Episode 225 – Mark Russinovich talks about Sysinternals, Infosec, and the Cloud

24 04 2013
A Podcast about Windows PowerShell.
Listen:

In This Episode

Tonight on the PowerScripting Podcast, we talk to Mark Russinovich about Sysinternals, Infosec, and the Cloud!

 

News

Interview

Guests – Mark Russinovich

Links

Chatroom Buzz

[21:34:06] <mwjcomputing> ## Can you have Jeff use PowerShell in your next novel?

[21:35:50] <mwjcomputing> ## Have you seen what Adam Driscoll is doing with PowerShell to do the SysInternals Tools?

[21:42:21] <BartekB> ## When can we expect or cli utilitiles from sysinternals to support csv output – perfect for ConvertFrom-Csv in PowerShell to consume and object-izing?

[21:35:42] <Vern_Anderson> ## When can we get a BGInfo that recognizes Windows 2012?

[21:40:37] <Start-Automating> ## Have you learned more about Windows before or after joining Microsoft?

## Will Azure be upgraded to server 2012 at some stage? (not sure if this was dicussed already I had a bad connection here)

[22:02:25] <FreeTheNode> ## how have you seen the development of state sponsored hacking, from israel/usa (stuxnet, duqu, etc) to china and apt1?

[22:03:56] <alexandair> ## has someone contacted you for a movie deal? 🙂

[22:07:46] <JimBirley> ## Does Mark ever see a future version of Windows server with no GUI option at all making Powershell essential?

[22:17:20] <FreeTheNode> ## do you feel that computing in the cloud will lean more towards the security and encryption of data, perhaps even to the point where it will become encrypted or invisible to the provider, both at rest, and perhaps even for hot data such as the work Microsoft Research is doing via CryptDB?

The Question –

  • Superhero: Time travel




Episode 215 – Lee Holmes from the PowerShell team talks about his new book

18 02 2013
A Podcast about Windows PowerShell.
Listen:

In This Episode

Tonight on the PowerScripting Podcast, we talk to Lee Holmes from Microsoft about his new book!

Interview

Guests – Lee Holmes

Links

The Question –

Computer: Apple ][e

Mission to Mars: minecraft





Episode 207 – Dave Kennedy on security and the Social-Engineer Toolkit

21 11 2012
A Podcast about Windows PowerShell.
Listen:

In This Episode

Tonight on the PowerScripting Podcast, we talk to Dave Kennedy about security and the Social-Engineer Tooklit!

News

 

 

Interview

 

Guest – Dave Kennedy

Links

 

Chatroom buzz

<1mwjcomputing> I have to say the live demos of SET’s PowerShell Attack vectors were amazing the first time I saw them.

16[2012-11-08 21:39:47] <9ScriptingWife> episode 174 22https://powerscripting.wordpress.com/2012/01/31/episode-174-matt-graeber-using-powershell-in-infosec/

16[2012-11-08 21:59:44] <4kobeckman> “Hey, I’m the copier guy.”

16[2012-11-08 22:00:01] <1mwjcomputing> PDF Exploits….yum

16[2012-11-08 22:08:10] <5AaronHoover> understatement of the day…

16[2012-11-08 22:09:16] <1mwjcomputing> i think applocker will help the second (fall back) but not the powershell attack

16[2012-11-08 22:09:26] <1mwjcomputing> but i might try that tonight

16[2012-11-08 22:09:58] <1mwjcomputing> pivoting FTW

16[2012-11-08 22:10:19] <4kobeckman> well, it sounds like if you don’t have Java, the initial attack fails and then falls back to an executable if I understand correctly

16[2012-11-08 22:10:34] <4ReL1K> yea applocker would stop second attack not first

16[2012-11-08 22:22:53] <9ScriptingWife> BTW last week I said what the carp on Porpoise 🙂

21[2012-11-08 22:28:59] <JonWalz> this cold is messing with my brain

21[2012-11-08 22:29:16] <JonWalz> I can’t get my thoughts together. 😦

16[2012-11-08 22:29:45] <11mwjcomputing> DefCon 18 VIdeo with ReL1K was good!

16[2012-11-08 22:30:04] <11mwjcomputing>  22http://vimeo.com/15540900

16[2012-11-08 22:30:08] <11mwjcomputing> that is the video

16[2012-11-08 22:38:31] <9ericcourville> SANS.org newsletter is a good resource too

16[2012-11-08 21:54:32] <1mwjcomputing> that is what ReL1K gets for talking about the government.

16[2012-11-08 21:54:36] <2GeekJimmy> lol

16[2012-11-08 21:54:37] <1mwjcomputing> lol

16[2012-11-08 21:54:48] <2GeekJimmy> the black helicopters turned on the jammer!

16[2012-11-08 21:54:56] <2GeekJimmy> **dons tinfoil hat**

The Question – Mission to Mars – MacBook Pro





Up Next Matt Graeber and PowerSyringe

26 01 2012

Matt Graeber (@mattifestation), an aspiring security researcher,  joins us to talk about PowerSyringe. PowerSyringe is PowerShell-Based Code/DLL Injection Utility. Please join us Thursday January 26th at 9:30 pm EDT at our new and permanent live chat location live.powerscripting.net!





Episode 129 – Security Ninja Dave Kennedy

26 10 2010
A Podcast about Windows PowerShell.
Listen:

In This Episode

Tonight on the PowerScripting Podcast, we talk to security ninja Dave Kennedy about ethical hacking using PowerShell.

News

Execute commands and scripts from anywhere including the office and remote locations, as well as from a Web browser or smart phone with PowerGUI Pro from Quest Software. With the MobileShell feature, administrators can quickly run commands to troubleshoot problems or make changes, even when away from your desk! This gives teams more flexibility to work remotely while traveling, and to leverage admins from other offices in case of an emergency.

·         Execute queries remotely to determine if services or processes are running

·         Restart services, processes, or entire servers

·         Check mailbox settings

·         Unlock user accounts

·         Reset passwords

·         Run custom scripts

Visit quest.com/powerguipro and see why PowerShell and Quest PowerGUI are the ultimate Windows management tools.

Interview

Our interview is brought to you by SAPIEN Technologies, makers of PrimalScript and PrimalForms.

Links:

Chatroom Buzz

  • <AaronHoover> ## favorite linux distros?
    • Backtrack/ubuntu
  • <toenuff> ## Scripting language/Programming language history
    • Python
  • <c0gito_ergo_sum> ## how about how SET came to be?
  • <c0gito_ergo_sum> ### what did you develope for backtrack?
  • <stuwee-1> Q: how simular do you see python and psh?
  • <infosec208> ## this sounds like a n00b question probably, but has dave used python 3 or stuck with python 2.x? i’ve struggled with the ctypes he mentioned with 3.x.
  • <stuwee-1> Q: do you use psh automation scripts to do system tests?
  • <AaronHoover> ## would you say most networks are turtle shells?
  • <AaronHoover> ## thoughts on Certified Ethical Hacker cert?
  • <c0gito_ergo_sum> ### great description on what the tool is and some backround on it but did you just say one day “hey i want to be able to do something like this automaticaly” or was it someone who wanted the tool?
  • <PenPerk> CISSP = if you didn’t know how to secure a machine before the cert.. you still don’t after..
  • <AaronHoover> ## best ways to sell security to decision makers? Opportunity cost?  Disaster scenarios?
  • <infosec208> ## how has dave used powershell in a test? i have not listened to his defcon talk. i can see where powershell can be handy since it’s almost on every server. like wmi via powershell?
  • <stuwee-1> Q: is a recorded session or powerpoint slides available for posting in the notes from his defcon session
  • <toenuff> ## Have you looked at attacking winrm or did you play with remoting at all?
  • <Toshana> ##By a weak SA password are describing a brute force attack on the SA, to the SMO?
  • <AaronHoover> ## how often do new security tools come out? Or are there more updates to existing tools?
  • <stuwee-1> Q: How often is he using psh for testing?
  • <phat32> ## Q what resouces has Dave used to learn more about powershell scripting and how to use it?
  • <AaronHoover-1> ## how ‘powerful’ is PS compared to linux/bash?
  • <toenuff> ## What did you not like in PowerShell when learning it?
  • <PenPerk> ## What would you do to secure powershell from people like you?
  • <toenuff> ## He’s mentioned execution restriction policy twice… what makes them so weak?
  • <phat32> but flash can’t see through….walls

Hero – Superman

Resources

This segment brought to you by ServerFault.com


Tips

  • From Rob C.
    • $list = @”<insert list>“@$col = $list.split(“`n”) |% {$_.trim()}




Up Next: Security Ninja David Kennedy!

19 10 2010

We’re excited to have David Kennedy (@dave_rel1k) on this show this Thursday 10/21 @ 9:30 pm edt. In the PowerShell world, David would be best known by his recent DefCon session where he introduced our favorite scripting shell to the hackers and suits gathered at this well-known security conference.

Come join us for the live chat and pitch your own questions to our guest! As always, you can find us Thursday night at the PowerScripting Podcast Ustream channel!

Here’s a bit about David:

David Kennedy is a security ninja that likes to write code, break things, and develop exploits when he has spare time. Heavily involved with BackTrack and the Social-Engineer Framework, David continues (and strives) to contribute to a variety of open-source projects. David had the privilege in speaking at some of the nations largest conferences on a number of occasions including BlackHat, Defcon and Shmoocon. David is the creator of the Social-Engineer Toolkit (SET), Fast-Track, modules/attacks for Metasploit, and has (responsibly) released a number of public exploits, including attacks that affect some of the largest software vendors in the world. David heavily co-authored the Metasploit Unleashed course available online and has a number of security related white-papers in the field of exploitation.





Episode 121 – Jay Dave on UAC and AppLocker

10 08 2010

A Podcast about Windows PowerShell.
Listen:

In This Episode

Tonight on the PowerScripting Podcast we talk to Jay Dave, Program Manager at Microsoft about UAC and AppLocker

News

Execute commands and scripts from anywhere including the office and remote locations, as well as from a Web browser or smart phone with PowerGUI Pro from Quest Software. With the MobileShell feature, administrators can quickly run commands to troubleshoot problems or make changes, even when away from your desk! This gives teams more flexibility to work remotely while traveling, and to leverage admins from other offices in case of an emergency.

·         Execute queries remotely to determine if services or processes are running

·         Restart services, processes, or entire servers

·         Check mailbox settings

·         Unlock user accounts

·         Reset passwords

·         Run custom scripts

Visit quest.com/powerguipro and see why PowerShell and Quest PowerGUI are the ultimate Windows management tools.

Interview

This segment is brought to you by SAPIEN Technologies.

Superhero: Phantom

Resources


This segment is brought to you by ConcentratedTech.com.

Tips


This segment is brought to you by Serverfault.com!






Next Up: Jay Dave from the Windows Security Team!

3 08 2010

Jay will be talking to us about all the cool things you can do with AppLocker and PowerShell. Here is a bit of information about him:

Jay Dave, Program Manager with the Windows Security team in Microsoft. I have been with MS for 5 years and during this time I have worked on a variety of features most notable amongst those are UAC and AppLocker. I have done my MS in Computer Science from SUNY Stonybrook and BE in Computer Engineering from Gujarat University, India.

Note: We will be recording WEDNESDAY 8/4, not our usual Thursday. We hope to see you on the live show at 9:30 EST!





Episode 76 – Don Jones on Security

13 07 2009

A Podcast about Windows PowerShell.

Listen:

 

In This Episode

Tonight on the PowerScripting Podcast we talk to PowerShell MVP Don Jones about security

News

When it comes to scripting, you’re a warrior. But mighty warriors need mighty tools!For awesome PowerShell scripting, nothing matches the might of Quest’s PowerGUI. Versatile and easy to use, PowerGUI helps you build commanding scripts that leverage PowerShell’s strength across the enterprise. Now, ruling your domain is easier than ever.

Is your scripting might equal to the challenge? Put the power in your hands – download PowerGUI today.

Interview

Want to make Windows PowerShell easier than ever to learn and master? Checkout Idera’s PowerShellPlus Professional Edition which is now available for download! The new version has vastly improved code completion and a slick interactive Learning Center. Go to www.idera.com/PodcastPeople to get your copy today!
Questions:
  • JeffHicks: ##What is the longest PowerShell script you’ve ever written?
  • JeffHicks: ##What is the killer feature in PowerShell v2 admins will love?
  • meson: ## How can script signing ever become useful if its so hard to get code signing certs?
  • slipsec: ## what’s “bypass”  [enum]::getvalues([Microsoft.PowerShell.ExecutionPolicy])UnrestrictedRemoteSignedAllSignedRestrictedRestrictedBypass
  • meson: ## What about the ability to override the executionpolicy via -scope
  • finked: ## is there a link for posh on mono?
  • Jaykul: ## So would you actually recommend saving the money by installing PowerShell 2 on Vista/XP/Server 2003/2008?
  • Sabre9774: ## Will the Powershell 2.0 install for XP/Vista/2003 remove Powershell 1.0 if installed on a machine?
  • finked: ## I am a lowly developer. When I hear security, my eyes glaze over.When I demo Posh for developers. Seems likes a huge process to get developers ‘secure’ Posh to try it out.Not sure how to balance it
  • Sabre9774: ## that is my concern – we pushed PS 1.0 to all client machines in our enviornment, so would we have to uninstall 1.0 manually first?
  • PenPerk: ## Powershell Certification — not for the programmer but SysAdmin level?

Resources

This segment brought to you by SAPIEN Technologies, maker of PrimalScript

Tips








%d bloggers like this: