Getting Started With PowerShell - Pt1
What is Microsoft PowerShell ?
Well to quote Microsoft "PowerShell is a cross-platform task automation and configuration management framework, consisting of a command-line shell and scripting language. Unlike most shells, which accept and return text, PowerShell is built on top of the .NET Common Language Runtime (CLR), and accepts and returns .NET objects. This fundamental change brings entirely new tools and methods for automation."
There is more to it then that in its base its a command line utility that allows you to execute commands to manage, maintain, automate or gather information on a device. In its more complex use it can be used as an engine to to write software since PowerShell has the ability to use parts of all kinds of coding languages. Lets get started with some basics before we get into some code wizardry.
How to start PowerShell ?
If you are on Windows 10 you already have PowerShell installed if you are on Windows 7 you will need to install the Windows Management Framework 5.1.For Anyone using Linux or Mac PowerShell Core for Linux and PowerShell Core for MacOS is available but not all commands are available.
To start PowerShell simply type in your start menu search "PowerShell"
In the menu click "Run as Administrator" even if you are an administrator of the device you will need to do this in order to run most commands.
When PowerShell starts you will see a window open that looks a lot like a command prompt
From here we can run commands to do many many things. PowerShell's commands work on a Verb Noun basis that means that the command will start with a verb like "Get" proceeded with a "-" and a noun like "Process". So if we run the command
Then we will get a list of the processes running on our computer
This is cool but that's a lot of info so say we only want to look for the explorer process. Well PowerShell commands can alter there function or refine the objects they return by using what's called parameters. So to get only information about explorer we can run the get-process command with the -Name parameter.
Get-Process -Name explorer
As you can see this will give us a much more refined result.
If you don't know what parameters a command has or if you cant quite remember what the syntax of a parameter is Microsoft has you covered. There are 2 different things offered in PowerShell that can help with this.
The first is tab complete, While typing in the command you can press tab and PowerShell will complete the command or parameter that matches what you are typing out. For example if you type Get-Pro then tab it will auto fill Get-Process. This method also work for the commands parameters so you can also type Get-Process -Na then tab to compete -Name.
The Second method option is much more helpful if you don't know what a command is used for or what a parameter of a command specifies. This Method is actually another command called Get-Help. If you type Get-Help followed by the command you want information about you will get a Description of the command and a list of the parameters the command has. Let give it a try with the get-process command
Now that we know how to get some help lets take a look at how we can manipulate this information so that it is usable.
PowerShell returns what's called objects these objects can be passed from one command to another via a pipe or "|". In our example we can pass the process returned to another command that will write them to a file. We can do this by typing the get-process command
followed by a pipe to the out-file command.
Get-Process -Name Explorer | Out-File C:\Exporer.txt
Notice that the command doesn't show anything in the window, This is because we redirected the output of the get-process command to the out-file command So if we look at the C:\explorer.txt file that the command created we should see the output of the get-process command.
Being able to pipe objects from one command to another is one of the things that makes PowerShell different and more powerful then other tools. Try this out for yourself and see what information you can gather on your own devices.