sysnative<\/code> which will target the right folder or registry access.<\/p>\n\n\n\nSending PowerShell commands<\/h2>\n\n\n\n
To send PowerShell commands, you need to use the following profile. <\/p>\n\n\n\n
<wap-provisioningdoc id="INSERT-GUID" name="customprofile">\n <characteristic type="com.airwatch.winrt.powershellcommand" uuid="INSERT-GUID">\n <parm name="PowershellCommand" value=""\/>\n <\/characteristic>\n<\/wap-provisioningdoc><\/code><\/pre>\n\n\n\nInsert the command in the value<\/code> string and insert new GUID for id<\/code> and uuid<\/code>.<\/p>\n\n\n\nYou can use the following command to generate new GUID<\/p>\n\n\n\n
[GUID]::NewGuid().ToString()<\/code><\/pre>\n\n\n\nExample:<\/p>\n\n\n\n
<wap-provisioningdoc id="b0774572-29ec-4015-8bde-8f0281682f1b" name="customprofile">\n <characteristic type="com.airwatch.winrt.powershellcommand" uuid="f060bc02-bc0d-4ff8-b5d7-3fdfd24274dd">\n <parm name="PowershellCommand" value="Invoke-Command -ScriptBlock {C:\\windows\\ccmsetup\\ccmsetup.exe \/uninstall}"\/>\n <\/characteristic>\n<\/wap-provisioningdoc><\/code><\/pre>\n\n\n\nAs you can see we can do anything PowerShell related, but how about scripts.<\/p>\n\n\n\n
Sending PowerShell script<\/h2>\n\n\n\n
You can inject script in the value but it can be tricky due to XML parsing so there is escape to be done and it can result in not having the script to run properly. PowerShell offer another way to execute a script without a .ps1<\/code> file, which is -EncodedCommand<\/code> switch. It uses Base64 encoding to avoid issue with special characters.<\/p>\n\n\n\nTo encode a PowerShell command to Base64 you need to do the following:<\/p>\n\n\n\n
- Get the bytes of the command in UTF16-Little Endian<\/li>
- Convert the bytes to Base 64<\/li><\/ul>\n\n\n\n
This is described in the PowerShell help<\/p>\n\n\n\n
# To use the -EncodedCommand parameter:\n$command = 'dir "c:\\program files" '\n$bytes = [System.Text.Encoding]::Unicode.GetBytes($command)\n$encodedCommand = [Convert]::ToBase64String($bytes)\npowershell.exe -encodedCommand $encodedCommand<\/code><\/pre>\n\n\n\nYou can do this for little command as described above but you can as well do it for longer script like so:<\/p>\n\n\n\n
#EncodedCommand for a script\n$Script = Get-content -Path .\\MyScript.ps1 -Raw\n$bytes = [System.Text.Encoding]::Unicode.GetBytes($command)\n$encodedCommand = [Convert]::ToBase64String($bytes)\npowershell.exe -encodedCommand $encodedCommand<\/code><\/pre>\n\n\n\nNote the -raw<\/code> for the Get-Content<\/code> command. This is very important because it will get the content as a unique string with all the line return. Without it, Get-Content<\/code> treat each line as unique and import the file as an array of lines then the conversion to Base64 will lead to a one liner without the line return which is not the intention. If we take the example above, the Base64 conversion without -raw<\/code> will lead to this:<\/p>\n\n\n\n#EncodedCommand for a script $Script = Get-content -Path .\\MyScript.ps1 -Raw $bytes = [System.Text.Encoding]::Unicode.GetBytes($command) $encodedCommand = [Convert]::ToBase64String($bytes) powershell.exe -encodedCommand $encodedCommand<\/code><\/pre>\n\n\n\nThe first line is a comment so the end result is one big comment instead of our script…<\/p>\n\n\n\n
Building Profile Easily<\/h2>\n\n\n\n
While this fairly easy to do it in the PowerShell console, copying and pasting the Base64 value in the profile can lead to error and also while trying to run PowerShell in 64 Bits it add more complexity to the whole XML as you need to run the following command<\/p>\n\n\n\n
&$env:SystemRoot\\sysnative\\WindowsPowerShell\\v1.0\\powershell.exe<\/code><\/pre>\n\n\n\nBut the & need to be escaped to & due to XML parsing.<\/p>\n\n\n\n
So I’ve created a PowerShell script to generate profile and save it as a XML file depending on the architecture targeted.<\/p>\n\n\n\n
Usage:<\/p>\n\n\n\n
.\\Create-PowerShellProfile.ps1\n -FilePath .\\MyScript.ps1\n -Arch 32 or 64<\/code><\/pre>\n\n\n\n
![\"\"](\"https:\/\/i0.wp.com\/debay.blog\/wp-content\/uploads\/2019\/11\/Custom-Profile-1.jpg?fit=688%2C222&ssl=1\")
<\/a><\/figure><\/div>\n\n\n\n