Skip to main content

Posts

Showing posts from January, 2018

What are Positional Parameters?

Often while teaching PowerShell, we get into a discussion about how someone, usually me, types this: Get-Help Get-Date Instead of Get-Help –Name Get-Date PowerShell parameters utilize positioning.  Good authors of cmdlets will determine which parameter will be the most frequently used and put that parameter in the first position.  That means if the user types a cmdlet, they can immediately provide the data for that parameter without calling the parameter name.  Take a look at the –Name parameter of Get-Help -Name     Gets help about the specified command or concept. Enter the name of a cmdlet, function, provider,     script, or workflow, such as `Get-Member`, a conceptual topic name, such as `about_Objects`, or an     alias, such as `ls`. Wildcard characters are permitted in cmdlet and provider names, but you     cannot use wildcard characters to find the names of function help and scri...

How to start a PowerShell Script from a Batch File

How to start a PowerShell Script from a Batch File In last week’s PowerShell class in Phoenix, we had a last minute question.  It involved trying to simplify the launching of a PowerShell script for users.  Having end users working with PowerShell has long been a cumbersome task.  End users like a GUI.  We can put a GUI interface on top of our code, but it is difficult to do manually or you need a third party solution.  When you build a GUI, it also takes an additional skill set that most IT Pros do not have. We decided to go with a batch file.  Yes, I know.  Old tech but we will give it new life.  Here is our test code for this project. We saved this file as c:\ps\Test1.ps1. Write-Host "I work!!!" -BackgroundColor DarkMagenta Yes, I know.  Not exactly exciting.  The purpose of this is to get it to launch with a batch file. We looked at the PowerShell.exe Command-Line Help (https://docs.microsoft.com/en-us/powers...

How to tell PowerShell which version of .NET to Use

Here is one from this week’s PowerShell class. We just finished a lesson on methods and I passed on “The first rule of Computer Science” to my class that one of my professions, Dan Matthews, passed on to me.  It simply states “Never re-invent the wheel”.  With that, we started to talk about the value of methods.  The question popped us as to which version of .Net is PowerShell using and how to select a different version?  Well, here is how to determine the current installed versions of .Net:   PS C:\> Get-Childitem "HKLM:\SOFTWARE\Microsoft\NET Framework Setup\NDP"     Hive: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP Name                           Property                     ...

Disabling the Copy Functionality in a Windows Form

I’m currently in the middle of writing version 2 of my Security+ learning engine.  Some of you from last weeks Security+ class know that I have been developing a tool using SAPIEN PowerShell Studio to help you with the massive amount of terminology that you need to know for the Sec+ exam.  You also remember that I was putting in some safe guards to help protect the application from piracy.  I’m going to share one of those safeguards.  Here is a current view of version 2 of the product. What I want to do is to disable the ability to copy the questions and answers to the clipboard.  Here is how you do it.  In the Designer view, click on the object that you want to protect.  In this case, I am clicking the text box that contains the questions.  In the Properties dialog, set the value for ShortcutsEnabled to False .  This turns off the right clicking capability of the object. While talking about Active Directory Rights Manage...

Getting Hacked in Security+

This week we had a little surprise when we were working on the auditing component of our Security+ class here in North Carolina.  The labs this week are built in Azure and I gave each one a public IP address.  On Wednesday afternoon with the VMs online since Monday, we took a look at the failure login attempts.  We got a big surprise with over 11,000 bad logon attempts.  We then started the second set of VMs fresh.  It took about 10 minutes until we started to see the attempts to access those VMs.  If this does not tell you we operate in a hostile environment, nothing will.  Here is the PowerShell code that we used and the results on the systems online for 10 minutes. Get-EventLog -LogName Security -InstanceId 4625 |     Select-Object -Property TimeGenerated ,     @{N = "AccountName" ;E = { $_ . Message . Split( "`n" ) [ 12 ]. Replace( "Account Name:" , $Null ) . Trim()}} ,     @{N = "D...

Test Generator made with SAPIEN PowerShell Studio

Many of you who read this blog know that I utilize SAPIEN PowerShell Studio when I need a GUI on top of my code.  Here is the latest.  As part of my delivery of Security+ for both the Navy and my civilian business, one item of concern that I hear time and time again is the sheer amount of terminology that students need to memorize.  On the Navy side, we only give them a week to take the course and prep for the exam, which is a huge undertaking.  To help address this issue, I used PowerShell Studio to create a testing engine. I have always told my PowerShell classes that if the tool does not exist, make it.  This tool continuously repeats questions until the student gets it right.  With several hundred test questions in the pool for the 11 modules that I teach, this test environment is part of the Azure lab environment that I have for each student.  There is another tool to help populate the test engine with questions.  without PowerShell Stu...

What is the difference between –Property and –ExpandProperty in Select-Object

This is often a source of confusion when someone is new to PowerShell.   Since PowerShell is used mostly be non-programers, they often do not understand what an object is.   You need to have a basic understanding of objects to know how these two difference parameters work.   Let me give you an example. PS C:\> Get-ADUser -Identity AdminUser     DistinguishedName : CN=AdminUser,CN=Users,DC=Adatum,DC=com Enabled            : True GivenName           : Name               : AdminUser ObjectClass        : user ObjectGUID         : 696591fc-6697-4d93-b624-3ef7de206ee9 SamAccountName     : AdminUser SID                : S-1-5-21-817349643-1871...