1
REVIEWS 4 Network Security March 2013 Reviews Windows PowerShell 3.0 Step by Step Ed Wilson. Published by Microsoft Press. ISBN: 978-0-7356-6339-8 (print), 978-0-7356-6337-4 (ebook). Price: $54.99 (print), $39.99 (ebook), 704pgs, paperback and ebook formats. W indows Powershell is an environment that is – or should be – familiar to penetration testers and hackers alike. If you want to get something done in a modern Windows environment, there’s often no better tool. But it takes some getting used to because it’s not the most intuitive technology you’ll ever meet. The popular image of the hacker (ethical or otherwise) is of someone hunched over a keyboard pounding out arcane commands into the command line interface. And that’s often not too far from the truth. Anyone familiar with Unix-like environments will know just how powerful apparently simple commands such as grep, awk and sed can be. That’s why the first instinct of any real hacker or system admin, when faced with a tricky task, is to drop out of the GUI environment or fire up a terminal window. Hackers moving from *nix to Windows usually face a moment of intense disenchantment. It comes when they call up a Windows terminal only to be faced with the old-style DOS prompt. Yes, there are things you can do with that. Just not very interesting things. PowerShell is something else entirely. It’s more than a command-line interface. Through the use of ‘cmdlets’, it offers a very flexible scripting environment capable of letting you delve deep into Windows’ management environment. And it even keeps those *nix hackers happy by allowing them to use many Unix commands alongside their DOS/Windows equivalents – such as ‘ls’ to list files. PowerShell 3.0 comes with Windows 8 and Windows Server 2012 and can be installed on Windows 7 and Windows Server 2008 R2. So unless you’re a diehard fan of XP (which you shouldn’t be) or Vista (which you definitely shouldn’t be), this tool is available to you. So who uses it? Ed Wilson has some definite ideas about who this book (and, by extension, PowerShell) is for. If your job is looking after or consulting on dot-net networks, you’ll want to use PowerShell to automate tasks, install networking components and manage configuration. If you have ambitions to be a Microsoft Certified Solutions Expert (MCSE) or Microsoft Certified Trainer (MCT), then familiarity with PowerShell is a basic requirement. Wilson adds two other categories. General technical staff who need to either pull information from Windows boxes or configure them will benefit from the ability to script these processes. However, the final group – power users – is perhaps a little less convincing. It depends on how you define these people, but a lot of Windows users who think of themselves as power users (perhaps because they’ve managed to write some macros in Excel) are arguably best kept within the confines of the GUI and not allowed to run riot with a command line. To these groups, however, we can also add hackers. The ability to interface easily and extensively with things like Active Directory and Exchange makes PowerShell a valuable tool in network and system enumeration, exploitation, forensic analysis and, in fact, pretty much any of the activities in which hackers of whatever stripe like to indulge themselves. So what does this book give you? Wilson explains that it’s not meant to be a reference work, nor is it a cookbook. It’s not, therefore, for people already deeply familiar with PowerShell. It starts from a basic level of knowledge of Windows and takes you to what Wilson calls an intermediate level. That’s quite a lengthy journey, though. The author covers a great deal of ground in the hundreds of pages, from the most basic introduction through to detailed explanations of how to work with Active Directory and Exchange Server. The approach is methodical and, in terms of starting to get things done on the system, relatively slow. But this is a good thing when you have your hands on a tool (and some might consider it a weapon) of such power. It’s perhaps best to approach PowerShell not as a utility but as a programming language. Indeed, after the general introductions, Wilson covers the features of this environment in much the same way that books on Ruby or Python take you through the syntax and structures of those languages. You meet control structures such as loops and conditionals, how to use arrays, how to write functions and so on – providing the grounding in the environment you’ll need before going on to use it in a practical way. If you have a conceptual understanding of what PowerShell is capable of doing, and a clear grasp of its various features and capabilities, you’re in the best position to write scripts and issue commands that achieve your aims as efficiently, safely and reliably as possible. The structure of this book – and its depth – help you do just that. The alternative is just to plunge in, but that way leads to ugly code and potential disasters. There are also invaluable sections on debugging and error handling, which are important because some of the scripts you can create can become highly complex. Indeed, the word ‘script’ is often used in a dismissive way in the IT world – as though a script is a program’s embarrassingly simple cousin. Yet not only can you achieve sophisticated results with PowerShell cmdlets, you can also wreak havoc on individual systems and networks. Happily, Wilson includes a number of appendices that include valuable guidelines on things like script construction, naming conventions and so on, to help you create cmdlets that are consistent, maintainable and reliable. Microsoft Press is an imprint of O’Reilly, and in classic O’Reilly fashion the book is very clearly laid out, easy to navigate (important in such a large work) and all the code examples are available to download. If you’ve never used PowerShell before – or only in a fairly basic way – then this book is definitely for you and will help you achieve an advanced level of proficiency. And if you want to be able to hack Windows systems, then the knowledge contained here is essential. – SM-D BOOK REVIEW

Book Review

Embed Size (px)

Citation preview

Page 1: Book Review

REVIEWS

4Network Security March 2013

Reviews

Windows PowerShell 3.0 Step by Step

Ed Wilson.

Published by Microsoft Press.

ISBN: 978-0-7356-6339-8 (print),

978-0-7356-6337-4 (ebook).

Price: $54.99 (print), $39.99 (ebook),

704pgs, paperback and ebook formats.

Windows Powershell is an environment that is – or

should be – familiar to penetration testers and hackers alike. If you want to get something done in a modern Windows environment, there’s often no better tool. But it takes some getting used to because it’s not the most intuitive technology you’ll ever meet.

The popular image of the hacker (ethical or otherwise) is of someone hunched over a keyboard pounding out arcane commands into the command line interface. And that’s often not too far from the truth. Anyone familiar with Unix-like environments will know just how powerful apparently simple commands such as grep, awk and sed can be. That’s why the first instinct of any real hacker or system admin, when faced with a tricky task, is to drop out of the GUI environment or fire up a terminal window.

Hackers moving from *nix to Windows usually face a moment of intense disenchantment. It comes when they call up a Windows terminal only to be faced with the old-style DOS prompt. Yes, there are things you can do with that. Just not very interesting things.

PowerShell is something else entirely. It’s more than a command-line interface. Through the use of ‘cmdlets’, it offers a very flexible scripting environment capable of letting you delve deep into Windows’ management environment. And it even

keeps those *nix hackers happy by allowing them to use many Unix commands alongside their DOS/Windows equivalents – such as ‘ls’ to list files.

PowerShell 3.0 comes with Windows 8 and Windows Server 2012 and can be installed on Windows 7 and Windows Server 2008 R2. So unless you’re a diehard fan of XP (which you shouldn’t be) or Vista (which you definitely shouldn’t be), this tool is available to you. So who uses it?

Ed Wilson has some definite ideas about who this book (and, by extension, PowerShell) is for. If your job is looking after or consulting on dot-net networks, you’ll want to use PowerShell to automate tasks, install networking components and manage configuration. If you have ambitions to be a Microsoft Certified Solutions Expert (MCSE) or Microsoft Certified Trainer (MCT), then familiarity with PowerShell is a basic requirement.

Wilson adds two other categories. General technical staff who need to either pull information from Windows boxes or configure them will benefit from the ability to script these processes. However, the final group – power users – is perhaps a little less convincing. It depends on how you define these people, but a lot of Windows users who think of themselves as power users (perhaps because they’ve managed to write some macros in Excel) are arguably best kept within the confines of the GUI and not allowed to run riot with a command line.

To these groups, however, we can also add hackers. The ability to interface easily and extensively with things like Active Directory and Exchange makes PowerShell a valuable tool in network and system enumeration, exploitation, forensic analysis and, in fact, pretty much any of the activities in which hackers of whatever stripe like to indulge themselves.

So what does this book give you? Wilson explains that it’s not meant to be a reference work, nor is it a cookbook. It’s not, therefore, for people already deeply familiar with PowerShell. It starts from a basic level of knowledge of Windows and takes you to what Wilson calls an intermediate level.

That’s quite a lengthy journey, though. The author covers a great deal of ground in the hundreds of pages, from the most basic introduction through to detailed explanations of how to work with Active Directory and Exchange Server.

The approach is methodical and, in terms of starting to get things done on the system, relatively slow. But this is a good thing when you have your hands on a tool (and some might consider it a weapon) of such power.

It’s perhaps best to approach PowerShell not as a utility but as a programming language. Indeed, after the general introductions, Wilson covers the features of this environment in much the same way that books on Ruby or Python take you through the syntax and structures of those languages. You meet control structures such as loops and conditionals, how to use arrays, how to write functions and so on – providing the grounding in the environment you’ll need before going on to use it in a practical way.

If you have a conceptual understanding of what PowerShell is capable of doing, and a clear grasp of its various features and capabilities, you’re in the best position to write scripts and issue commands that achieve your aims as efficiently, safely and reliably as possible. The structure of this book – and its depth – help you do just that. The alternative is just to plunge in, but that way leads to ugly code and potential disasters.

There are also invaluable sections on debugging and error handling, which are important because some of the scripts you can create can become highly complex. Indeed, the word ‘script’ is often used in a dismissive way in the IT world – as though a script is a program’s embarrassingly simple cousin. Yet not only can you achieve sophisticated results with PowerShell cmdlets, you can also wreak havoc on individual systems and networks. Happily, Wilson includes a number of appendices that include valuable guidelines on things like script construction, naming conventions and so on, to help you create cmdlets that are consistent, maintainable and reliable.

Microsoft Press is an imprint of O’Reilly, and in classic O’Reilly fashion the book is very clearly laid out, easy to navigate (important in such a large work) and all the code examples are available to download. If you’ve never used PowerShell before – or only in a fairly basic way – then this book is definitely for you and will help you achieve an advanced level of proficiency. And if you want to be able to hack Windows systems, then the knowledge contained here is essential.

– SM-D

BOOK REVIEW