Programming Humor Meme of the week --
I've been told that my power shell cohorts don't appreciate my naming conventions. They prefer to use larger variable names that have something specifically tied to that script. I don't like that and I prefer to have it simplistic so I can focus on the functionality of what my scripts are doing. This meme kinda reminds me of that. It shows that someone out there likes to use their brackets on the site. Personally -- they're dumb and this is terrible >:-D but to each their own.
Here is a quick example of the format I use for my scripts (this was a teaching element I used for one of my teams on powershell's netsted hashtables ):
To me, the use of variables in a powershell script can sometimes lead the reader astray. If the reader needs some assistance with a line, that is what comments are for. When jumping through so many different scripting languages, I feel that it is easier to utilize a similar format across them all for familiarity.
Powershell is important because it is the new Microsoft language that can fully interact with everything internally. They are gearing themselves to an operating system that can be manually operated through a user-friendly language. Whats more is that they permit users to create their own cmdlets, functions, modules, and packages.
How does this tie into security? How about the PowerShell Empire? This was a site that started the push for using powershell to get information about local/remote system to help test security mechanisms. While the original site is no longer maintained (http://www.powershellempire.com/?page_id=110), there is a github for PowerShellEmpire 3 (https://github.com/EmpireProject/Empire/wiki/Quickstart).
Powershell Empire 3 from github is this massive module that has tons of powerhell variants for things like code execution, gathering credentials, exploitation, ex-filtration, recon, and much more. Here is a more recent how to video using it:
No comments:
Post a Comment