Hello,
I have one PowerShell command as follows:
powershell.exe script.ps1 -Data @{uname=‘{}’;pass=‘{}’}
So, here password may contain special character like ~!@#$‘%^&. when someone enters a single inverted comma ’ then scripts fail as it doesn’t form the exact command. Mostly it seems I need to escape it. Can someone help me to escape it?
Any thoughts or workarounds are appreciated.
Thanks
Escaping in PowerShell is by using the backtick `, which normally comes above the Tab key in the keyboard.
Thanks, kvprasoon for the quick reply.
I have tried that it didn’t seem to work here for an example:
powershell.exe script.ps1 -Data @{uname=‘newuser’;pass='secure{BACK-TICK}‘string’}
Here, the password secure{BACK-TICK}'string didn’t work. is there any way so that I can ignore PowerShell string interpretation inside single inverted commas.
Thanks
how are you collecting the password? is it via a PowerShell script ?
Backtick escape won’t work within a single quoted string. You can use ''(single quote twice) to escape a single quote. How you call powershell.exe also matters here. I am pretty sure you cannot pass a hashtable this way using the -File parameter. Once the current shell interprets the parameter, it is passed as a literal string to PowerShell.exe, i.e. the following will be passed.
@{uname='{}';pass='{}'}.ToString()
Sorry for the late reply,
kvprasoon: how are you collecting the password? is it via a PowerShell script?
Answer: basically password is collect in python and I am creating a string in python and executes the PowerShell script:
command = powershell.exe script.ps1 -Data @(@{uname=’newuser’;pass=’ss’s’})
AdminOfThings: trying with twice single quote worked but is there any way I can pass the string to Powershell telling to ignore the escape sequences.
You have to apply enough escaping so that when the string arrives at its final destination, it contains what you want it to contain. Depending on the shell from which you are calling, you can signal the parser to stop parsing (–%) (dash dash percent) the string as PowerShell:
powershell.exe script.ps1 --% -Data @(@{uname='newuser';pass='ss's'})
Thanks, AdminOfThings for the quick reply.
I tried the code example given by you, but it didn’t work and thrown error:-
The string is missing the terminator symbol '.
Seems like a string is formed completed as it needs ending single quote. And thanks for sharing knowledge about such operator –%. Just for specification, my PowerShell script accepts hashtable input not plain string input for username and password.
Thanks
So here is a super screwed up way of doing this in cmd shell:
powershell.exe -command "$command = \""powershell.exe .\script.ps1 -Data @{uname='newuser';pass='ss'more's'}\"" -replace \""(?<=pass='.*?)'(?=.*'})\"",\""''\""; & (-split $command)[0] ($command -split ' ',2)[1]"
As you can see, CMD shell adds it own escape requirements. Inner double quotes have to be backslash escaped in CMD. Then inner quotes (ones that don’t close the outer quotes) require escaping at the PowerShell layer. Since you are using Python, this won’t solve your problem. However, the Python environment may have its own escape requirements and string replacement mechanisms that can be utilized before ultimately sending the command string to PowerShell.exe.
AdminOfThings I got your point, It seems like I need to escape the required string in python only and pass it to the PowerShell script by this I will achieve the required string with escaped special characters.
And in this case, as I have a string written in single quotes I only need to escape a single quote (i.e by using it twice). Is my interpretation is correct?
Thanks
The double single quote escapes a single quote when it is interpreted by PowerShell. Your job will be to make sure Python hands it off to PowerShell.exe with PowerShell’s required escape characters available.
you can make your script accept base64 encoded string as password then convert it to plaintext where required. So you can pass base64 encoded string without any special characters.
Sorry for the late reply, kvprasoon this is a great idea, and thanks for suggestion.
Thanks
Maharshi Dave
Hi kvprasoon, I have implemented as per your suggestion i.e transfer base64 encoded string to Powershell and it worked well but there is another command inside PowerShell script which sets credentials to windows service with help of NSSM as per the command shown below:
& .\nssm.exe set $ServiceName ObjectName $username $password
Here, while transferring password containing special characters is decoded(base64) in PowerShell and the required password is fetched in PowerShell. Now bit confused about passing password(with special characters) to nssm command. Any thoughts/approaches are appreciated.
Thanks
What did it result, did nsm command fail ? try wrapping the variable in double quotes.
I was able to accomplish something similar using Invoke-Expression
$cmdToExec = “C:\path\to\nssm.exe set $ServiceName ObjectName $username $password”
Invoke-Expression -Command $cmdToExec
In my case, it worked, but I did not have special chars in the password. Might be worth a try.