Powershell支持encodeCommand来直接运行编码过的命令,但正常情况下,无法支持传递参数到命令块中,
例如下面的powershell代码(demo.ps1):
如果我们用powershell -file demo.ps1 "Jacky", 我们可以正常得到 Hello, Jacky!
编码后用下面命令运行:
powershell -encodedcommand cABhAHIAYQBtAA0ACgAoAA0ACgAgACAAWwBzAHQAcgBpAG4AZwBdACQAbgBhAG0AZQANAAoAKQANAAoAZQBjAGgAbwAgACIASABlAGwAbABvACwAIAAkAG4AYQBtAGUAIQAiAA== "Jacky"
是无法正常输出的。如果要传递参数到 encodedcommand的命令块,可以通过以下特殊手段实现:
param
(
[Parameter(Mandatory)][string]$name
)
echo "Hello, $name!"
此时编码后再用管道两次调用即可:
powershell -noprofile -command 'Jacky' | powershell -noprofile -encodedcommand cABhAHIAYQBtAA0ACgAoAA0ACgAgACAAWwBQAGEAcgBhAG0AZQB0AGUAcgAoAE0AYQBuAGQAYQB0AG8AcgB5ACkAXQBbAHMAdAByAGkAbgBnAF0AJABuAGEAbQBlAA0ACgApAA0ACgBlAGMAaABvACAAIgBIAGUAbABsAG8ALAAgACQAbgBhAG0AZQAhACIA
即通过强制参数实现输入(关键点:[Parameter(Mandatory)] ),如果有多个参数,则通过逗号分隔输入,每个参数用单引号 ' 括起来,例如:
powershell -noprofile -command 'Jacky', 'Joe' | powershell -noprofile -encodedcommand Abc....==
参考: