Powershell: An Interesting Property of Get-service command

In Windows, a service means a special program that runs at the background.

To view and manage services we typically use services.msc console.

We can also manage services in Powershell, using the Get-service command.

When we type get-service command, we will get a list of the services.

And we can get an info about a specific service, feeding the get-service command with the name of a service too, like:

Get-service lanmanserver

The interesting property of get-service command is that it can retrieve info about “services” not displayed in service console!

For example, get-service mrxsmb20 command retrieves info about SMB protocol version 2 though there is no service like that in the services console.

We can leverage this property to learn about the existince of SMB 1.0 that deemed as insecure:

In the above picture, we can see that we have SMB 2.0 and currently SMB 1.0 is not enabled on the computer. Nice!

If the SMB 1.0 has been enabled, the command generates output like:

Well, where does get-service command retrieves those info about such services?

In Windows, info about services AND drivers can be found in the following Registry location:

ComputerHKEY_LOCAL_MACHINESYSTEMCurrentControlSetServices

Get-service command queries this location and normally filters out the info about the drivers and displays info only about services.

But when feeded with a name, then get-service command retrieves info about that item too, whether it is a real service or not.

Very interesting and useful indeed.

You can take a look at the following articles too:

Bir Cevap Yazın

Aşağıya bilgilerinizi girin veya oturum açmak için bir simgeye tıklayın:

WordPress.com Logosu

WordPress.com hesabınızı kullanarak yorum yapıyorsunuz. Çıkış  Yap /  Değiştir )

Twitter resmi

Twitter hesabınızı kullanarak yorum yapıyorsunuz. Çıkış  Yap /  Değiştir )

Facebook fotoğrafı

Facebook hesabınızı kullanarak yorum yapıyorsunuz. Çıkış  Yap /  Değiştir )

Connecting to %s


%d blogcu bunu beğendi: