Microsoft PowerShell

Tom Roeder

CS215 2006fa

Motivation

.NET as a platform shell web server database access

Native access to resources eaiser to manage than P/Invoke scripting .NET natively can use reflection idea of managed code throughout

PowerShell: introduction

No more text: traditional style of shell scripting: the pipe

find . –name ‘*.sh’ | xargs zip -@ shfiles what does this command do? many tools for this job

sed, xargs, cut

Instead, pass objects as return values. Why? convert to text as needed richer format

PowerShell: Cmdlets

“built-in” commands for PowerShell “verb-noun” names

eg. get-childitem (= ls) but: new-alias, new-object

single parser for parameters passed as calls to cmdlets

extensible set: can write own cmdlets Aliases

built in with (mostly) standard scripting names

PowerShell: variable syntax

Basic syntax similar to all scripting languages $a = “value” $a = 1 + 2 $a += 137

Built-in support for types $a = [xml]“<test><a>avalue</a></test>” [int]$a = 42 or cast to arbitrary .NET object

PowerShell: parsing

Two contexts: command context

starts with regular character tries to execute command

expression context starts with num, var, or quoted string executes as expression

Can reset mode with “( )” (Get-Date).day + 2

PowerShell: array and hash

$a = 1,2,3,4 $a += 5..10

+ adds elements to array .. is range operator. What is $a[1..3]?

$a[1], $a[2], $a[3]

$a = @{ one=1; val = get-childitem } $a[‘val’] $a.one

PowerShell: if/switch

if { <test> } { <true> } else { <false> } elseif { <test> } { <else> }

switch (<var>) { <val> { <case>; break } … } default case

switch –regex (<var>) { word.* { <case> } … } dropping break gives multiple matches

$_: variable referring to current <var> where { <test> }

PowerShell: looping

while($a –lt 137) { <block> } foreach($var in get-process) { <block> }

IEnumerable support Shorten foreach to %

ls | %{ $_.Length } receive piped objects $_ as before

for { $i = 0; $i –lt 10; $i += 2} { $i } regular for loop

PowerShell: useful operators

&, . call operator $a = “Get-childitem”; &$a # calls get-childitem . used for executing scripts in current context

-as, -is is/as in C# $a –as [int] if { $a –is [System.DateTime] } { … }

PowerShell: functions

function [(args)] { <body> } if Param is first statement, then gives parameters arguments passed in $args input passed in $input

parameter passing on cmd line add –x 2 –y 3 add 2 3

Useful commands

get-member return the members of an object eg. get-member –MemberType property

or, method

Authenticode signing can use certificates to verify scripts checks the hash and returns

PowerShell: errors

throw throw “error” same as ThrowTerminatingError in Cmdlets

trap catch exceptions trap [DivideByZeroException] { <do something> } break/continue semantics

PowerShell: surprises

Drives C, D Env, Alias, HKLM, variable, function mount lets you create others

variable scoping private, local, script, global

PowerShell: surprises

import/export –CSV get-unique

$(foreach ($line in get-content C:\Test1\File1.txt) {$line.tolower().split(" ")}) | sort | get-unique

get-item group $x = new-object –COM <ProgID>

eg. Outlook.Application

PowerShell: surprises

calc $calc = get-process calc $calc.add_exited({write-host

$this.Processname has exited}) $calc.HasExited $calc.kill() $calc.HasExited

Scriptblocks

a chunk of script a type in PowerShell

$x = [scriptblock]{$y = 137}&$x;

Can be used as an EventHandler delegate this is what’s happening in the last example object parameter -> $this EventArgs parameter -> $_

Cmdlet creation

Subclass of System.Management. Automation.Cmdlet must have an attribute

gives “verb” and “noun” components of name overrides at least one of

BeginProcessing, ProcessRecord, EndProcessing

use make-shell command to include it adds dll to set of cmdlets requires some registry manipulation

Cmdlet creation

Cmdlet parameters add [Parameter] attribute

Mandatory=true|false Position=<index> … others for in-pipeline action

Return value: any object native object facilities allow inspection can use arbitrary code

Example in script

function MyWhere {param ( [scriptblock]$expression )begin { $matches = 0 }process {if ( &$expression ) { $_; $matches++ }}end { "Found $matches matches" }}

Execution Policy

AllSigned require a digital signature and prompt user must agree to run script

RemoteSigned only files from internet need to be signed default setting

Unrestricted no signing required

Attacks on AllSigned?