API tools faq
paste
hjaltiatlason

Powershell-Basics

hjaltiatlason
Jan 16th, 2022 (edited)
509
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PowerShell 7.84 KB | None | 0 0
raw download clone embed print report
  1. ======================================
  2. Powershell Basics
  3. ======================================
  4. #Approved Verbs for PowerShell Commands
  5. #https://learn.microsoft.com/en-us/powershell/scripting/developer/cmdlet/approved-verbs-for-windows-powershell-commands?view=powershell-7.2
  6.  
  7. #You are looking for help while using Powershell - displays how-to information for commands
  8. get-help
  9.  
  10. #Most helpful help command - Output examples
  11. help get-service -Examples
  12.  
  13. help get-service -full
  14. help get-service -online  
  15.  
  16. #update local help files
  17. update-help
  18.  
  19. #Used to search installed commands
  20. get-command
  21. Help get-command
  22. Help Get-Command -examples
  23.  
  24.  
  25. #You are looking for a command to work with IP Address Configurations on a Windows System
  26. get-command -name *IP* | More
  27. get-command -Name *IP* -Module Net*
  28. Get-command -Name *IP* -Module NetTCPIP
  29.  
  30. #Get history of type commands via Powerhell Console
  31. Get-history
  32.  
  33.  
  34.  
  35. #Get-member - gets properties and methods of objects - used to see what makes up an object
  36. Help Get-Member
  37. Get-service | Get-Member
  38.  
  39.  
  40. #List Powershell Modules
  41. #List installed Modules
  42. Get-InstalledModule
  43.  
  44. #Provides information about all available modules. Remember that installed modules need to be explicitly imported after installation
  45. Get-Module -ListAvailable
  46.  
  47.  
  48. #Pipelining and Objects
  49. Get-service | Select-Object Name,MachineName,Status
  50. Get-Service | Select-Object Name,MachineName,Status | Get-Member
  51. Get-Service | Where-Object status -eq "Stopped" | More
  52.  
  53.  
  54.  
  55. #See the last time the system had a reboot. The easiest way to see this is by finding the 1074 System event in Event Viewer. This event #message signifies that the system has restarted.
  56. get-command get-*Event*
  57. help get-eventlog -Examples
  58. get-eventlog -LogName System | gm
  59.  
  60.  
  61. Get-EventLog -log system –newest 1000 |
  62. where-object eventid –eq '1074' |
  63. format-table machinename, username, timegenerated –autosize
  64.  
  65.  
  66. help Get-ComputerInfo
  67. help Get-ComputerInfo -Examples
  68. Get-ComputerInfo | more
  69. Get-ComputerInfo -Property *memory*
  70.  
  71. #Get Basic Info about Client/server Hostname , Domain the machine belongs to, OSname, OS Version,OS build number , Patches installed , #Windows version and Bios InFo
  72. Get-computerinfo CsDNSHostname, CsDomain, OsName, OsVersion, OsBuildnumber, OsHotfixes, WindowsVersion, BiosSMBBIOSVersion
  73.  
  74. #Get event logs of computer who is using the machine , Who logged in at what time
  75. Get-Eventlog -LogName Security -Newest 500 -InstanceID 4624 | Format-Table -Wrap -AutoSize | out-file -FilePath c:\admin\login.txt
  76.  
  77. #List Installed Software , Version, PAckagename and installdate
  78. Get-WmiObject win32_product | Select-Object Name,Version,PackageName,InstallDate
  79.  
  80. #Display only Installed Features and Roles and List Installed Software , Version, PAckagename and installdate and output to a file #c:\admin\servername+filename.txt
  81.  
  82. Get-WindowsFeature | Where-Object {$_. installstate -eq "installed"} | Out-File C:\Admin\$env:COMPUTERNAME+InstalledFeaturesAndRoles.txt ; Get-WmiObject win32_product | Select-Object Name,Version,PackageName,InstallDate | Out-File C:\Admin\$env:COMPUTERNAME+InstalledSoftware.txt
  83.  
  84. #Gets an orphaned computer instantly back on the domain or fixes its account.
  85. Reset-computermachinepassword
  86.  
  87.  
  88.  
  89. ipconfig                                                                                
  90. ipconfig /all
  91. ipconfig | gm                                                                          
  92. Get-Command get-NetIP*                                                                                
  93. Get-NetIPAddress                                                                        
  94. Get-NetIPConfiguration
  95.  
  96. GCM get-*DNS*
  97. GCM get-DNSClient*                                                                  
  98. Get-DnsClient                                                                                                                                              
  99. Get-DnsClientCache                                                                                                                                              
  100. Get-DnsClientServerAddress    
  101.  
  102.      
  103.  
  104. ping 4.2.2.1                                                                            
  105. tracert 4.2.2.1                                                                          
  106. Test-NetConnection -TraceRoute 4.2.2.1                                                                              
  107. Test-NetConnection -CommonTCPPort HTTP -ComputerName 4.2.2.1                            
  108. Test-NetConnection -CommonTCPPort HTTP -ComputerName mbl.is
  109. Test-Netconnection random.server.local -port 1433
  110.                                                      
  111.  
  112. #Map a Network Drive > Use SMB or simple message block so we need to search for SMB related commands
  113. Get-Command *SMB*
  114. Get-Command *SmbMapping                                                                        
  115. Help New-SmbMapping -examples
  116. New-SMBmapping -localPath w: -remotepath \\DC01\Share
  117. Get-smbmapping
  118.  
  119.  
  120. # File System CREATE FILES FROM HERE
  121. # So let's say you are looking for files a user stored on a network drive, yet they don't know where or what they are named; just the #type of file. That's not a problem with powerShell.
  122. Help get-childitem
  123. Get-ChildItem -Path w:\ -Recurse
  124. Get-ChildItem -Path w:\ -Recurse | gm
  125. Get-ChildItem -Path w:\ -Recurse | where Extension -EQ '.PNG'
  126. Get-ChildItem -Path w:\ -Recurse | where Extension -EQ '.PNG' | ft Directory,Name,LastWriteTime
  127. #Now lets say I want to move files from
  128. Gcm *copy*
  129. help Copy-Item -Examples
  130. copy-item w:\ -Destination c:\CopiedFolder -Recurse -Verbose
  131. dir c:\CopiedFolder -recurse
  132. move-item c:\CopiedFolder -Destination c:\MovedFolder -verbose
  133. dir c:\MovedFolder -Recurse
  134. Rename-Item c:\MovedFolder -NewName c:\RenamedFolder
  135. dir c:\
  136.  
  137. ###PS Remoting ###  for Multiple computers via GPO https://4sysops.com/wiki/enable-powershell-remoting/#remotely-with-group-policy
  138. #starts the session listener and configures the windows firewall for remoting
  139. Enable-PSRemoting
  140.  
  141. #Configure permission via GUI for Security Group for PS remoting
  142. Set-PSSessionConfiguration -Name Microsoft.Powershell -ShowSecurityDescriptorUI
  143.  
  144. #Enable Firewall rules for WMI (legacy PS remoting stuff)
  145. Get-NetFirewallRule | where DisplayName -Like "*Windows Management Instumentation*" | Set-NetFirewallRule -Enable True -Verbose
  146.  
  147. #Using Computername parameter
  148. Get-Service –computername $ComputerName | select Name,Status
  149.  
  150. #Using PSSession  (useful for real time work/management)
  151. Gcm *-PSSession
  152. #Create a PSSession
  153. $ComputerName = “Client02”
  154. $credential = Get-Credential
  155. New-PSSession -ComputerName $ComputerName -Credential $credential
  156. Enter-PSSession -Name $ComputerName
  157. Get-PSSession
  158. Enter-PSSession -Id 2
  159. Get-PSSession
  160. Remove-PSSession -id 2
  161. Get-PSSession
  162.  
  163.  
  164. #Running command on Remote System , Invoke-command is useful in Scripting
  165. help Invoke-command
  166. $ComputerName = "Client02"
  167. $credential = Get-Credential
  168.  
  169. Invoke-command -ComputerName $ComputerName -Credential $credential -ScriptBlock { get-service -ComputerName $ComputerName }
  170.  
  171. invoke-command -ComputerName $ComputerName -Credential $credential -ScriptBlock { get-service -ComputerName $using:ComputerName }
  172.  
  173. $data =  invoke-command -ComputerName $ComputerName -Credential $credential -ScriptBlock { get-service -ComputerName $using:ComputerName }
  174.  
  175. $data | gm
  176.  
  177. $Data | Select Name,Status,Description
  178.  
  179. #On PowerShell Core
  180. # Running Remote Commands
  181. invoke-command -ComputerName DC01 -cred (get-credential) -ScriptBlock { Get-ADUser -Identity felixb | format-list }
  182.  
  183. #Using New-Cimsession   (useful for Legacy machines)
  184. $ComputerName = 'Client02'
  185. $credential = Get-Credential
  186.  
  187. Help New-Cimsession
  188.  
  189. $cimsession = New-CimSession -ComputerName $ComputerName -Credential $Credential
  190.  
  191. $cimsession
  192.  
  193. Get-CimSession
  194.  
  195. Help Get-DNSClientServerAddress
  196.  
  197. Get-DNSClientServerAddress -CimSession $CimSession
  198.  
  199.  
  200.  
  201.  
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!