Penetration testing

PowerShell for Pentesters Part 4: Modules with PowerShell

Kondah Hamza
September 7, 2018 by
Kondah Hamza

Introduction

The more we advance in our lab series, the more we notice the power of PowerShell. And it will only  become more noticeable.

In this lab we will discover how to manipulate modules with PowerShell. This is a very interesting and important part of learning PowerShell for us, because it will help us a lot in automating many tasks and operations.  

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

Modules  with PowerShell

As we have seen in the previous articles, modules represent a very powerful concept on PowerShell. Now we will not learn how to use them (we saw this before), but how to create and exploit them for our pentesting purposes, especially for automating routine tasks.

First, let’s remember the definition of a module. Microsoft describe modules as the following:

“A module is a package that contains PowerShell commands, such as cmdlets, providers, functions, workflows, variables, and aliases.

“People who write commands can use modules to organize their commands and share them with others. People who receive modules can add the commands in the modules to their PowerShell sessions and use them just like the built-in commands.” (Source)

We can get the list of available modules by using the Get-Module command:

 Figure 1: Get the list of available modules on PowerShell

The Get-Module command helps us get the modules that have been imported into the current session. And in our example, we used this command with the -ListAvailable option to retrieve the modules that are installed on the computer and can be imported in our session. Adding the option     -All makes us able to get all exported files for all available modules in our current session.

We can also import a module very simply by using the Import-Module command:

 Figure 2: Import module on PowerShell

And then we can remove it using the Remove-Module command like the following:

Figure 3: Remove module on PowerShell

Writing Modules With PowerShell

Now let’s talk about how to create modules with PowerShell.

The modules on PowerShell have the “.psm1”  extension.

We’ll start by creating a sample module. First, we will place a  function in a psm1 file to make our module.

There is nothing special in this kind of file (other than the file extension), so we can use a  normal PowerShell script containing our functions and rename it to make the psm1 file. Simple, isn’t it?

Here’s a simple function that we will use.

This function simply tries to see if a file exists:

Figure 4: Test-File

And there is an important note: We have to add a module manifest to call it really a module.

Manifests simply adds metadata about the concerned module. It includes information like:

  • Author information
  • Versioning
  • Auto-load of the module

The module manifest is just a hash table saved as psd1 file, which will be loaded when we will import our data.

The New-ModuleManifest cmdlet will help us by creating the manifest for us.

So let’s generate our first manifest:

Figure 5: Creation of manifest on PowerShell

And here’s what our generated manifest  will look like:

One of the most interesting properties in the manifest is the FunctionsToExport property. It has a default value of *, exporting all functions, but we can also choose specific functions using the following syntax:  FunctionsToExport = "GetFunction".

And finally, let’s talk about RootModule. The root module parameter simply indicates what PowerShell module file should be run. 

Don’t forget to put all files in the same folder, like so:

Modules

└───if_exist

          If_exist.psd1

          If_exist.psm1

And now let’s import this:

The Import-Module command will automatically find our psm1 file in this case.

That’s it.

Congratulations, now you now how to manipulate modules with PowerShell. And you will see, it will be very very, very, useful!

Conclusion

Modules will represent a very useful concept that will help us a lot.

In the next articles, we will begin exploiting real use cases with PowerShell and begin to talk about remoting with PowerShell.

Let’s go to the next level. See you soon, my friends!

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

Brace yourself: the best is coming!

 

Kondah Hamza
Kondah Hamza

Kondah Hamza is an expert in it security and a Microsoft MVP in enterprise security. He is also involved with various organizations to help them in strengthening of their security. Today, he offers his services mainly as Consultant, Auditor/Pentester and Independent Trainer with Alphorm.com.