-1

how i can run this command from cmd without run powershell ?

> [byte[]] $hex = get-content -encoding byte -path C:\temp\nc.exe
> [System.IO.File]::WriteAllLines("C:\temp\hexdump.txt", ([string]$hex))

i try like this but not working

powershell -command " [byte[]] $hex = get-content -encoding byte -path C:\Users\evilcode1\Desktop\nc.exe ; [System.IO.File]::WriteAllLines('C:\Users\evilcode1\hexdump1.txt', ([string]$hex))"

how i can do that ! and then i need to reconstruct the executable from the text file with this command :

[string]$hex = get-content -path C:\Users\user\Desktop\hexdump.txt [Byte[]] $temp = $hex -split ' ' [System.IO.File]::WriteAllBytes("C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\nc.exe", $temp)

how i can run them direct from cmd without open powershell

Qassam Mahmoud
  • 127
  • 1
  • 2
  • 11

1 Answers1

2

To convert bytes TO a hex string:

# read the binary data as byte array
[byte[]]$data = [System.IO.File]::ReadAllBytes('D:\Test\blah.exe')

# write to new file as string of hex encoded characters
[System.IO.File]::WriteAllText('D:\Test\blah.hex',[System.BitConverter]::ToString($data).Replace('-',''), [System.Text.Encoding]::ASCII)

To convert back FROM hex string:

# read the textfile as single ASCII string
$hex = [System.IO.File]::ReadAllText('D:\Test\blah.hex', [System.Text.Encoding]::ASCII)

# convert to bytes and write these as new binary file
[System.IO.File]::WriteAllBytes('D:\Test\blahblah.exe', ($hex -split '(.{2})' -ne '' -replace '^', '0X'))
Theo
  • 57,719
  • 8
  • 24
  • 41
  • Nice, though there's no strict need for `[System.Text.Encoding]::ASCII`: .NET creates BOM-less UTF-8 files by default, and if such a file contains only ASCII-range characters, as is the case here, it is by definition also an ASCII file. – mklement0 Feb 21 '21 at 17:50