Can you please help me with this code
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -windowstyle hidden -noexit -command (New-Object System.Net.WebClient).DownloadFile('Url',"$env:temp\cat.zip"); Expand-Archive "$env:temp\cat.zip" -DestinationPath "$env:temp\pp" -Force"
Add in HKLM\software\microsoft\windows\currentversoin\run, but nothing I put in seems to work after restart.
答案 0 :(得分:0)
你有很多报价,看起来不对。你没有用引号开始你的命令,但你用引号结束了它。这应该这样做:
powershell.exe -ExecutionPolicy Bypass -WindowStyle Hidden -Command "(New-Object System.Net.WebClient).DownloadFile('Url',""$env:temp\cat.zip""); Expand-Archive ""$env:temp\cat.zip"" -DestinationPath ""$env:temp\pp"" -Force"
此外,我放弃了-NoExit
,但也许你真的希望powershell继续运行。
此外,powershell的执行程序处理编码命令,并为您提供有关如何执行此操作的说明:powershell.exe /?
:
使用-EncodedCommand参数:
$ command ='dir“c:\ program files”'
$ bytes = [System.Text.Encoding] :: Unicode.GetBytes($ command)
$ encodedCommand = [Convert] :: ToBase64String($ bytes)
powershell.exe -encodedCommand $ encodedCommand
你没有给我URL
或者我会为你编码,但是当你将复杂的命令传递给powershell.exe时,这会让你有些头疼。以下是您可以通过注册表从示例中传递命令的方法:
powershell.exe -ExecutionPolicy Bypass -WindowStyle Hidden -EncodedCommand ZABpAHIAIAAiAGMAOgBcAHAAcgBvAGcAcgBhAG0AIABmAGkAbABlAHMAIgAgAA==