Posts on this page:

Convert data between binary, hex and Base64 in PowerShell – Managed Edition

Some time ago I wrote a blog post about converting data between Hex, Base64 and binary in PowerShell by using CryptoAPI functionality: Convert data between binary, hex and Base64 in PowerShell. I was impressed by those functions, because CryptStringToBinary function is magical and is able to convert “messy” hex string sequence (with or without address and ASCII columns which are not part of the data) to a pure byte array. I wish they have a bit more flexibility and extensibility. For example, when supporting certificate issues, I receive dumps from 3rd party tools (OpenSSL and similar) and browsers. They use different delimiters to separate hex octets. One tool use minus signs, other use colons to separate hex octets:

0000 - 20 ab 34 00 ff 87 50 1e-de fb c9 3d 10 2f 7b fd    .4...P....=./{.
0010 - 99 a1 61 e0 3d 5f 93 82-63 e9 0a 6f 1a 22 4f 04   ..a.=_..c..o."O.

or this:

26:C0:29:E9:8C:AB:C3:9E:95:38:74:8A:87:D3:86:8D
5C:5A:BA:47:44:83:7E:CB:48:BE:DD:E5:39:51:24:42:C6:C5:60:8B
DA:26:B8:C8:F4:04:3E:62:F3:7F:3B:EC:1D:9F:85:66:28:00:45:55:66:
15:FF:BB:37:77:97:59:F0:EC:0B:B6

Unfortunately, CryptStringToBinary supports only whitespace characters as delimiter and I have to manually remove them from dump before converting to a byte array. So I decided to get my own converter with blackjack and hookers in managed language.


Read more →

PowerShell PKI Module v3.2.6 is out!

Hello S-1-1-0!

After three months since PSPKI module v3.2.5 was released I received a number of unfortunate bugs (which weren’t tested very well from my side) and other issues. So I decided to address them while I have some spare time. In addition, I made an attempt to provide new functionality I really missed in the module.

This release is intended to make the module more stable and less buggy. In some aspects it become faster.

Bug Fixes

I have fixed a number of private bugs (found by myself) and publically reported bugs:

For detailed change logs and privately reported issues see:


Read more →

PowerShell 5.0 and Applocker. When security doesn’t mean security (part 2)

In the previous post, I tried to explain some inconsistences in the current implementation of Constrained PowerShell feature that is introduced in PowerShell 5.0: PowerShell 5.0 and Applocker. When security doesn’t mean security. After having a long email and twitter conversations I realized that many of readers blame me for being against Constrained PowerShell feature. It is not true. In this post, I would like to summarize what is going wrong now and how it should work in my opinion.


Read more →

PowerShell 5.0 and Applocker. When security doesn’t mean security

Problem description

A friend of mine asked why his PowerShell scripts (PowerShell profile) doesn’t execute properly in after upgrading to PowerShell 5.0. A brief investigation showed that interactive PowerShell console runs in Constrained Language mode, as the result many language features are stripped out and PowerShell profile isn’t loaded with the following error:

Windows PowerShell
Copyright (C) 2015 Microsoft Corporation. All rights reserved.
 
C:\Users\vpodans\Documents\WindowsPowerShell\Microsoft.PowerShell_profile.ps1 : Cannot dot-source this command because
it was defined in a different language mode. To invoke this command without importing its contents, omit the '.'
operator.
At line:1 char:1
+ . 'C:\Users\vpodans\Documents\WindowsPowerShell\Microsoft.PowerShell_ ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Microsoft.PowerShell_profile.ps1], NotSupportedException
    + FullyQualifiedErrorId : DotSourceNotSupported,Microsoft.PowerShell_profile.ps1


PS C:\Users\vpodans> [math]::Sqrt(1)
Cannot invoke method. Method invocation is supported only on core types in this language mode.
At line:1 char:1
+ [math]::Sqrt(1)
+ ~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : MethodInvocationNotSupportedInConstrainedLanguage

PS C:\Users\vpodans> $ExecutionContext.SessionState.LanguageMode
ConstrainedLanguage
PS C:\Users\vpodans>

Read more →

PowerShell PKI Module v3.2.5 is released!

I’m glad to announce another version of PowerShell PKI module release.

What’s new?

This release includes major internal code changes with new functionality.

  • Code reorganization

At first, I completely separated Abstract Syntax Notation (ASN.1) code from main library to a dedicated DLL: SysadminsLV.Asn1Parser.dll. As I mentioned in one of previous posts, PKI.Core.dll and ASN parser are opensourced on GitHub: pkix.net and Asn1DerParser.NET.


Read more →