In this article, I will write a write-up for the Windows PowerShell that covers What Powershell is, Powershell Basics, Navigating the File System and Working with Files, Piping, Filtering and Sorting Data, System and Network information, Real-time System Analysis as well as Scripting.
What do we call the advanced approach used to develop PowerShell?
object-oriented
How would you retrieve a list of commands that start with the verb
Remove
? [for the sake of this question, avoid the use of quotes (" or ') in your answer]Get-Command -Name Remove*
What cmdlet has its traditional counterpart
echo
as an alias?Write-Output
What is the command to retrieve some example usage for the cmdlet
New-LocalUser
?Get-Help New-LocalUser -examples
What cmdlet can you use instead of the traditional Windows command
type
?Get-Content
What PowerShell command would you use to display the content of the "C:\Users" directory? [for the sake of this question, avoid the use of quotes (" or ') in your answer]
Get-ChildItem -Path C:\\Users
How many items are displayed by the command described in the previous question?
4
How would you retrieve the items in the current directory with size greater than 100? [for the sake of this question, avoid the use of quotes (" or ') in your answer]
Get-ChildItem | Where-Object -Property Length -gt 100
this will help with breakdowns like
-gt
representsgreater than
then we add the100
that was mentioned and the-Property
Other than your current user and the default "Administrator" account, what other user is enabled on the target machine?
p1r4t3
First, you have to run the ssh captain@ip_address Followed by running the PowerShell command which will open up the right path the image below answers questions 9 & 10
This lad has hidden his account among the others with no regard for our beloved captain! What is the motto he has so bluntly put as his account's description?
A merry life and a short one.
Now a small challenge to put it all together. This shady lad that we just found hidden among the local users has his own home folder in the "C:\Users" directory. Can you navigate the filesystem and find the hidden treasure inside this pirate's home?
THM{p34rlInAsh3ll}
you have to cd p1r4t3
then ls
followed by cd hidden-treasure-chest
then follow the rest of the commands
In the previous task, you found a marvellous treasure carefully hidden in the target machine. What is the hash of the file that contains it?
71FC5EC11C2497A32F8F08E61399687D90ABE6E204D2964DF589543A613F3E08
What property retrieved by default by
Get-NetTCPConnection
contains information about the process that has started the connection?OwningProcess
It's time for another small challenge. Some vital service has been installed on this pirate ship to guarantee that the captain can always navigate safely. But something isn't working as expected, and the captain wonders why. Investigating, they find out the truth, at last: the service has been tampered with! The shady lad from before has modified the service
DisplayName
to reflect his very own motto, the same that he put in his user description. With this information and the PowerShell knowledge you have built so far, can you find the service name?p1r4t3-s-compass
What is the syntax to execute the command
Get-Service
on a remote computer named "RoyalFortune"? Assume you don't need to provide credentials to establish the connection. [for the sake of this question, avoid the use of quotes (" or ') in your answer]Invoke-Command -ComputerName RoyalFortune -ScriptBlock { Get-Service }
Thank you for reading my article. Please leave any questions or comments on improving my learning journey and the THM challenges. We can also connect more on LinkedIn or X.