Powershell Journal - Life Saving Notes

From the run command, you can start powershell as an administrator with this:

powershell start-process powershell -verb runas

and if you have a quick cmdlet that you would like to type, then type this

powershell -command rm c:\users\cbankord\desktop*ntd*

the powershell -command (command goes here) will quickly run the terminal emulator and close it down.

If you want to launch a google search from the terminal, memorize this line

google.com/webhp?gws_rd-ssl#q= (content goes here)

then you can run many searches quickly, like

google.com/webhp?gws_rd-ssl#q=tek+syndicate+forum

press the up arrow key and change the last part of the string. It stops you from having to switch between windows all the time.

to do a truly randomized list of all contents within an object, you can do this:

get-random -inputobject (get-content c:\users\cbankord\desktop\thingstodo.txt) -count ([int]::MaxValue])

what it's doing is randomizing whatever the input object is, the get-content is done first, since it's in parenthesis, because the command is run left to right and it has to be specified to grab the content before attempting to process it.

Then for the count it's grabbing the number of items and increasing the output objects to the list maximum.

Interfacing with the commands like this, slowly over time will help you understand how the whole thing works.

from the run command there's also taskkill, you can use to quickly kill a process.

Taskkill /im chrome.exe -f , or iexplore.exe -f, or whatever the process name is.

The first and easiest way to interact with the GUI over windows and pretty much master it, is to memorize the run commands here:
http://ss64.com/nt/run.html

3 Likes

Can you alias commands in cmd.exe?

For example could you alias that long google string to "google". So you could just type: Google the+cubs+score ... Not a windows guy but I'm going to script that on my nix box...

There probably is a way, I just haven't figure that one out yet, because when you alias it to google, then you have to add a space, and the shell adds that space when running the command.

If there's a parameter you can use or operator to subtract that space after typing in the alias, then most definitely. I'll have to figure that out and let you know.

1 Like

Another really cool hack is 'snippingtool'. Not really a hack, more of a feature that a ton of people don't know about.

It's essentially snagit built into windows. You can send it through an email if you have a local client, or save it, or even open it up with photoshop quickly.

Just type snippingtool in the run prompt and when it comes up, hit ctrl + n

You can save your images as an html and have it automatically index on your site for you, if you are running an apache web server or something locally. Or even if you are vpn'ed into your apache server and have the drive mapped.

I use this at work all the time to take notes and have them accessible anywhere, from my phone, from home, or work.

1 Like

Here is a bash script which if you aliased it you could type:

google "what is the cubs score"

You just have to quote what you want to search for:

And it'll open up a firefox browser with "what is the cubs score" searched for:

#!/bin/bash
                                                     
googleIt=`echo $1 | sed 's/ /+/g'`

firefox https://www.google.com/webhp?gws_rd-ssl=#q=$googleIt

I may use this - thanks for the inspiration @cam.bankord (sorry to put some linux stuff on the Windows Forum)

1 Like

Thanks man for you contribution with the bash script :) I really appreciate it. Also what a kind comment! :)

This looks like it's going to be a great thread. Why don't you make it more organized and updated in order to make a Wiki out if it?

2 Likes

Windows running like ass? You open Task Mangler only to see that one of the svchost.exe processes is taking up 70% of your CPU cycles. Want to narrow down the suspects? Take the PID from Task Mangler, open up cmd and do

tasklist /SVC | findstr PIDYouGotFromTaskMangler

You will be presented with usually 3 or 4 services that run under that svchost PID.

3 Likes

I may do that! thanks :)

1 Like

Nice!

I wasn't able to find multiple PID's with the findstr. If there's a way, let me know.
Otherwise, I used this to find multiple pid's in table.

tasklist /svc | select-string -simplematch 8340,9335,2353

here's another trick, in order to connect to your wifi profile, type this :

Netsh wlan connect name = "Cameron"; or whatever profile name you have.

to disconnect from the internet, netsh wlan disconnect

in order to delete your wifi profile type this : netsh wlan delete profile name = "Cameron";

Although netsh is supplanted by net-adapter in powershell, some of the shorthand commands are probably easier to use and nice to know.

http://ss64.com/nt/netsh.html

Cool thread, i'd like to see of those added to ducky script for the USB rubber ducky.
http://usbrubberducky.com/#!index.md

1 Like

For those just starting out in powershell, there's a bug I found.

If you want to do a ls and include multiple extensions, you must specify the entire directory with the wildcard *
so...

ls c:\users\cbankord\pictures\ * -include *.jpg, *.png ; works fine

but if you did ls c:\users\cbankord\pictures\ -include *.jpg, *.png ; will return nothing.

Anytime you use -include, you must specify all the files in the directory with a wildcard, otherwise listing won't work. It's a weird bug, because by default ls = ls *

and in order to run the items that pop out, you can pipe it to | invoke-item . A lot of powershell guides get to this stuff way later in the books, for the most practical uses

1 Like

The best way to learn powershell is through the help system and tab completion.

I just discovered how powerful the tab completion is yesterday.

So if you did ls - ( then hit tab) it will cycle through every parameter.

Although Powershell doesn't contain help files on parameters, only commands. But anytime there's a standard output from the terminal, you can see all the properties associated with it, by piping it to GM (get-member). From there you can see all the properties or methods and call them like where-object{$_.isreadonly -eq 'true'} or where-object{$_.name LIKE '%Java%'}

I think people are greatly understimating Powershell. Especially @wendell in his linux video, stating that the terminal emulator has like something with 30 years of engineering behind it and that it's simply way better. I'm not really great at bash. I know the basics / intermediate level to get everything done. But I never got comfortable to be a ninja behind the terminal or whatever.

But they don't have Microsoft money...

a few years ago, there was only around 200 cmdlets with powershell 3.0

now with powershell 5.0, we have...

Unix has maybe 200 cmdlets.... idk if less is more in that regard, but hot damn did Windows really improve on this. Can you imagine when
6.0 or 7.0 of powershell comes out? We'll be at like 2,500 cmdlets...

Edit: It may be the nature of the beast of the windows OS actually, since they use the .net framework and sort of need to eventually move away from VB scripting. Whereas in UNIX everything is a file, so they don't need as many object based commands. That sort of makes sense...

edit edit: Could you imagine if Windows flipped the .net framework on its head and instead of turning everything into a file or a control system like it is, you turn everything into a formatted table? That's what basically PS is, but it just interfaces with the .net api. But at some point, they can just run everything through the shell instead of the framework.

It'd be like switching from an unformatted text file from unix, to a formatted csv, where everything has a row and a column. That would be even better than everything as a file imo.

I've always found powershell to be clunky compared to unix.

grep text *

select-string .\*.* -pattern "text"

See what i mean?

With tab completion, it's not a super big deal. I do see what you mean though. The syntax is more verbose for sure. SLS is an alias for select-string

so like for grepping an ls, you'd have to actually select the names, so you'd have to do this.

ls -na | sls -patt 'spotify'

or to search a text file

gc .\names.txt | sls -patt 'hello'

I'm not sure that there is a way using findstr. I never tried to look up multiple PIDs as usually it was one PID that was hosing the system. But good to know how to use select-string to do it. I'm a pretty big proponent of Powershell. Usually trying to get people to move over to using .ps1 files rather than .bat files is an uphill battle. Maybe it's not for everyone. Sure as hell came in handy when I had to work with Azure, though.

1 Like

so here's a good find... especially for those who are learning powershell and attempting to do something simple like pipe an LS to a move-item.

The only way to do that, from my research is this...

ls *.txt | % {Move-Item -LiteralPath $_.FullName -destination "c:\users\cbankord\documents\"}

ls * -Directory -include startup -Recurse | select -ExpandProperty fullname | set-location - finds startup folder and changes directory to that folder.

I'm posting this here, because this a great way to store notes for myself and share it with others.

So here's another powershell trick.

To search for a file, instead of a directory.

ls apoint.dll -Recurse | select -expandproperty directory | Set-Location

to change attributes

ls * | foreach {$_.attributes = "hidden","encrypted"}

or

$a = get-item smile.png

$a.attributes = "hidden"

to find items that have a specific attribute

ls * | where {$_.attributes -match 'hidden'}

then to find items that match a certain criteria and delete them

ls * -include *.jpg, *.png | foreach {$_.delete()}

ls | select LastAccessTime,Name,{$.length /1kb} can also do $.length /1mb or 1gb. This is the best way to read directory listings file sizes.

To create a symbolic link, junction, or hardlink, it's as easy as follows. Surprisingly many people use external functions or scripts to do this, but PS 5.0 fixed this, so there's a ton of confusion in regards to this.

New-item -itemtype symboliclink -name 'c:\users\cbankord\desktop\test' -target 'c:\users\cbanord\documents\notepad.txt'

Here's something using some of that I helped someone with the other day;

This went through my user folder and dumped the folder\filenames of everything except the Dropbox and music folders.

To do similar in in CMD would be:

If you have grep you could do;

...I think