PowerShell Basics
PowerShell isn’t just the interactive powershell.exe
and powershell_ise.exe
binaries, Powershell itself is actually System.Management.Automation.dll
which is a dependency of various hosts.
The following is a table that represents the different versions of Powershell supported over time
PowerShell V1
2006
Windows Server 2008
PowerShell V2
2009
Windows 7, Windows Server 2008 R2
PowerShell V3 / WMF3
2013
Windows 8, Windows Server 2012
PowerShell V4
2013
Windows 8.1
PowerShell V5
2015
Windows 10, Windows Server 2016
PowerShell Core
2016
Nano Server, Windows 10 IoT
PowerShell V6 (Core)
2017
Windows, macOS, *UNIX
To determine what PowerShell versions we have installed on a system we use
Execution policy is NOT a security protection as it can be disabled with something as simple as
or
PowerShell files can come in different formats:
.ps1
: a single PowerShell script, completely self-contained and can be loaded into memory in one go.psm1
: a PowerShell module file, this allows to do things like exporting only specific functions / variables and it's often used to give a better structure to more complex PowerShell code.psd1
: a PowerShell module manifest that specifies information about the module itself and what variables / functions are exported.ps1xml
: a object formatting file for a PowerShell module that allows for granular control of how custom objects are displayed
PowerShell Profile Locations
AllUsersAllHosts
%windir%\System32\WindowsPowerShell\v1.0\profile.ps1
AllUsersAllHosts (WoW64)
%windir%\SysWOW64\WindowsPowerShell\v1.0\profile.ps1
AllUsersCurrentHost
%windir%\System32\WindowsPowerShell\v1.0\Microsoft.PowerShell_profile.ps1
AllUsersCurrentHost (ISE)
%windir%\System32\WindowsPowerShell\v1.0\Microsoft.PowerShellISE_profile.ps1
AllUsersCurrentHost (WoW64)
%windir%\SysWOW64\WindowsPowerShell\v1.0\Microsoft.PowerShell_profile.ps1
AllUsersCurrentHost (ISE - Wow64)
%windir%\SysWOW64\WindowsPowerShell\v1.0\Microsoft.PowerShellISE_profile.ps1
CurrentUserAllHosts
%homedrive%\%homepath%\[My ]Documents\WindowsPowerShell\profile.ps1
CurrentUserCurrentHost
%homedrive%\%homepath%\[My ]Documents\WindowsPowerShell\Microsoft.PowerShell_profile.ps1
CurrentUserCurrentHost (ISE)
%homedrive%\%homepath%\[My ]Documents\WindowsPowerShell\Microsoft.PowerShellISE_profile.ps1
Exporting/Importing PowerShell Objects
To import / export PowerShell objects we use the Import-Clixml
and Export-Clixml
functions
Variables & Operators
Variables are defined with $
followed by any combination of numbers and (case-insensitive) letters but we can also use New-Variable
to specify non-printable characters as well.
To list all variables in the current scope we can use Get-ChildItem Variable:\
and to cast a variable to another data type we use [Type]$variableName
.
The following are common operators used with variables and their attributes
Math:
+
,-
,*
,/
,%
Assignment:
=
,+=
,-=
,*=
,/=
,%=
Comparison:
-eq
,-ne
,-gt
,-lt
,-le
,-ge
, regex operationsLogical:
-and
,-or
,-xor
,-not
or!
Redirection:
>
,>>
,2>
,2>>
,2>&1
Type:
-is
,-isnot
,-as
It's possible to get more information about operators with Get-Help about_Operators
.
Arrays & Hash Tables
There are many ways to create arrays
Implicit creation
$array = 4,6,1,60,23,53
Explicit creation
$array = @(4,6,”s”,60,”yes”,5.3)
Ranged creation
$array = 1..100
Strongly typed
[int32[]]$array = 1500,1600,1700,1800
and there are several operations we can perform on an array object
count the number of elements:
$array.Count
indexing:
$array[0]
reversing an array:
$array[-1..-$array.Lenght]
append a value to an array:
$array += $value
Since arrays are immutable we have to perform extra steps to append or remove elements from one
HashTables in PowerShell are the equivalent of dictionaries
Common operations we can perform on hash tables are
return the keys of the hash table:
$hashtable.keys
return the values of the hash table:
$hashtable.values
add a key or value
remove a key:
$hashtable.Remove("Key")
Hash tables can also be used as parameters for function calls
Strings
Double-quoted strings - both single and multi-line - expand sub-expressions and variables while single-quoted strings don't.
Case-insensitive comparison (returns 0 if strings are the same):
$a.CompareTo($b)
Case-sensitive comparison:
[string]::Compare($a, $b, $True)
Case-sensitive prefix / suffix:
$a.StartsWith("prefix")
,$a.EndsWith("suffix")
Turn string lowercase / uppercase:
$a.ToLower()
,$a.ToUpper()
Check for substring (case-sensitive):
$a.Contains("substring")
Replace a string or substring:
$a.Replace("old string", "new string")
Substring:
$a.SubString(index)
returnsa[index..$a.Length-1]
or$a.SubString(start, end)
returns$a[start..end]
Split a string:
$a.Split("separator")
returns an array of the string split by the separatorPad a string:
$a.PadLeft(1)
,$a.PadRight(1)
pads the string to the specified lengthConvert string to a byte array:
$a.ToByteArray()
Regular Expressions
Strings can also be used to match regular expressions with operators like -match
, -notmatch
(case-insensitive) or -cmatch
, -cnotmatch
(case-sensitive).
The -match
operator will populate the $Matches
variable with all the matches if used on a single-line variable.
To match and replace part of a string we use -replace
and -creplace
Logic & Loops
If / else / if-else statements
Switch statements
Try / catch / finally statements
For-each statements
For-each-object statement
While / do-while statement
Filtering
When piping output from other commands it's possible to filter it
Find an object with specific properties:
Execute a scriptblock on each object:
Find property comparisons
We can also sort objects by a set property with Sort-Object property
, group objects with GroupObject property
or select only some objects with
Last updated