shell - Dave's Blog


Retweet of olemoudi

Sep 18, 4:21
Shell-XSS: Never trust cat again …

Retweet of bl4sty

Jul 9, 1:36
A wise friend once said: "All I know is that the 'sh' in flash stands for shell" -- @brainsmoke

Tweet from David_Risney

Apr 9, 4:34
Scripting in cdb/kd is not pleasant. Using PowerShell to script cdb/kd instead: … . Any other better ways?

Tweet from David_Risney

Mar 20, 10:30
VHD in PowerShell: easy. Find drive letter: hard. Mount-DiskImage $vhd; Get-Partition -DiskNumber (Get-DiskImage -ImagePath $vhd).Number

Retweet of PuN1sh_3r

Feb 18, 6:40
PowerShell: Better phishing for all! 

Tweet from David_Risney

Feb 1, 8:13
Presently enjoying Ghost in the Shell Arise. Only somewhat confused hearing voices of old Major and Piccolo out of different characters

Image Manipulation in PowerShell - Windows PowerShell Blog - Site Home - MSDN Blogs

Jan 5, 1:20

Great blog post and set of powershell scripts for manipulating images.

PermalinkCommentsprogramming coding powershell


2014 Apr 29, 8:27

Does it betray my innocence that I’m shocked by the amount of exec($_GET you can easily find on github? Hilarious comment thread on hacker news: 

This is awful. Shell commands are not guaranteed to be idempotent, people! These should all be of the form exec($_POST, not exec($_GET.


PermalinkCommentshumor security http php technical

Moving PowerShell data into Excel

2013 Aug 15, 10:04
PowerShell nicely includes ConvertTo-CSV and ConvertFrom-CSV which allow you to serialize and deserialize your PowerShell objects to and from CSV. Unfortunately the CSV produced by ConvertTo-CSV is not easily opened by Excel which expects by default different sets of delimiters and such. Looking online you'll find folks who recommend using automation via COM to create a new Excel instance and copy over the data in that fashion. This turns out to be very slow and impractical if you have large sets of data. However you can use automation to open CSV files with not the default set of delimiters. So the following isn't the best but it gets Excel to open a CSV file produced via ConvertTo-CSV and is faster than the other options:

$excel = New-Object -ComObject Excel.Application

$xlDelimited=1 # 1 = delimited, 2 = fixed width
$xlTextQualifierDoubleQuote=1 # 1= doublt quote, -4142 = no delim, 2 = single quote
$consequitiveDelim = $False;
$tabDelim = $False;
$semicolonDelim = $False;
$commaDelim = $True;

$excel.workbooks.OpenText($Path,$xlWindows,$StartRow,$xlDelimited,$xlTextQualifierDoubleQuote,$consequitiveDelim,$tabDelim,$semicolonDelim, $commaDelim);
See Workbooks.OpenText documentation for more information.
PermalinkCommentscsv excel powershell programming technical

NICT Daedalus Cyber-attack alert system #DigInfo (by...

2012 Jun 20, 3:23

NICT Daedalus Cyber-attack alert system #DigInfo (by Diginfonews)

Someone has been watching too much Ghost in the Shell. I’d say someone has been watching too much Hackers but this actually looks cooler than their visualizations and also you can never watch too much of Hackers.

PermalinkCommentstechnical network visualization hack security

Permanently Add Path to System PATH Environment Variable in PowerShell

2012 May 17, 7:16
According to MSDN the proper way to permanently add a path to your system's PATH environment variable is by modifying a registry value. Accordingly this is easily represented in a PowerShell script that first checks if the path provided is already there and otherwise appends it:
param([Parameter(Mandatory = $true)] [string] $Path);
$FullPathOriginal = (gp "HKLM:\System\CurrentControlSet\Control\Session Manager\Environment").Path;
if (!($FullPathOriginal.split(";") | ?{ $_ -like $Path })) {
sp "HKLM:\System\CurrentControlSet\Control\Session Manager\Environment" -name Path -value ($FullPathOriginal + ";" +
PermalinkCommentspowershell registry technical code programming

PowerShell Equivalents for JavaScript Array Functions

2012 May 15, 3:30


input | %{ expression($_) }
input | %{ [void]expression($_) }
input | ?{ expression($_) }

Close to built-in

if (input | ?{ expression($_) }) { ... }
if (-not input | ?{ !expression($_) }) { ... }
[array]::lastIndexOf(input, value)

Write it yourself

function reduce($fn, $a, $init) { $s = $init; $a | %{ $s = &$fn $s $_; }; $s; }
PermalinkCommentsjavascript powershell array technical

URI Percent-Encoding Ignorance Level 1 - Purpose

2012 Feb 15, 4:00

As a professional URI aficionado I deal with various levels of ignorance on URI percent-encoding (aka URI encoding, or URL escaping).

Worse than the lame blog comments hating on percent-encoding is the shipping code which can do actual damage. In one very large project I won't name, I've fixed code that decodes all percent-encoded octets in a URI in order to get rid of pesky percents before calling ShellExecute. An unnamed developer with similar intent but clearly much craftier did the same thing in a loop until the string's length stopped changing. As it turns out percent-encoding serves a purpose and can't just be removed arbitrarily.

Percent-encoding exists so that one can represent data in a URI that would otherwise not be allowed or would be interpretted as a delimiter instead of data. For example, the space character (U+0020) is not allowed in a URI and so must be percent-encoded in order to appear in a URI:

  2. path/
In the above the first is a valid URI while the second is not valid since a space appears directly in the URI. Depending on the context and the code through which the wannabe URI is run one may get unexpected failure.

For an additional example, the question mark delimits the path from the query. If one wanted the question mark to appear as part of the path rather than delimit the path from the query, it must be percent-encoded:

In the second, the question mark appears plainly and so delimits the path "/foo" from the query "bar". And in the first, the querstion mark is percent-encoded and so the path is "/foo%3Fbar".
PermalinkCommentsencoding uri technical ietf percent-encoding

Using Progress Indicators in Windows PowerShell

2011 Jul 27, 10:33The write-progress command in powershell allows scripts to express their progress in terms of percent or time left and powershell displays this in a friendly manner at the top of my window. Surprisingly, not hooked up to the Shell's TaskbarItemInfo's progress.PermalinkCommentstechnical powershell progress coding shell

Command line for finding missing URLACTIONs

2011 May 28, 11:00

I wanted to ensure that my switch statement in my implementation of IInternetSecurityManager::ProcessURLAction had a case for every possible documented URLACTION. I wrote the following short command line sequence to see the list of all URLACTIONs in the SDK header file not found in my source file:

grep URLACTION urlmon.idl | sed 's/.*\(URLACTION[a-zA-Z0-9_]*\).*/\1/g;' | sort | uniq > allURLACTIONs.txt
grep URLACTION MySecurityManager.cpp | sed 's/.*\(URLACTION[a-zA-Z0-9_]*\).*/\1/g;' | sort | uniq > myURLACTIONs.txt
comm -23 allURLACTIONs.txt myURLACTIONs.txt
I'm not a sed expert so I had to read the sed documentation, and I heard about comm from Kris Kowal's blog which happilly was in the Win32 GNU tools pack I already run.

But in my effort to learn and use PowerShell I found the following similar command line:

(more urlmon.idl | %{ if ($_ -cmatch "URLACTION[a-zA-Z0-9_]*") { $matches[0] } } | sort -uniq)
(more MySecurityManager.cpp | %{ if ($_ -cmatch "URLACTION[a-zA-Z0-9_]*") { $matches[0] } } | sort -uniq)
In the PowerShell version I can skip the temporary files which is nice. 'diff' is mapped to 'compare-object' which seems similar to comm but with no parameters to filter out the different streams (although this could be done more verbosely with the ?{ } filter syntax). In PowerShell uniq functionality is built into sort. The builtin -cmatch operator (c is for case sensitive) to do regexp is nice plus the side effect of generating the $matches variable with the regexp results.
PermalinkCommentspowershell tool cli technical command line

clip.exe - Useful tool I didn't know shipped with Windows

2011 May 26, 11:00

When you run clip.exe, whatever comes into its standard input is put onto the clipboard. So when you need to move the result of something in your command window somewhere else you can pipe the result into clip.exe. Then you won't have to worry about the irritating way cmd.exe does block copy/pasting and you avoid having to manually fixup line breaks in wrapped lines. For instance, you can put the contents of a script into the clipboard with:

more cdo.cmd | clip

I've got a lot of stuff dumped in my bin folder that I sync across all my PCs so I didn't realize that clip.exe is a part of standard Windows installs.

Nice for avoiding the block copy in cmd.exe but I'd prefer to have the contents sort of tee'd into the clipboard and standard output. So TeeClip.ps1:

$input | tee -var teeclipout | clip;
PermalinkCommentspowershell clip tool clipboard cli technical windows tee

PowerShell Script Batch File Wrapper

2011 May 22, 7:20

I'm trying to learn and use PowerShell more, but plenty of other folks I know don't use PowerShell. To allow them to use my scripts I use the following cmd.exe batch file to make it easy to call PowerShell scripts. To use, just name the batch file name the same as the corresponding PowerShell script filename and put it in the same directory.

@echo off
if "%1"=="/?" goto help
if "%1"=="/h" goto help
if "%1"=="-?" goto help
if "%1"=="-h" goto help

%systemroot%\system32\windowspowershell\v1.0\powershell.exe -ExecutionPolicy RemoteSigned -Command . %~dpn0.ps1 %*
goto end

%systemroot%\system32\windowspowershell\v1.0\powershell.exe -ExecutionPolicy RemoteSigned -Command help %~dpn0.ps1 -full
goto end


Additionally for PowerShell scripts that modify the current working directory I use the following batch file:

@echo off
if "%1"=="/?" goto help
if "%1"=="/h" goto help
if "%1"=="-?" goto help
if "%1"=="-h" goto help

%systemroot%\system32\windowspowershell\v1.0\powershell.exe -ExecutionPolicy RemoteSigned -Command . %~dpn0.ps1 %*;(pwd).Path 1> %temp%\%~n0.tmp 2> nul
set /p newdir=
PermalinkCommentspowershell technical programming batch file console

Powershell to test your XPath

2011 Apr 14, 5:11This page and esp. the final comment on the page were very helpful with describing how to parse XML in PowerShell.PermalinkCommentspowershell xml xpath technical programming

Chapter 16. The Registry - Master-PowerShell | With Dr. Tobias Weltner - – Powershell Scripts, Tips and Resources

2011 Jan 4, 7:25How to take ownership and re-ACL registry keys from a powershell prompt.PermalinkCommentstechnical powershell acl regkey registry windows

Windows 7 Accelerator Platform COM / C# Interop

2010 Aug 20, 11:20

For a new project I'm working on involving IE's installed Accelerators and OpenSearch search providers via the Windows 7 Accelerator Platform, I've created a C#/COM interop class for those APIs.

Download the osinterop.cs interop file here.

PermalinkCommentstechnical accelerator csharp com
Older Entries Creative Commons License Some rights reserved.