PowerShell - Command history and confidential information
To support me, you can subscribe to the channel, share and like the videos, disable your ad blocker or make a donation. Thank you!
Hello,
Powershell has a history, even several, the commands you run may contain confidential information and remain in that history.
There are 3 histories:
- The Powershell history (in the current Shell Get-History)
- The history of the PSReadLine module (stored in a file by default)
- The Powershell console cache (the command callback with arrows or F8)
Here are some demonstrations and commands for either deleting these histories or removing sensitive information from them.
# Check behaviours.ConvertTo-SecureString 'titi' -AsPlainText -ForceGet-Credential -Credential Guillaume
# Display the history of the current shellGet-History# Note that the history of the current shell retains the following commands
# Display the history of PSReadLineGet-Content (Get-PSReadLineOption).HistorySavePath# The history of PSReadLine deletes the ConvertTo-SecureString command but leaves the identifier
## Delete history# Delete history PowershellClear-History
# Delete console cache history (command callback with arrows or F8)[Microsoft.PowerShell.PSConsoleReadLine]::ClearHistory()# Alt + F7 does the same thing
# Delete the PSReadLine historyRemove-Item -Path (Get-PSReadLineOption).HistorySavePath
# Delete PSReadLine historySet-PSReadlineOption -HistorySaveStyle SaveNothing
## Delete confidential information only# Delete confidential information from history Powershell# Delete part of the history (specify an Array of values to delete the corresponding rows)Clear-History -CommandLine *SecureString*, *credential*
# Clear part of the history PSReadLine (specify values separated by a | to delete the corresponding lines)HistoryPath = (Get-PSReadLineOption).HistorySavePath(Get-Content $HistoryPath ).where({$_ -notmatch 'credential|sensible'}) | Set-Content $HistoryPathComplete your reading with the following articles:
Improving Powershell command-line usability with PSReadLine
Powershell - Playing with command history
Related links
Powershell - Compress-Archive and Expand-Archive to create and extract ZIP archives
Powershell, through the Microsoft.PowerShell.Archive module, allows us to create, update and extract ZIP archivesPowershell - Export-Csv versus Export-Clixml
Powershell - Export-Csv versus Export-Clixml, or the limits of Export-CsvPowershell - Overview of Where-Object basic syntax and its limitations
Powershell - Overview of Where-Object basic syntax and its limitationsPowershell - Hyper-V - Give a custom name to a virtual network adapter
Hyper-V defaults to naming virtual machine NICs as network adapters. This can make it difficult to identify their usage, but this problem can be solved with Powershell which allows you to change the name of virtual network adapters.Powershell - How to add and view a GPO description
How to add and view a GPO description in PowershellPowershell - Displaying and changing the power mode in Windows
How to display and modify the power mode in Windows with Powershell
Follow me on
Support me
Last content
Powershell - Compress-Archive and Expand-Archive to create and extract ZIP archives
Powershell - Export-Csv versus Export-Clixml
Powershell - Overview of Where-Object basic syntax and its limitations
Powershell - Hyper-V - Give a custom name to a virtual network adapter
Powershell - How to add and view a GPO description
Powershell - Displaying and changing the power mode in Windows
Powershell - Adding a line to a file from a specific line
Windows 11 - how to organise your Start menu