Basics of Windows Powershell | TryHackMe Windows PowerShell

This post provides a comprehensive introduction to PowerShell, a Microsoft-developed task automation and configuration management framework. It covers essential commands and workflows, including navigation, file management, and installing external modules. The post also covers the answers for TryHackMe Windows Powershell room.

COMPTIA Cyber Security Analyst (CySA+) Study Notes

HackTheBox Certified Defensive Security Analyst (CDSA) Study Notes

Overview

Solve challenges from the TryHackMe Windows PowerShell Room.

PowerShell Basics:

Integrates a command-line interface with a scripting language.

Based on the .NET framework, suitable for automating tasks and managing configurations.

Objective:

Learn foundational PowerShell commands.

Apply PowerShell for system administration tasks.

Key Topics Covered

1. Getting Started with PowerShell

1. List Available Commands:Command:

Get-Command

Outputs all available cmdlets, functions, aliases, and scripts in the current session.

Filter specific types:

Get-Command -CommandType Cmdlet
Get-Command -CommandType Function

Accessing Help for Commands:

• Command:

Get-Help <CommandName>

Displays command syntax, description, and usage examples.

Example:

Get-Help Get-Command -Examples

2. Working with External Modules

1. Find External Modules:Search for modules in online repositories:

Find-Module -Name PowerShell*

Install a Module:

• Command:

Install-Module -Name <ModuleName>

Example:

Install-Module -Name PowerShellGet

3. Navigating the File System

1. List Directory Contents:Command:

Get-ChildItem -Path <Path>

• Default behavior shows contents of the current directory.

Change Directory:

• Command:

Set-Location -Path <Path>

Example:

Set-Location -Path "C:\Users"

Create Directories and Files:

• New Directory:

New-Item -Path <Path> -Name <DirectoryName> -ItemType Directory

New File:

New-Item -Path <Path> -Name <FileName> -ItemType File

4. Managing Files and Directories

1. Delete Files or Directories:Command:

Remove-Item -Path <Path>

Example:

Remove-Item -Path "C:\Temp\TestFile.txt"

Copy Files:

• Command:

Copy-Item -Path <SourcePath> -Destination <DestinationPath>

Move Files:

• Command:

Move-Item -Path <SourcePath> -Destination <DestinationPath>

Advanced Usage

1. Filter and Search Output:Example: List all .txt files in a directory.

Get-ChildItem -Path "C:\Temp" -Filter "*.txt"

Retrieve System Information:

• Command

Get-Process

• Example: Display all running processes.

Create Loops for Automation:

• Example: Loop through files and perform actions:

Get-ChildItem -Path "C:\Temp" | ForEach-Object {
    Write-Output "Processing file: $_"
}

Practical Applications

• Navigating Directories:Navigate to a user directory:

Set-Location -Path "C:\Users\<Username>\Documents"

File Creation and Management:

• Create a test file:

New-Item -Path "C:\Temp" -Name "TestFile.txt" -ItemType File

Installing Modules:

• Install a module for JSON serialization:

Install-Module -Name "PowerShellForJSON"

Key Takeaways

• PowerShell provides robust capabilities for automation and system administration.
• The Get-Command, Get-Help, and Find-Module commands are critical for discovering and learning PowerShell functionalities.
• Practical use cases include file management, module installation, and task automation.

TryHackMe Windows Powershell Room Answers

Room answers can be found here.

Video Walkthrough