Created
March 24, 2020 13:06
-
-
Save enigma0x3/4a1e68181ca409c800e47f840ed41e71 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Add-Type -TypeDefinition @" | |
| using System; | |
| using System.Diagnostics; | |
| using System.Runtime.InteropServices; | |
| [StructLayout(LayoutKind.Sequential)] | |
| public struct PROCESS_INFORMATION | |
| { | |
| public IntPtr hProcess; public IntPtr hThread; public uint dwProcessId; public uint dwThreadId; | |
| } | |
| [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)] | |
| public struct STARTUPINFO | |
| { | |
| public uint cb; public string lpReserved; public string lpDesktop; public string lpTitle; | |
| public uint dwX; public uint dwY; public uint dwXSize; public uint dwYSize; public uint dwXCountChars; | |
| public uint dwYCountChars; public uint dwFillAttribute; public uint dwFlags; public short wShowWindow; | |
| public short cbReserved2; public IntPtr lpReserved2; public IntPtr hStdInput; public IntPtr hStdOutput; | |
| public IntPtr hStdError; | |
| } | |
| [StructLayout(LayoutKind.Sequential)] | |
| public struct SECURITY_ATTRIBUTES | |
| { | |
| public int length; public IntPtr lpSecurityDescriptor; public bool bInheritHandle; | |
| } | |
| public static class Kernel32 | |
| { | |
| [DllImport("kernel32.dll", SetLastError=true)] | |
| public static extern bool CreateProcess( | |
| string lpApplicationName, string lpCommandLine, ref SECURITY_ATTRIBUTES lpProcessAttributes, | |
| ref SECURITY_ATTRIBUTES lpThreadAttributes, bool bInheritHandles, uint dwCreationFlags, | |
| IntPtr lpEnvironment, string lpCurrentDirectory, ref STARTUPINFO lpStartupInfo, | |
| out PROCESS_INFORMATION lpProcessInformation); | |
| } | |
| "@ | |
| $StartupInfo = New-Object STARTUPINFO | |
| $StartupInfo.dwFlags = $StartF # StartupInfo.dwFlag | |
| $StartupInfo.wShowWindow = $ShowWindow # StartupInfo.ShowWindow | |
| $StartupInfo.cb = [System.Runtime.InteropServices.Marshal]::SizeOf($StartupInfo) # Struct Size | |
| $ProcessInfo = New-Object PROCESS_INFORMATION | |
| # SECURITY_ATTRIBUTES Struct (Process & Thread) | |
| $SecAttr = New-Object SECURITY_ATTRIBUTES | |
| $SecAttr.Length = [System.Runtime.InteropServices.Marshal]::SizeOf($SecAttr) | |
| $GetCurrentPath = (Get-Item -Path ".\" -Verbose).FullName | |
| # Call CreateProcess | |
| [Kernel32]::CreateProcess("C:\Windows\System32\cmd.exe", "/c notepad.exe", [ref] $SecAttr, [ref] $SecAttr, $false, $CreationFlags, [IntPtr]::Zero, $GetCurrentPath, [ref] $StartupInfo, [ref] $ProcessInfo) |out-null | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment