search

jborean93 / pypsrp

PowerShell Remoting Protocol for Python
MIT License
326 stars 49 forks source link

Microsoft powershell default NoLanguage #103

Closed SamGenTLEManKaka closed 3 years ago

SamGenTLEManKaka commented 3 years ago

self.wsman = WSMan(server='192.158.0.1', port=80, path="/powershell/", ssl=False, username='account', password='password',auth="basic", encryption='never')

with RunspacePool(self.wsman, configuration_name="Microsoft.Exchange") as pool:

i use pypsrp.powershell 、pypsrp.wsman
Execute powershell command '$ExecutionContext.SessionState.LanguageMode'

At line:1 char:1\r\n+ $ExecutionContext.SessionState.LanguageMode\r\n+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nProperty references are not allowed in restricted language mode or a Data section.\r\n\r\nAt line:1 char:1\r\n+ $ExecutionContext.SessionState.LanguageMode\r\n+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nProperty references are not allowed in restricted language mode or a Data section.\r\n\r\nAt line:1 char:1\r\n+ $ExecutionContext.SessionState.LanguageMode\r\n+ ~~~~~~~~~~~~~~~~~\nA variable that cannot be referenced in restricted language mode or a Data section is being referenced. Variables that can be referenced include the following: $PSCulture, $PSUICulture, $true, $false, $null. but After I updated the patch kb5001779 ,It returns

The syntax is not supported by this runspace. This can occur if the runspace is in no-language mode.

I read the Microsoft documentation,

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_language_modes?view=powershell-7.1

I think the LANGUAGE MODE should be NoLanguage now But before the update patch is RestrictedLanguage

how can i set RestrictedLanguage by pypsrp?

SamGenTLEManKaka commented 3 years ago

i use ps = PowerShell(pool).add_cmdlet(scriptname) [ps.add_parameter(i,kwargs[i]) for i in kwargs] It runs normally

but ,i use PowerShell(pool).add_script(script + " -Confirm:$false") It reports an error

What is the difference between the two?

jborean93 commented 3 years ago

What is the difference between the two?

Essentially it's a difference in telling PowerShell to run a script or an individual command. A script can contains multiple statements of command(s) and allows you to have things like expressions and variable assignments like you would expect in a normal script. When you do add_command you are essentialyl telling it to run this command with these parameters/arguments with an optional pipeline.

As for your original problem you cannot do this through any normal kwarg in pypsrp (or even PowerShell for that matter). The default PS configuration that you are connecting to is configured to run in no language mode. This is all configured on the server side and the client has no say in the matter. For Exchange they run in no language mode but explicitly allow only a subset of commands that can be run, using a script goes against that logic. You can configure a separate PS session configuration on the server and connect to that, see JEA, but that's not something done in this library.

TLDR: You are connecting to a PS configuration endpoint that only allows certain commands. You have to use .add_cmdlet() to run the commands that are allowed or set up a separate configuration endpoint to target instead.