft.com/en-us/library/cc722487.aspx





  [21:54:53]  "Ten immutable laws of security"





  [21:55:04]  #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore





  [22:00:28]

halr9000: Did Matt discover any WMI vulns during pen testing?

  [22:00:32]  VBA (excel) macro to do what he just did:





  [22:00:33]  Declare Function CreateRemoteThread Lib "kernel32" (ByVal hProcess As Long, lpThreadAttributes As Long, ByVal dwStackSize As Long, ByVal lpStartAddress As Long, ByVal lpParameter As Long, ByVal dwCreationFlags As Long, lpThreadId As Long) As Long





  [22:01:51]  Does he consider PowerShell a vulnerability, or does it just make it easier to do what he could otherwise have done?





  [22:03:22]

Did Matt discover any WMI vulnerabilities during his testing?

  **

**

  The Question





  **

**

  Super Power: Omnipotence!


  Resources





  - 


      [Get Windows Update info from PowerShell](http://blogs.technet.com/b/heyscriptingguy/archive/2012/01/20/get-windows-update-status-information-by-using-powershell.aspx)





  - 


      Jeff Hicks presents [PowerShell in Nutshell](http://feedproxy.google.com/~r/JeffsScriptingBlogAndMore/~3/ZGWdQOE8qlk/)





  - 


      Josh Atwell [has a function to make cloning VMware VMs easier](http://www.vtesseract.com/post/16447807254/clone-list-powercli-function)





  - 


      Boe Prox wrote about [managing remote services](http://learn-powershell.net/2012/01/15/startingstopping-and-restarting-remote-services-with-powershell/)





  - 


      Don Jones teaches[ many ways to create custom objects](http://technet.microsoft.com/en-us/magazine/hh750381.aspx)


  Tips





  - 


      Sean Kearney [shows us how to explore cmdlet parameters](http://www.energizedtech.com/2012/01/list-all-of-the-parameters-for.html)





  - 


      Monitor Memory usage [from your PowerShell prompt](http://trevorsullivan.net/2012/01/23/powershell-prompt-function-to-monitor-memory-usage/)





  - 


      [Use the range operator](https://plus.google.com/106423422372421380780/posts/6yuwQkFzsUF) to build consecutive computer names





  - 


      [Quickly find folders in a directory listing](http://stackoverflow.com/questions/9010681/alias-for-psiscontainer)





  - 


      [Manage cookies with PowerShell](http://powershell.com/cs/blogs/tips/archive/2012/01/16/managing-internet-cookies.aspx)