Hacking with powershell
Task 1 - Objectives
Q1. Read the above and deploy the machine!
No Answer Needed
Task 2 - What is Powershell?
Q1. What is the command to get a new object?
Answer π Get-New
Task 3 - Basic Powershell Commands
Q1. What is the location of the file "interesting-file.txt
- We have to find a file with a specific name.
- Use following command which itrate over each directory from the given path lokking for given filename

Answer π C:\Program Files
Q2. Specify the contents of this file
- Now we know the directory of the file. Change the directory to that file's. Using Set-Location cmdlet
- Then run following command to get the content of given file.

Answer π notsointerestingcontent
Q3. How many cmdlets are installed on the system(only cmdlets, not functions and aliases)?

Answer π 6638
Q4. Get the MD5 hash of interesting-file.txt

Answer π 49A586A2A9456226F8A1B4CEC6FAB329
Q5. What is the command to get the current working directory?
Answer π Get-Location
Q6. Does the path "C:UsersAdministratorDocumentsPasswords" Exist (Y/N)?
- Run a Set-Location cmdlet on given location, it gives error meaning directory doesn't exist

Answer π N
Q7. What command would you use to make a request to a web server?
Answer π Invoke-WebRequest
Q8. Base64 decode the file b64.txt on Windows.
- Change the current location to the given base64 encoded text file location , which is in the Desktop.

Answer π ihopeyoudidthisonwindows
Task 4 - Enumeration
Q1. How many users are there on the machine?

Answer π 5
Q2. Which local user does this SID(S-1-5-21-1394777289-3961777894-1791813945-501) belong to?

Answer π Guest
Q3. How many users have their password required values set to False?

Answer π 4
Q4. How many local groups exist?

Answer π 24
Q5. What command did you use to get the IP address info?
Answer π Get-NetIPAddress
Q6. How many ports are listed as listening?

Answer π 20
Q7. What is the remote address of the local port listening on port 445?

Answer π ::
Q8. How many patches have been applied?

Answer π 20
Q9. When was the patch with ID KB4023834 installed?

Answer π 6/15/2017 12:00:00 AM
Q10. Find the contents of a backup file.

Answer π backpassflag
Q11. Search for all files containing API_KEY
Get-ChildItem -Path C:\Users -Recurse -ErrorAction SilentlyContinue | Select-String βAPI_KEYβ

Answer π fakekey123
Q12. What command do you do to list all the running processes?
Answer π Get-Process
Q13. What is the path of the scheduled task called new-sched-task?
Answer π /
Q14. Who is the owner of the C:\

Answer π NT SERVICE\TrustedInstaller
Task 5 - Basic Scripting Challenge
Q1. What file contains the password?

Answer π Doc3M
Q2. What is the password?
Answer π johnisalegend99
Q3. What files contains an HTTPS link?

Answer π Doc2Mary
Task 6 - Intermediate Scripting
Q1. How many open ports did you find between 130 and 140(inclusive of those two)?
Answer π 11