What Is PowerShell
I do believe that one of the biggest skills that both Administrator and Security Professional should have is to be able to automate tasks on a systems they are responsible for. Many old Unix long bearded veterans say that admins are lazy and they script and automate tasks because of that, I see it as being smart, we are taking tasks that could take hours and crunch it down to seconds, we reducea risk by making sure an action is repeatable and we learn in the process of automating making us better. So I decided to start a series of blog post and do an introduction on one of my favorite scripting languages which is Microsoft PowerShell.
PowerShell as the name implies is a shell first, a scripting language second. Microsoft a long time ago did a study on areas that they considered they where week and needed improvement and one of this was the ability to automate and administer a system thru a shell. Microsoft designed and came with what I consider a rather unique approach in PowerShell and that is a Object Model based shell. Most shells in Linux, Unix and even cmd.exe shell in Windows are text driven where each command returns itâs out put in strings, in PowerShell the output of each command or cmdlet as it is called in PowerShell is a .Net Object that we can then use in many unique ways. The grammar is based originally on the POSIX Shell grammar and then evolved and expanded by adding concepts from Perl, Python, VBScript and C#.
Setting Up the Environment
Depending our version of Windows are the steps we need to take to get PowerShell running on our system. On Windows system after Windows 7 and Windows Server 2008 R2 power shell comes built in, on Windows 2008 it i s a feature that needs to be installed from the feature available in server manager and on Windows Vista, Windows XP and Windows 2003 you will need to download the installer from the download section in http://www.microsoft.com/powershell and install the package. For this series I will be covering v2.0 of PowerShell and some of the new improvements that will come with v3.0. One important thing to keep in mind is that PowerShell uses the .Net framework so running the latest version of .Net Framework will provide us the best flexibility and capabilities on the objects returned from the PowerShell commands.
You will notice the depending your platform and build you will have x86 and/or x64 versions of PowerShell console and PowerShell ISE (Interactive Scripting Environment), the shortcuts will be located in Windows XP, Windows 2003 and Windows Vista in Start â> All Programs â>Windows PowerShell V2 and on more modern versions of Windows you will find it in Start â> All Programs â> Accessories â> Windows PowerShell in addition to this from a command prompt or from the run dialog box you can call powershell.exe for the console and powershell_ise.exe to launch the Integrated Scripting Environment.
One of the first things you will notice when you launch the console in your machine it will be a console screen with a Blue background and lightly yellow letters
I recommend that you customize even more the shortcut by doing a Right Click on the PowerSherll Symbol on the top left and selecting Properties
In Options increase Buffer Size so as to save more commands in the buffer and enable QuickEdit Mode and Insert Mode if not selected.
Under Layout we can adjust the With and the Height of our Screen Buffer to better accommodate our screen size and the amount of output history we want for scrolling in the Console.
If a program line Exchange Server or VMware PowerCLI sets a separate shortcut for a console for use of their snapping we must also do the changes on those shortcuts also. If you run PowerShell by invoking the command via a command prompt or thru the Run dialog box you will be greeted with a screen like this one:
Easily confused with a command prompt and does not have any of the setting we set since those are for the shortcut it self. Since PowerShell is a component at setup none of those settings that come set by default are set because PowerShell reads the information from HKCUConsole for the user. To customize this I recommend you visit this page http://poshcode.org/2220 and copy and paste the PowerShell code shown there and paste it in a PowerShell prompt running as Administrator you can use the Windows Calculator in Scientific mode to set your values in the proper hex values and do the changes in notepad before running the commands. This will give you a console like the one you call from the shortcut in your programs menu. These changes can also be made on Windows 8 running PowerShell v3.
Console Keyboard Commands
|Left/Right Arrow Keys||Move the editing cursor one space each time thru the current command line.|
|Crtl+Left Arrow, Crtl+Right Arrow Keys||Moves the editing cursor one word each time thru the current command line|
|Home||Moves cursor to beginning of the current command line|
|End||Moves cursor to the end of the current command line|
|Up/Down Arrow Keys||Moves up and down thru the command history|
|Tab||Does command and option completion|
|F7||Shows command history window that can be navigated with the Up and Down Arrow Keys, pressing Enter will execute the command selected in the window|
|Insert Key||Toggles between character insertion and character overwrite mode|
|Delete Key||Deletes a character under the editing cursor in the current command line|
|Backspace Key||Deletes a character to the left of the editing cursor in the current command line|
In the addition to the history command window one sees when pressing the F7 Key
One can use the Get-History cmdlet or the history alias for the command (More details on command and how to use the history command for generating scripts in blog posts to come) he command will return a list of the commands enter indexed with a number:
PS C:UsersCarlos Perez> get-historyId CommandLine-- -----------1 dir2 Get-Process3 Get-Service4 Get-Command -Verb get
To recall one of the commands in the history one uses the # symbol and the number of the command an the press the tab key to pull the command from history to the current command line.
Integrated Scripting Environment
Microsoft started including with PowerShell 2.0 the ISE (Integrated Scripting Environment) this is more than a script editor it also functions as as interactive shell and support plugins that can extend itâs functionality.
Some of the advantages of the ISE are:
1. Multiple Script editing tabs.
2. Use of easier editing and selection of command output.
3. Color Syntax for PowerShell Scripts
4. Remote PowerShell Session.
5. Execution of selected PowerShell Code with F8
6. Tab Completion for Command and Options
Microsoft greatly improved ISE in PowerShell v3 by adding IntelliSense just like in Visual Studio an improve command window that looks and behaves better and a command search pane:
I invite you to play with settings for your console and ISE and get it to a point where you are confortable with the setup and appearance and also invite you to play a bit with the commands. In the next blog post we will go a little deeper in to the existing commands, loading modules and snapping, getting help and execution policy for scripts.