Friday, September 27, 2013
Name, Version, CreationTime file info
This snippet is simple but I thought it was worth the post:
PS C:\tools\SysinternalsSuite> $name=(ls *.exe)
PS C:\tools\SysinternalsSuite> $FileInfo=foreach ($i in $name) {new-object psobject -property @{name=$i.name; Version=($i).VersionInfo.ProductVersion; CreationTime=$i.C
reationTime} | Select Name,Version,Creationtime}
PS C:\tools\SysinternalsSuite> $FileInfo | ft -auto
name Version CreationTime
---- ------- ------------
accesschk.exe 5.11 8/1/2012 1:27:52 PM
AccessEnum.exe 1.32 11/1/2006 1:06:36 PM
ADExplorer.exe 1.44 11/14/2012 10:22:40 AM
ADInsight.exe 1.01 11/20/2007 12:25:34 PM
adrestore.exe 11/1/2006 1:05:44 PM
Autologon.exe 3.01 2/22/2011 2:18:54 PM
autoruns.exe 11.60 9/10/2012 9:16:28 AM
autorunsc.exe 11.60 9/10/2012 9:16:28 AM
Bginfo.exe 4, 16, 0, 0 9/30/2009 1:31:54 AM
Cacheset.exe 11/1/2006 1:06:08 PM
Clockres.exe 2.0 6/3/2009 10:36:40 PM
...
Monday, September 16, 2013
Random notes on [System.Collections...]
These are some very random notes on [System.Collections...] 7:07 PM 9/16/2013
Most of us know you can create a hashtable from syntax like this:
$ps=foreach ($i in $(ps)) {@{$i.id=$i.name}}
$ps | gm -s
TypeName: System.Collections.Hashtable
But did you know you can use the same syntax to create a SortedList?
$ps=foreach ($i in $(ps)){[System.Collections.SortedList]@{$i.id=$i.name}}
$ps | gm -s
TypeName: System.Collections.SortedList
'SortedList' is one of some number of data collections found in System.Collections. It creates a sorted list of values based on a unique key. Once loaded 'SortedList' has a faster retrieval speed than other members of System.Collections. Here's an example:
rv -ea 0 SortedNames; rv -ea 0 SortedSDDL
measure-command {
$SortedNames = New-Object System.Collections.SortedList
$SortedSDDL = New-Object System.Collections.SortedList
$index=0
foreach ($i in $(ls)) { $indx = $index++; $SortedNames.Add($indx,$i.name); $SortedSDDL.Add($indx,$i.getaccesscontrol().SDDL) }
}
PS C:\ps1> rv -ea 0 SortedNames; rv -ea 0 SortedSDDL
PS C:\ps1> measure-command {
>> $SortedNames = New-Object System.Collections.SortedList
>> $SortedSDDL = New-Object System.Collections.SortedList
>> $index=0
>> foreach ($i in $(ls)) { $indx = $index++; $SortedNames.Add($indx,$i.name); $SortedSDDL.Add($indx,$i.getaccesscontrol().SDDL) }
>> }
PS C:\ps1> $SortedNames.count
935
Days : 0
Hours : 0
Minutes : 0
Seconds : 0
Milliseconds : 820
Ticks : 8200868
TotalDays : 9.49174537037037E-06
TotalHours : 0.000227801888888889
TotalMinutes : 0.0136681133333333
TotalSeconds : 0.8200868
TotalMilliseconds : 820.0868
The following trick I picked up from Powershell.com : http://powershell.com/cs/blogs/tips/archive/2013/09/11/adding-new-type-accelerators-in-powershell.aspx . You can enumerate "Type Accelerators" in Powershell 3.0 with:
[PSObject].Assembly.GetType("System.Management.Automation.TypeAccelerators")::Get |Sort-Object -Property Value
The property 'ImplementedInterfaces' allows you to view the interfaces for various Collections. Some Collections have more interfaces than others:
$PSAGet=[PSObject].Assembly.GetType("System.Management.Automation.TypeAccelerators")::Get
$PSAhashtable = ($PSAGet).hashtable
($PSAhashtable).ImplementedInterfaces
IsPublic IsSerial Name BaseType
-------- -------- ---- --------
True False IDictionary
True False ICollection
True False IEnumerable
True False ISerializable
True False IDeserializationCallback
True False ICloneable
$PSAArray = ($PSAGet).array
PS C:\> ($PSAArray).ImplementedInterfaces
IsPublic IsSerial Name BaseType
-------- -------- ---- --------
True False ICloneable
True False IList
True False ICollection
True False IEnumerable
True False IStructuralComparable
True False IStructuralEquatable
Unlike [hashtable] and [array], SortedList, ArrayList, IDictionary, IList will need to be added to Powershell Type Accelerator list in order to be used as [SortedList], [ArrayList], etc.
Saturday, September 7, 2013
SortedList Collection and IP Address generation
I spent this morning working with the SortedList Collection and IP Address generation. SortedList maintains an IDictionary interface to a Key/Value pair collection (see Krivayakov ) The advantage is a simple and direct reference to the last octet for Class C subnet generation and reference:
rv -ea 0 SN
$SN = new-object System.Collections.SortedList
foreach ($i in (0..254)) {$SN.add($i,[IPAddress]"192.168.0.$i")}
foreach ($i in (0..254)) {$SN.add($i,[IPAddress]"192.168.0.$i")}
PS C:\> $SN
Name Value
---- -----
0 192.168.0.0
1 192.168.0.1
2 192.168.0.2
3 192.168.0.3
...
PS C:\> ($SN[0])
Address : 43200
AddressFamily : InterNetwork
ScopeId :
IsIPv6Multicast : False
IsIPv6LinkLocal : False
IsIPv6SiteLocal : False
IsIPv6Teredo : False
IsIPv4MappedToIPv6 : False
IPAddressToString : 192.168.0.0
This makes collecting arbitrary IP ranges a simple reference to their Name/Key:
PS C:\Powershell> $b = ($SN[0,8,23]).IPAddressToString + ($SN[23..27]).IPAddressToString
PS C:\Powershell> $b
192.168.0.0
192.168.0.8
192.168.0.23
192.168.0.23
192.168.0.24
192.168.0.25
192.168.0.26
192.168.0.27
A little more complicated for multiple subnets:
rv -EA 0 SN0;rv -EA 0 SN1;rv -EA 0 SN2;
$SN0 = new-object System.Collections.SortedList
$SN1 = new-object System.Collections.SortedList
$SN2 = new-object System.Collections.SortedList
for ($i = 0; $i -ile 254;$i++){$SN0.add($i,[IPAddress]"192.168.0.$i")}
for ($i = 0; $i -ile 254;$i++){$SN1.add($i,[IPAddress]"192.168.1.$i")}
for ($i = 0; $i -ile 254;$i++){$SN2.add($i,[IPAddress]"192.168.2.$i")}
$c = ($SN0[0,8,23]).IPAddressToString + ($SN1[23..27]).IPAddressToString + ($SN2[148..154]).IPAddressToString
PS C:\> $c
192.168.0.0
192.168.0.8
192.168.0.23
192.168.1.23
192.168.1.24
192.168.1.25
192.168.1.26
192.168.1.27
192.168.2.148
192.168.2.149
192.168.2.150
192.168.2.151
192.168.2.152
192.168.2.153
192.168.2.154
rv -ea 0 SN
$SN = new-object System.Collections.SortedList
foreach ($i in (0..254)) {$SN.add($i,[IPAddress]"192.168.0.$i")}
foreach ($i in (0..254)) {$SN.add($i,[IPAddress]"192.168.0.$i")}
PS C:\> $SN
Name Value
---- -----
0 192.168.0.0
1 192.168.0.1
2 192.168.0.2
3 192.168.0.3
...
PS C:\> ($SN[0])
Address : 43200
AddressFamily : InterNetwork
ScopeId :
IsIPv6Multicast : False
IsIPv6LinkLocal : False
IsIPv6SiteLocal : False
IsIPv6Teredo : False
IsIPv4MappedToIPv6 : False
IPAddressToString : 192.168.0.0
This makes collecting arbitrary IP ranges a simple reference to their Name/Key:
PS C:\Powershell> $b = ($SN[0,8,23]).IPAddressToString + ($SN[23..27]).IPAddressToString
PS C:\Powershell> $b
192.168.0.0
192.168.0.8
192.168.0.23
192.168.0.23
192.168.0.24
192.168.0.25
192.168.0.26
192.168.0.27
A little more complicated for multiple subnets:
rv -EA 0 SN0;rv -EA 0 SN1;rv -EA 0 SN2;
$SN0 = new-object System.Collections.SortedList
$SN1 = new-object System.Collections.SortedList
$SN2 = new-object System.Collections.SortedList
for ($i = 0; $i -ile 254;$i++){$SN0.add($i,[IPAddress]"192.168.0.$i")}
for ($i = 0; $i -ile 254;$i++){$SN1.add($i,[IPAddress]"192.168.1.$i")}
for ($i = 0; $i -ile 254;$i++){$SN2.add($i,[IPAddress]"192.168.2.$i")}
$c = ($SN0[0,8,23]).IPAddressToString + ($SN1[23..27]).IPAddressToString + ($SN2[148..154]).IPAddressToString
PS C:\> $c
192.168.0.0
192.168.0.8
192.168.0.23
192.168.1.23
192.168.1.24
192.168.1.25
192.168.1.26
192.168.1.27
192.168.2.148
192.168.2.149
192.168.2.150
192.168.2.151
192.168.2.152
192.168.2.153
192.168.2.154
Subscribe to:
Posts (Atom)