TryHackMe: Hacking with Powershell

  1. What is the command to get help about a particular cmdlet(without any parameters)?
GET-HELP <parameter>
Get-Help Get-Command
Get-Help Get-Command -Examples
Get-Command New-*
Get-Command | Get-Member -MemberType Method
Get-ChildItem | Select-Object -Property Mode,Name
Get-Service | Where-Object -Property Status -eq Stopped
  1. What is the location of the file “interesting-file.txt”
    I guess that It has something to do with “Get-ChildItem”, but I need to know what paremeters I must use.
(Get-Command Get-ChildItem).Parameter
Get-ChildItem -Path C:/ -Name interesting-file.txt -Recurse -File
Get-ChildItem -Path C:/ -Include interesting-file.txt -Recurse -File
Get-ChildItem -Path C:\ -Include interesting-file.txt -File -Recurse -ErrorAction SilentlyContinue
Get-ChildItem -Path C:\ -Include *interesting-file.txt* -File -Recurse -ErrorAction SilentlyContinue
Get-Content "C:\Program Files\interesting-file.txt.txt"
Get-Command | measure
Get-Command | Select-Object -First 1
Get-Command | Where-Object -Parameter CommandType -eq Cmdlet | measure
Get-Command *hash*
(Get-Command Get-FileHash).Parameters
Get-FileHash -Path "C:\Program Files\interesting-file.txt.txt" -Algorithm MD5
Get-Location -Path "C:\Users\Administrator\Documents\Passwords"
Get-ChildItem -Path C:/ -Include *b64.txt* -Recurse -File
certutil -decode "C:\Users\Administrator\Desktop\b64.txt" out.txt
Get-Content out.txt
  1. How many users are there on the machine?
(Get-Command Get-LocalUser).Parameters
Get-LocalUser -SID "S-1-5-21-1394777289-3961777894-1791813945-501"
Get-LocalUser | Get-Member
Get-LocalUser | Where-Object -Property PasswordRequired -Match false
Get-LocalGroup | measure
Get-NetTCPConnection | Get-Member
GEt-NetTCPConnection | Format-List -Property State
GEt-NetTCPConnection | Where-Object -Property State -Match Listen
GEt-NetTCPConnection | Where-Object -Property State -Match Listen | measure
Get-Hotfix | measure
(Get-Command Get-HotFix).Parameters
Get-Hotfix -Id KB4023834
Get-ChildItem -Path C:\ -Include *.bak* -File -Recurse -ErrorAction SilentlyContinue
Path -> C:\Program Files (x86)\Internet Explorer\passwords.bak.txtGet-Content "C:\Program Files (x86)\Internet Explorer\passwords.bak.txt"
Get-ChildItem C:\* -Recurse | Select-String -pattern API_KEY
Get-ScheduleTask -TaskName new-sched-task
Get-Acl c:/
  1. What file contains the password?
    Let’s try command first
Get-ChildItem -Path "C:\Users\Administrator\Desktop\emails\*" -Recurse | Select-String -Pattern password
$path = "C:\Users\Administrator\Desktop\emails\*"
$string_pattern = "password"
$command = Get-ChildItem -Path $path -Recurse | Select-String -Pattern $String_pattern
echo $command
$path = "C:\Users\Administrator\Desktop\emails\*"
$string_pattern = "https://"
$command = Get-ChildItem -Path $path -Recurse | Select-String -Pattern $String_pattern
echo $command
  1. How many open ports did you find between 130 and 140(inclusive of those two)?
for($i=130; $i -le 140; $i++){
Test-NetConnection localhost -Port $i

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Ripping CDs On OSX with abcde

Thank You Stack Overflow!

10 Extremely Useful Chrome Extensions for All Web Developers

A developer with her laptop.

How to Analyze What and Why With FullStory Data Export and Pathing

I found a way to run Mamin on Google colab.


Graceful Shutdown of containerised RabbitMQ consumers with Kubernetes

Screenly 2 Player under the spotlight — The operating system and security

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store



More from Medium

LED Blinking with ESP32

Play and Win Big Bash League

Electron Configurations and Periodic Trends

Electron Configurations and Periodic Trends