Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

how to auto respond to powershell.exe untrusted publisher prompt

Tags:

powershell

i have my own local custom cert i created and signed powershell scripts with. when the self-signed ps1 script I have executes on another windows system that is set execution-policy to "Allsigned" i will get the prompt below when running the line with powershell.exe, within a batch file..

powershell.exe -nologo -file "C:\Users\admin\Desktop\test\test.ps1"

Do you want to run software from this untrusted publisher?

File C:\Users\admin\Desktop\test\test.ps1 is published by CN=get_test PowerShell and is not trusted on your system. Only run scripts
from trusted publishers.

[V] Never run  [D] Do not run  [R] Run once  [A] Always run  [?] Help

(default is "D"):

i can't run -bypass mode for powershell.exe so that is out of the question. so i'm trying to find a way to auto respond to this prompt with R. it looks as though the prompt is within powershell itself and NOT from the windows cmd line. i tried echo'ing R within the batch file as

echo R|powershell.exe -nologo -file "C:\Users\admin\Desktop\test\test.ps1"

but that still didn't work. i looked at the powershell.exe options and didn't see a way to respond via parameter other than setting -bypass mode which i am not able to do in the environment.

is there any known way to code a respond to this prompt from powershell.exe ?? or is it just not possible unless you can execute with -bypass mode? thanks

like image 285
john johnson Avatar asked Sep 10 '25 15:09

john johnson

1 Answers

Try running the script as follows on target computer:

powershell.exe -ExecutionPolicy bypass -c " . 'path_to_script.ps1';"

If you are not able to run still, then as john commented, your organization has strict policy in place to block Powershell script execution.

Group Policy example is described in http://www.techrepublic.com/blog/the-enterprise-cloud/set-the-powershell-execution-policy-via-group-policy/

In such case, you need to sign your code which involves:

  1. requesting a certificate with Extended Key Usage called codeSigning(1.3.6.1.5.5.7.3.3)
  2. Importing the issued certificate into Trusted Publishers on target machines

You can start by reading https://www.darkoperator.com/blog/2013/3/5/powershell-basics-execution-policy-part-1.html

like image 130
Iggy Zofrin Avatar answered Sep 13 '25 06:09

Iggy Zofrin

Sign in to Comment

Related questions

Possible values for state & status of Virtual machines

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!