How to set up the PowerShell environment on Windows and Linux
PowerShell is a cross-platform automation framework and configuration tool. PowerShell is more than just a scripting program language; PowerShell contains functions for managing local and remote computers. Depending on the installed software (primarily administrative and server software), the number of PowerShell functions (cmdlets) can vary.
PowerShell knowledge is necessary for Windows system administrators, as well as security auditors, because there are quite a few great and unique tools written in PowerShell (primarily aimed at the Windows penetration testing). For advanced Windows users, knowledge of PowerShell will come in handy, because it can be used to automate routine tasks and configure your Windows system more finely (or faster than through the graphical interface).
PowerShell has rich capabilities, is actively developed, ported to Linux, has a huge help, which is also actively supported and developed. This article is not about PowerShell, but about setting up a PowerShell work environment for running scripts – although PowerShell is preinstalled on every Windows, there are some issues even there. Simply put, this article is not about how to write your first “Hello, World!” program in PowerShell, but how to run ready “Hello, World!” program in PowerShell.
Differences between PowerShell and CMD on Windows
PowerShell is preinstalled on Windows by default.
To open PowerShell, press Win+x and select Windows PowerShell (Administrator):
At the command prompt, you will see the PS and the current working directory:
To open CMD you need to press Win+r, type cmd and press ENTER:
The CMD command prompt looks like this:
In CMD, you can run:
- Windows command line utilities
- Built-in CMD functions
- .bat files
In PowerShell, you can run everything the same as in CMD, as well as additionally:
- PowerShell Commands
- PowerShell scripts
In PowerShell, a simple command like dir will work:
dir
But if you run this command in PowerShell and in CMD, you can see that the output of these commands is different.
And if you try to execute this command with an option, for example:
dir /A
It will work in CMD, but in PowerShell it will fail.
The fact is that instead of implementing the same utilities as in CMD, PowerShell uses its own cmdlets, the operation of which differs, for example, by output or support of options. In PowerShell, the commands cd, ls, dir, cat, man, kill, mount, move, sort, pwd, wget, curl and others familiar from Linux will work, but this DOES NOT MEAN that these commands support the same options as the options on Linux. These are just analogues, and quite inaccurate. More precisely, these are aliases for PowerShell commands. You can view the full list of aliases with the command:
Get-Alias
How to install PowerShell on Linux
PowerShell also works on Linux, but some PowerShell commands are missing on Linux. Running PowerShell scripts on Linux will cause problems in the following cases:
- the script uses commands that are not available in the Linux version of PowerShell (for example, due to the fact that they are related to Windows settings or are not applicable to Linux for other reasons)
- script accesses Windows environment variables
- the script uses Windows utilities that are not available on Linux
There may be other causes of the problems, but a lot works anyway.
Many Linux distributions are officially supported and simple instructions for installing PowerShell in your distribution, as well as installation files, can be found here:
- https://github.com/PowerShell/PowerShell
- https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-core-on-linux
How to install PowerShell on Kali Linux
PowerShell has been added to the standard Kali Linux repositories, so the installation is very simple:
sudo apt install powershell
How to install PowerShell on Arch Linux, BlackArch
git clone https://aur.archlinux.org/powershell.git cd powershell makepkg -si
To find out the version of PowerShell, run the command:
Get-Host | Select-Object Version
How to run a PowerShell script on Windows
To run a script with the extension .ps1, open the PowerShell console and then specify the full path to the file. You can also go to the script folder either using the cd command, or if you want to completely plunge into the PowerShell style, you can use Set-Location.
For example, I need to go to the folder C:\Users\Администратор\Downloads\WinPwn-master\:
Set-Location C:\Users\Администратор\Downloads\WinPwn-master\
If you just try to run a script, you will almost certainly encounter an error that scripts are not allowed to run. To fix the error, run the command:
Set-ExecutionPolicy unrestricted
Ho to run a script using Import-Module
When you run some scripts, nothing may happen. The fact is that the script may contain a function that you need to import and then run. Look in the documentation for the program you are interested in for examples with the Import-Module strings.
For example, to start WinPwn, you first need to import the file with the functions:
Import-Module .\WinPwn.ps1
And then you can call the functions contained in the file:
WinPwn
How to run PowerShell script on Linux
On Linux, to invoke the PowerShell console, type:
pwsh
Then, in the PowerShell console, either simply run the desired script:
./hello_world.ps1
Or, run the function after importing the file using the Import-Module. An example of starting through the import of one of the Invoke-TheHash function:
Import-Module .\Invoke-SMBEnum.ps1 Invoke-SMBEnum -Target 192.168.0.53 -Username HackWare-mial\Администратор -Hash 5187b179ba87f3ad85fea3ed718e961f -verbose
How to get help on commands in PowerShell
If you want to get help on the options for a function, command or program in PowerShell, then use the Get-Help command, after which specify another command for which you want to get help:
Get-Help COMMAND
For help on Set-Location:
Get-Help Set-Location
For help with Invoke-SMBEnum (after importing the function from a file):
Get-Help Invoke-SMBEnum
Adapting PowerShell Scripts for Linux
I am just starting to get acquainted with PowerShell, but I want to give an interesting example of how you can solve the problem and run the PowerShell script on Linux, despite the fact that it generated an error.
Invoke-TheHash has an Invoke-SMBEnum function that enumerates users, groups, network sessions, and shared resources. On Windows, this feature works just fine. I'll try to use it on Linux.
I launch the PowerShell console:
pwsh
I go to the folder with already downloaded scripts:
cd ./bin/Invoke-TheHash/
I import the file with the desired function:
Import-Module .\Invoke-SMBEnum.ps1
I launch it:
Invoke-SMBEnum -Target 192.168.0.53 -Action All -Username HackWare-mial\Администратор -Hash 5187b179ba87f3ad85fea3ed718e961f -verbose
And I get the error “Cannot find path 'computername' because it does not exist.”, An error occurred on this line:
$auth_hostname = (Get-ChildItem -path env:computername).Value
If you try to execute a command from this line:
Get-ChildItem -path env:computername
then it will cause the same error:
Get-ChildItem: Cannot find path 'computername' because it does not exist.
We can assume that env is related to environment variables, and computername is the name of the variable that contains (as the name implies) the name of the computer. Apparently, in Linux this environment variable does not exist.
The easiest solution is to set this name manually. To do this, I open the file Invoke-SMBEnum.ps1 with a text editor, I find the line there
$auth_hostname = (Get-ChildItem -path env:computername).Value
And I change it to this line:
$auth_hostname = 'hackware-mial'
That is, I just registered the name of the computer instead of getting it using the function.
It is important to remember that after import, the function will not be read from the file that I changed, but from memory. Therefore, for PowerShell to see the changes saved in the file, you need to re-import the file – for this, you had to close (CTRL+d) and reopen PowerShell:
pwsh
Import the file:
cd ./bin/Invoke-TheHash/ Import-Module .\Invoke-SMBEnum.ps1
And after that I run the command again:
Invoke-SMBEnum -Target 192.168.0.53 -Action All -Username HackWare-mial\Администратор -Hash 5187b179ba87f3ad85fea3ed718e961f -verbose
This time the command worked.
Morality:
- after making changes to the file you need to import it again (maybe even re-enter into PowerShell)
- some problems with running PowerShell scripts on Linux are easy enough to solve by yourself
PowerShell support
On this page, I plan to add answers to frequently asked questions and solutions for common problems for beginners with PowerShell, so if you still do not understand something, then ask here in the comments.
Related articles:
- How to install Go (compiler and tools) on Linux (82.7%)
- How to install and use Ruby on Windows (79.4%)
- Active Directory comprehensive guide, from installation and configuration to security auditing. Part 1: Introduction to Active Directory (concepts, usage, difference from Workgroup) (67.3%)
- Active Directory comprehensive guide, from installation and configuration to security auditing. Part 3: Windows Server 2022 and Windows Server Core 2022 configuration tools (62.8%)
- Active Directory comprehensive guide, from installation and configuration to security auditing. Part 5: Join computers to Active Directory. Check and unjoin from Active Directory (62.8%)
- How to find and remove malware from Linux (RANDOM - 1.2%)