I'm not a native English speaker as such pardon some discrepancy in my question. I'm looking at a way to Automate option selection in Programs/Scripts running via PowerShell.
For example:
Start-Process -FilePath "velociraptor.exe" -ArgumentList "config generate -i"
In the above snipper PowerShell will run Velociraptor and initiate the configuration wizard from a Ps1 file. The Wizard has few options. After running it will generate some Yaml files.
As such what would be the way to have PowerShell Script automate the option selection process? I know what the option should be. I looked around but I don't know proper terms to find what I need. Nor am I sure this can be done with PowerShell.
The end goal is to have the Ps1 download Exe, run the config command and continue with choosing the selection based on predefined choices. So far I gotten download and lunching of the velociraptor.exe working. But not sure how to skip the window in screenshot and have PowerShell script do it instead.
I couldn't find a CLI reference for velociraptor at https://www.velocidex.com/, but, generally speaking, your best bet is to find a non-interactive way to provide the information of interest, via dedicated _parameters_ (possibly pointing to an input file).
Absent that, you can use the following technique to provide successive responses to an external program's interactive prompts, assuming that the program reads the responses from stdin (the standard input stream):
$responses = 'windows', 'foo', 'bar' # List all responses here
$responses | velociraptor.exe config generate -i
Related
I read that when using a Powershell script in a scheduled task, external command or shortcuts, to always use the -NoProfile parameter. This is because otherwise Powershell will load some other profile which will be dangerous since you wouldn't know the content and can produce unexpected behaviours.
What I don't understand is, to my knowledge, by default, Powershell will run the "Current User, Current Host" profile (if I don't state -NoProfile). Since it is one of the basic profile files, why would it, or any of the other files be considered dangerous? Is it not trusted?
Links I referred to:
Link 1
Link 2
I have been assigned the job of automating a long list of tasks for developers to load into Intune.
One of the tasks is to set the Run As Administrator feature to Visual Studio with a script.
I know you can right-click on the exe, go to properties > Advanced and set that setting, but I'm struggling to find a scriptable way to do that. Any suggestions would be appreciated.
Edit: This to update the shortcut to send the command to run as administrator.
The shell-friendly way to create shortcut files (*.lnk) unfortunately does not provide a way to mark a shortcut file as needing to run with elevation (as administrator).
To do so, you have two options:
A quick-and-dirty solution based on raw byte manipulation of a .lnk file.
The caveat is that such an approach may break in a future Windows version, should the binary file format of shortcut file changes. See below.
A proper solution via the appropriate COM interfaces, which are not script-friendly, however.
See this blog post for C++ sample code.
Quick-and-dirty solution, effective as of Windows 10, gratefully adapted from this answer:
# Get the *full path* of the target shortcut file (*.lnk),
# using sample path ~/Desktop/test.lnk here.
$shortcutFile = Convert-Path -LiteralPath (Get-Item ~/Desktop/test.lnk)
# Read the shortcut file's raw byte contents.
$bytes = [System.IO.File]::ReadAllBytes($shortcutFile)
# Set the relevant byte to mark the shortcut as needing to
# run with elevation.
$bytes[21] = 34
# Save the modified byte array back to the original file.
[System.IO.File]::WriteAllBytes($shortCutLocation, $bytes)
I am trying to modify several values of a PowerShell script template prior to execution. The approach I took was to use the Get-Content command to read the template file, then to use the replace operand to replace the content with a content of my choosing, and then the Set-Content command to update the file, then execute the script. However, according to the error messages that I encounter, it seems that the modified file is not running, but the template one.
The thing I find hard to understand is why, as I use the Get-Content once again and print the result prior to execution, where I witness that the file did change.
I use simple PowerShell scripting with no threads or so ever, the script is being executed on an Azure VM via the Run-Command feature. I wonder why it happens.
Can anyone please explain?
SO I have surfed this site and the web and I feel as though I am missing something simple.
I find related questions but none that combine a scriptblock and remote calling of a 3rd party app (not a simply windows function or app)
I have the following string that I can copy into a command window and run without issue
"C:\Program Files (x86)\Vizient\Vizient Secure Channel v2.1\VizientSC.exe" UID=me#musc.edu PWD=XXXXXXXXX HCOID=123456 PRODTYPE=PRO-UHCSECURECHANNEL-CDB PACKAGETYPE=OTH FOLDERPATH="\\da\db5\MyFiles\Viz\20180413"
To simplify this, lets just assume I want to run this same String every time BUT with a REMOTE call.
I have written this many different ways but to no avail using
Invoke-Command -ComputerName "edwsql" -ScriptBlock { .........
I simply want to run the designated string using cmd.exe on a remote machine.
The EXE being run in the string is a 3rd party software that I do not want to install all all possible locations. Much simpler to run remote form the box it is already installed and is secure.
Can someone point me in the right direction???? Pls???? I'm new to PowerShell. I am trying to phase out some old PERL as the folks who can support that on the client site are few and far between these days.
You don't need to try so hard. PowerShell can run commands. If the command you want to run contains spaces, enclose in " (as you have done) and invoke it with the & (call or invocation) operator. This is all you need to do:
& "C:\Program Files (x86)\Vizient\Vizient Secure Channel v2.1\VizientSC.exe" UID=me#musc.edu PWD=XXXXXXXXX HCOID=123456 PRODTYPE=PRO-UHCSECURECHANNEL-CDB PACKAGETYPE=OTH FOLDERPATH="\\da\db5\MyFiles\Viz\20180413"
If a parameter on the executable's command line contains any characters that PowerShell interprets in a special way, you will need to quote it.
I have a lot of PowerShell script. One main, that calls other, child ones. Those PS scripts in their turn call windows CMD scripts, bash scripts and console applications. All these scripts and applications write messages to console. PowerShell scripts, for example, are using Write-Host scriptlet for this purpose.
Question: how can I easely redirect (send) all this console output to some file, while not deafening (canceling) this console output? I want to be able to see whats going on from console output and also have history of messages in log file.
Thanks.
You can use the tee equivalent of PowerShell : Tee-Object
PS: serverfault.com and/or superuser.com are more suitable for a question like this.
You can try Start-Transcript and Stop-Transcript. It has a couple of limitations like not capturing native exe output. It is also global to PowerShell session.
I've found script for grabbing console output: http://gallery.technet.microsoft.com/scriptcenter/e8fbffde-7d95-42d9-81de-5eb3d9c089e0. Script returns HTML to preserve colors.
The only big downside - you must call it at the end of your script to capture all console output it have made.
You'd probably need to write a custom host to do this. It's not a terribly hard thing to do, but it's does require some managed code.