Skip to content
logo
Red tradecraft
Powershell: Command Injection
  • Privacy greenhouse
  • Defence blues
  • Purple crossroads
  • Indigo observatory
  • Contact
Initializing search
    • In: Where the falcons and foxes roam
    • Through: Where the raccoons burrow and rummage
      • The art of staying where you are not wanted
        • The field guide to staying unnoticed
        • Persistence runbooks
        • Digging under the Linux shed
        • Dumpster diving behind the windows store
        • Where the raccoon learns to never leave
        • Burrows, backdoors, and bashful shenanigans
          • Bash: System 1
          • sudo: weak configuration
          • Bash: System 2
          • LaTeX: Input
          • Powershell: Command Injection
            • Counter moves
          • Bash: unquoted expression injection
          • Perl: Command injection
          • Bash: cron
          • Python input()
          • Python pickle
      • Overflowing the bin on purpose
      • Reverse engineering
      • Steganography
      • Crypto-attacks
      • Slipping through the cracks
    • Out: Where squirrels swipe the crown jewels
    • Fungolia earthworks
    • Unseen University Power & Light Co.
    • The Scarlet Semaphore
    • Counter moves

    Powershell: Command Injection¶

    root-me challenge: Powershell - Command Injection: Recover the database’s password.

    > ;cat .passwd

    Counter moves¶

    Unsanitised input flowing into PowerShell execution is the opening. Input validation and constrained language mode are the counters. Defenders’ notes on this are under the application layer as a target.

    2026-06-14 18:23
    © Copyright 2025, TyMyrddin.
    Created using Sphinx 7.2.6. and Sphinx-Immaterial

    Made with love in the Unseen University, 2025, with a forest garden fostered by /ut7