That is, in the unix sense of the term – updating files with a Now-type timestamp. Take this group of files with different datetime stamps:
In fact the dates don’t differ as much as I would have liked, but no matter. Let’s say we want to get to this:
This is a command to get there:
(gci C:\Perl) | ForEach-Object {$_.LastWriteTime = Get-Date}
, as you see here:
This shows that in editing XML in PowerShell, if you assume that there is a single instance of an element, and there is more, then you get a very misleading error.
Simple piece of XML:
A few lines to update the firstName value:
All fine:
Now add in another record to the original file:
Run the same command again:
This time…
Actually as the contrast is poor, this is the error:
The property ‘firstName’ cannot be found on this object. Verify that the property exists and can be set.
At line:3 char:1
+ $xml.students.student.firstName = “Harry”
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : PropertyAssignmentException
The claim that ‘firstName’ might not exist is clearly wrong, but it is our/my own fault for being sloppy.
If we are now more precise about the record we are looking for:
, we get this…
We can do the update in 1 line…
, and now the file is updated OK:
Adding new elements with attributes
Using the state just now of the file as our starting point…
, this will only create a new record if that id (103) does not already exist…
, giving this on the next execution, and all executions after that (i.e. the Rebecca rows):
The goal: to display security vulnerabilities in the environment of the target machine:
Documentation.
Main site here. Note that it is part of OWASP
A Perl distribution
Given the choice, maybe pick Strawberry Perl rather than e.g. ActivePerl, as the former seems to make it much easier to run OpenSsl, and it’s designed for Windows.. whatever that means in practice.
Test the basics…
perl \perl_tests\hello_world.pl
Go to the https://www.owasp.org/index.php/O-Saft I referenced earlier and download as per the screenshot above.
Now that comes down as a file like this..
So drill in and keep unzipping until you get to this level below o-saft.tar:
, and then move all that to a folder osaft, and delete the file I’ve highlighted below:
Then go to an administrator prompt and type
So now we start to get stuff. The red flags are the combinations of yes (i.e. I support on my machine ), and especially low or medium. Can we find any bad ones? Why yes…
Rather than plough through the file, much better to get PowerShell to parse it (yes Perl did occur to me, but you can have too many script languages). Our first test could just be for the yes/weak combinations. For that, let’s:
Which gives this (on my Windows 10 laptop – the first command takes about 15 seconds):
perl o-saft.pl +check localhost > .\osaft.txt
$warnings = Get-Content -Path .\osaft.txt
$warnings | Where-Object {$_ -match 'yes[\t]weak'}
Are there any other bad combinations?
$warnings | Where-Object {$_ -match 'yes[\t]weak' -or $_ -match 'yes[\t]medium' -or $_ -match 'yes[\t]medium'}
No. However there is clearly repetition, so let’s reduce to unique combinations (and I am not bringing out under which particular protocols we are weak – for now we have to scan the file for the detail (osaft.txt in this example)).
$warnings | Where-Object {$_ -match 'yes[\t]weak' -or $_ -match 'yes[\t]medium' -or $_ -match 'yes[\t]low'} | select -Unique
And finally, this person deserves a call-out for their useful summary of Regex in PowerShell: http://ss64.com/ps/syntax-regex.html
Can’t find the config file, certainly not in that location. OK – set the system envvar to hold it:
Now we can do other stuff. This looks handy around OpenSsl examples.
This shows a basic config…
, which I have adapted for my Windows 10 box. Note ref Kerberos etc objections, you will also need to look at this.
Some history from the PowerShell session lest I forget:
Get-DscResource service -Syntax
Get-Item -Path WSMan:\localhost\Client\TrustedHosts
$cred = Get-Credential
Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value ‘DEN-I7’
$sess = New-PSSession -ComputerName DEN-I7
$sess = New-PSSession -ComputerName DEN-I7 -Credential $cred
C:\temp\BasicInstall.ps1
, where last line is this:
Configuration BasicDscConfig
{
Node “DEN-I7” {
WindowsFeature NetFramework35Core {
Name = “NET-Framework-Core”
Ensure = “Present”
}
WindowsFeature NetFramework45Core {
Name = “NET-Framework-45-Core”
Ensure = “Present”
}
WindowsFeature ASP {
Ensure = “Present”
Name = “Web-Asp-Net45”
}
}
}
BasicDscConfig -InstanceName “DEN-I7”
Start-DscConfiguration -Path .\BasicDscConfig -Wait -Verbose -Force
#http://blogs.technet.com/b/privatecloud/archive/2013/08/30/introducing-powershell-desired-state-configuration-dsc.aspx
Following a reboot after unsetting .Net 3.5 and 4.6 (sic), I tried again, and this time go this:
So because this is a client-type machine, it won’t accept these particular Features from DSC.
Let’s see what happens if I more modestly just try to create a folder (I’ll delete the MOF files first)
Configuration BasicDscConfig
{
Node “DEN-I7” {
<# WindowsFeature NetFramework35Core { Name = “NET-Framework-Core” Ensure = “Present” } WindowsFeature NetFramework45Core { Name = “NET-Framework-45-Core” Ensure = “Present” } WindowsFeature ASP { Ensure = “Present” Name = “Web-Asp-Net45” } #>
File MyRandomDir {
DestinationPath = “c:\temp3\andMore”
Type = “Directory”
Recurse = $false
}
}
}
BasicDscConfig -InstanceName “DEN-I7”
Start-DscConfiguration -Path .\BasicDscConfig -Wait -Verbose -Force
#http://blogs.technet.com/b/privatecloud/archive/2013/08/30/introducing-powershell-desired-state-configuration-dsc.aspx
#https://technet.microsoft.com/en-us/library/dn282129.aspx
1
2
3
4
This is useful.
Because I want to get a bunch say of html table cell entries into an object. So this takes you a lot of the way there. Start out by grabbing the site into an object:
$apressBooks = Invoke-WebRequest -Uri "http://www.apress.com/microsoft/net-framework?limit=all"
These are the members:
From there you can grab e.g. the links:
$links = $apressBooks.Links
And you can get the hrefs from there (or do it all in 1 go of course):
$links.href
Still a way to go but promising.
Prettify your path
$a = $env:Path
$a.split(";")
Add an item to your path for the duration of the session
$env:Path += ";C:\Windows\Microsoft.NET\Framework64\v4.0.30319;"
Given a file like this, where the second column is [Gender] and the third column is [Human], give me only rows which are [F](offset 20 from 0 – note it is zero and not 1) and [Human] (offset 30). Write the result to a file [HumanFemales.txt].
Dennis M Y
Jan F Y
Emma F Y
Bonzo M N
This reads the source file content into a variable, counts the records, filters the records based on the condition into an array, and writes the array to a file:
$data = Get-Content -Path C:\temp\names.txt
$data.Count
$filteredData = @()
$data | % {if ($_[19] -eq "F" -and $_[29] -eq "Y") { $filteredData += $_} }
$filteredData.Count
$filteredData | Out-File -FilePath c:\temp\HumanFemales.txt
gc C:\temp\HumanFemales.txt
For a file of about 50,000 records on a good I7 box, the records take about 3 minutes to write to the array, uses (depending on the record length) about 1GB of memory, and takes about 5 seconds to write to disk.
