Lead Image © Freya Sapphire, Photocase.com
Stressing security with PowerShell
Impenetrable
Windows PowerShell is more than just a preferred tool for administrators – it's ideal for penetration testing. To check a system thoroughly for vulnerabilities, pentesters need to assume the role of the attacker. With the help of native scripts by Nishang and Empire, known security gaps can be tested, the authorization level escalated, system information obtained, or the system damaged by malware.
Windows PowerShell (WPS) has been the standard tool of many system administrators for several years, providing both imperative (command chains with system instructions) and declarative (defined objectives such as Desired State Configuration) features. The idea of associating this tool with "hacking" because of its everyday use seems a little strange. However, it is the comprehensive conceptual design of PowerShell that makes it interesting for penetration tests. In security, the framework is mainly used in three areas: post-exploitation, infrastructure scanning and information gathering, and attacks over the communication structure.
Procedure and Tools of Attackers
Post-exploitation essentially refers to the operational phases after a victim's system has been compromised by the attacker. The value of the compromised system is determined by the data stored on it and its potential use for malicious purposes. Post-exploitation focuses on the information from the hacked system, which is available for further use within complex structures, especially networks. In this phase, the attacker collects confidential data to analyze configuration settings, network interfaces, and other communication channels. The information is used to maintain permanent access to the system in line with the attacker's requirements. The system can be compromised by exploiting existing vulnerabilities in the remote configuration, by social engineering, or by leveraging exploits in applications.
For the
...
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Remotely managing web access servers
The Windows PowerShell web-based console lets you run PowerShell commands and scripts in your browser. -
Use PowerShell to manage Exchange Online
Exchange Online in Office 365 can be managed just like its local counterpart with similar, sometimes identical, PowerShell cmdlets. -
Security with PowerShell 5
Despite the growing exploitation of PowerShell's scripting language by hackers, the tool's security features also offer a line of defense. -
Platform independence with PowerShell Core
Microsoft has broken new ground with the release of PowerShell Core 6.0, which at heart is a complete reboot in terms of architecture and objectives. For the first time, a new version is not linked to the Windows operating system. - SSH Comes to Windows PowerShell
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
