Skip to main content


Showing posts from March, 2017

Simple PowerShell One-Liners

In this post, I want to go over some basic recon-style commands in PowerShell, which complements a talk I gave recently at the DefCon 416 meetup. A good chunk of my demonstration consisted of various ways to accomplish simple recon and post-exploitation tasks by leveraging what is already installed throughout Windows environments.
I'm going to keep things very basic and simple just in case PowerShell is brand new to you. These "one-liners" are meant to show things you can incorporate into a script that, when placed onto a targeted machine, executed in memory, can spit the output into a file or send it back to a C2 server.

Let's begin :)

I am using a Windows 7 virtual machine running PowerShell v2, but feel free to use Win8 or higher.
Open up a PowerShell prompt (no need to run as an admin, but may be required later).

I create a folder on the desktop called "hello" with a single text file called "hello.txt" inside. Feel free to do the same and use…