Do any of you have experience using PS2EXE ([url]https://ps2exe.codeplex.com/[/url]) script? It takes a script as input and outputs an exe file of the script. I am trying to use this process to create a script to self elevate without having the password easily obtained in the script.
I have a script that I can pass a file path to, and it will run another powershell script as an admin user. This script that runs as the admin user copies some files to various places on the machine and across the network. I need to be able to copy files to essentially anywhere on the machine or on the other machine that is on the same subnet.
Currently, my script, Enable-Elevated takes a parameter, FilePath. This file path is the path to the powershell script that needs to run as an admin. The script itself works fine - no problem other than the username and password being embedded in the script itself. So, ideally I would like to take my Enable-Elevated script and turn it into an exe so the password is not as easily in the clear.
My problem is - when I exe the script, it isn’t working. It doesn’t seem to recognize the paramter, and I just don’t understand. Like I mentioned, the script runs fine. The problem occurs when I convert it to an exe and call it with the parameter.
Any help or ideas would be greatly appreciated.
Thanks
Here is my Enable-Elevated script:
Param ( # Param1 help description [Parameter(Mandatory=$false, ValueFromPipeline=$false, ValueFromPipelineByPropertyName=$false, ValueFromRemainingArguments=$false, Position=0, ParameterSetName='Parameter Set 1')] [ValidateNotNull()] [ValidateNotNullOrEmpty()] [ValidatePattern("([^\s]+(\.(?i)(ps1))$)")] [string]$FilePath, # Param2 help description [Parameter(Mandatory=$false, ValueFromPipeline=$false, ValueFromPipelineByPropertyName=$false, ValueFromRemainingArguments=$false, ParameterSetName='Parameter Set 1')] [ValidateSet("Normal", "Minimized", "Hidden")] [string]$WindowStyle = "Hidden", # Param3 help description [switch] $Help ) $logFile = "c:\posapps\elevate\" + $(Get-Date -DisplayHint Date -Format "yyyyMMdd") + "_elevated.log" "$(Get-Date -DisplayHint Time -Format T):: Elevate Process Started" | Add-Content $logFile # output usage if($help -or [String]::IsNullOrEmpty($FilePath)) { Write-Host "Usage:" Write-Host "" Write-Host " elevate.exe -FilePath '' [-WindowStyle] 'Normal' | 'Minimized' | 'Hidden'" Write-Host "" Write-Host "" Write-Host " FilePath = Path to the signed powershell script to run" Write-Host " WindowStyle = Passes this to the powershell exe. Options are Normal | Minimized | Hidden" write-host "" "$(Get-Date -DisplayHint Time -Format T):: Elevate Process Exiting" | Add-Content $logFile Exit } $command = "c:\windows\system32\windowspowershell\v1.0\powershell.exe" # example c:\posapps\powershell\ApplyPricing.ps1" #TODO - run powershell with an execution policy of allsigned $arguments = "-File $FilePath" "$(Get-Date -DisplayHint Time -Format T):: File Path: $filepath" | Add-Content $logFile "$(Get-Date -DisplayHint Time -Format T):: Window Style: $WindowStyle" | Add-Content $logFile $user = "DOMAIN\adminaccount" $pass = ConvertTo-SecureString -String "AdminPassword" -AsPlainText -Force $creds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $user, $pass Try{ if(Test-Path -Path $FilePath) { # append the script path to the arguments $arguments += $FilePath # start the process Start-Process -FilePath $command -ArgumentList $arguments -WindowStyle $WindowStyle -Credential $creds } } Catch [System.Exception] { $message = "$_ #([environment]::NewLine) Command: $command $([environment]::NewLine) Arguments: $arguments" $(Get-Date -DisplayHint Time -Format T):: ERROR: $message | Add-Content $logFile } # log the script ending "$(Get-Date -DisplayHint Time -Format T):: Elevate Process Exiting" | Add-Content $logFile Exit