For this lab, you’ll want to use this VM
(It has Defender disabled with Firefox and VSCode installed.)
PowerShell Modules extend cmdlets available. We’ll use different PowerShell modules throughout this course to perform ‘Post-Exploitation’ actions.
Once a malicious user or a white-hat pen-tester has gained access to a system, the actions that would fall into the category of post-exploitation include:
- Reconnaissance: Scanning for other computers and ports on the network
- Persistence: Installing a backdoor so that access can be maintained.
- Exfiltration: Stealing sensitive data like passwords or files
- Privilege Escalation: Moving from a standard account to an Administrator account
Let’s start by opening PowerShell as Administrator and setting our execution policy so we can run scripts:
Set-ExecutionPolicy bypass
cd c:\\users\\student\\Downloads
People are always building and publishing modules to help with everyday administrative tasks. One of the big clearing houses for PowerShell modules is PowerShellGallery.com.
In your VM, open Edge and go to this site:
<https://www.powershellgallery.com/>
Let’s just look at one of these as an example. In the search bar type ‘7zip’ and choose ‘7Zip4Powershell’
PowerShell provides automatic integration with PowerShellGallery, which makes fetching and installing the modules found here as easy as copying the ‘Install-Module’ command on the module’s informational page.
Now that we have installed some 7zip goodness let’s look at how to use it. Type: