Lead Image © Fernando Gregory Milan, 123RF.com
Security with PowerShell 5
Defense Against the Dark Arts
PowerShell has become the ultimate administration tool. However, the scripting language is also enjoying increasing popularity among attackers by allowing them to penetrate systems without detection and work their way up the network (Figure 1). Fortunately, administrators are not completely defenseless, because PowerShell 5 offers some useful security features that both limit the use of the scripting language and block other attack paths.
Figure 1: PowerShell allows all kinds of high jinks that can also be misused for attacks.
Windows PowerShell is a powerful tool that combines the command line with a script interpreter. The execution of instructions always linked to the user's context sufficiently arouses the attention of IT security admins; other special features can be viewed critically. Many admins equate PowerShell with the PowerShell.exe file; by simply blocking the executable file, they hope PowerShell will no longer be accessible. However, this is not correct. The following code fragment shows the true nature of PowerShell as part of Microsoft's .NET framework:
$ObjWPS = [POWERSHELL]::Create();
$ObjWPS.AddCommand("get-service");
$ObjWPS.Invoke();PowerShell is stored in the shared library System.Management.Automation.dll, which means that
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
PowerShell add-on security modules
Numerous PowerShell add-on modules provide security and attack functions for penetration tests and forensic analyses, to help admins search for vulnerabilities in their networks. -
Use PowerShell to manage Exchange Online
Exchange Online in Office 365 can be managed just like its local counterpart with similar, sometimes identical, PowerShell cmdlets. -
Stressing security with PowerShell
PowerShell is not the usual go-to tool for pentesting, but it can reveal IT vulnerabilities that suggest a more considered use of the tool. -
Convert Linux shell commands into PowerShell cmdlets
Convert Linux shell commands into PowerShell cmdlets and modules and run them in a PowerShell environment. -
Platform independence with PowerShell Core
Microsoft has broken new ground with the release of PowerShell Core 6.0, which at heart is a complete reboot in terms of architecture and objectives. For the first time, a new version is not linked to the Windows operating system.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
