Escaping if statement

J1234 · November 8, 2022, 4:18pm

Hi - I am by no means a powershell regular user, but recently there has become a requirement for me to implement some PS into my work.
I am trying to safely escape an if statement, as per noted security requirements:
The original statement:

if (Get-WmiObject Win32_UserAccount -Filter "Name=\'guest12345678\'") { exit 1 }

The statement once escaped;

if` `$(Get-WmiObject` Win32_UserAccount` -Filter` \\`\"Name=`'guest12345678`'\\`\")` {` exit` 0` }

The error I am getting:

The module 'Get-WmiObject Win32_UserAccount -Filter could not be loaded. For more information, run 'Import-Module Get-WmiObject Win32_UserAccount -Filter '.
Debug: At line:1 char:6
Debug:  + if` (Get-WmiObject` Win32_UserAccount` -Filter` \`"Name=`'guest123456 ...
Debug:  +      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Debug:  + CategoryInfo: ObjectNotFound: (Get-WmiObject W...uest12345678'\":String) [], CommandNotFoundException
Debug:  + FullyQualifiedErrorId : CouldNotAutoLoadModule

As mentioned im by no means a regular user, so I must clearly be missing something Has anyone any ideas? I appreciate any help with this!

krzydoug · November 8, 2022, 6:00pm

Why are you trying to escape anything? The error indicates it thinks your command is some module. I think there might be some code missing?

J1234 · November 8, 2022, 6:05pm

This is only an example command. The logic implemented is accepting an array of commands and arguments which are then joined to form a string (the input command), and the escaping is to reduce the vulnerability of injection

tonyd · November 8, 2022, 6:46pm

For my curiosity, as I always like to learn about PowerShell, can you explain this in more detail please?

Thanks.

Matt · November 9, 2022, 5:46am

Wonder if this might be helpful

Protecting Against Malicious Code Injection - PowerShell Team (microsoft.com)

tonyd · November 9, 2022, 5:13pm

Totally makes sense, thank you.