DownloadString then execute a .ps1

This topic contains 4 replies, has 2 voices, and was last updated by  Daniel Demers 2 years, 5 months ago.

  • Author
  • #23573

    Daniel Demers

    I am trying to mimic the behavior I get from this. If I copy/paste this into an admin CMD prompt, it executes. I uploaded a ps1 file to my webserver and tried to run a similar command and I get a cmd prompt full of red text *errors*. I first had to enable .ps1 mime types on the IIS Server, is there something else I am missing?

    @powershell -NoProfile -ExecutionPolicy unrestricted -Command "iex ((new-object net.webclient).DownloadString(''))" && SET PATH=%PATH%;%systemdrive%\chocolatey\bin


    I suspect it has something to do with my IIS setup as, if I go to '' IE shows it as a text file (in the browser). if I go to my URL, I am prompted to download the fire.

  • #23574

    Don Jones


    So, let's put aside for a moment that what the Chocolatey guys are having you do is, technically, a horrible security practice. Your'e downloading code, from the Internet, from people you don't even know, and executing it under admin credentials. That script isn't digitally signed, so you've no idea if it's what they intended you to download, or if they've been hacked and their script altered. Terrible, terrible practice.

    But let's put that aside.

    As a note for future posts, if you're getting errors, it'd be super-helpful if you included them in your message. They often contain a lot of valuable information, so without them, everyone here is really just guessing, which isn't as helpful to you.

    But let's focus on this: What is it you are trying to do?

    You want IIS to execute PS1 files server-side, as a web page? Not a great idea – I can explain why, if that's what you're after.

    You want IIS to host PS1 files, and you want your computers to download & execute those scripts? From IIS? I probably don't understand why. There's probably a hundred better ways to get computers to run PowerShell scripts without dragging IIS into it.

    Or maybe I'm not understanding what you want to accomplish?

    [blockquote]I suspect it has something to do with my IIS setup as, if I go to '' IE shows it as a text file (in the browser). if I go to my URL, I am prompted to download the fire.[/blockquote]

    The above is probably because of additional HTTP headers that their server is sending. Your server is using the default behavior. PS1 files aren't [i]supposed[/i] to be executable file types under Windows. There's a set of very good security reasons why Microsoft set that as the default. If we're going to have a discussion about turning that off, and allowing execution of arbitrary code downloaded from a web server, I just want to make sure you're aware of the potential Bad Things. If there's a better way to accomplish what you're trying to do, I'd like to help you identify that, if I can.

  • #23575

    Daniel Demers

    Thanks Don.

    The difference between the 2 setups are

    1. Chocolatey this will display the text/content of the ps1 file.
    2. on my setup, when I go to the path of the ps1 file, it prompts me to download.

    I believe my issue is that the command downloads a string, not a file,

    So there is no server side scripting going on, I believe the issue is having IIS display the .ps1 file as a text file would be displayed, then powershell could consume it. I am doing this strictly for its ease of use, where our internal staff members can quickly launch a powershell command which will perform an initial setup, including downloading/setting up the powershell environment on that machine.

    And I agree that this practice is not a great idea, but people download .exe files all day from untrusted sources., and if they are trusted, fewer people take the time to validate that trust.

  • #23576

    Don Jones

    When a web server sends content, it also sends a Content-Disposition header. That header triggers a download. Chocolatey isn't sending the file with a MIME type of .PS1, it's sending the file as text/plaintext, regardless of the filename extension. That's why your browser displays it as text. So yes, there's a difference in how your web server is responding. Your server is sending a different MIME type, which your browser is interpreting as a download directive. PowerShell's Get-WebRequest (or the .NET WebRequest equivalent) wouldn't attempt a download, because it doesn't "do" that. But it might not be happy getting a MIME type it isn't prepared to deal with.

    I'd respectfully suggest that it'd be a lot easier to modify your PSModulePath environment variable to point to a shared folder. You could then easily create modules that performed installs, or whatever, and host the modules there. A command like "Install-MyWhatever" could then be run without having to manually load the module in PowerShell, and without having to involve IIS. Those modules could also be digitally signed to ensure they weren't tampered with. Using them would be a ton easier than the wacky syntax Chocolotey's installer requires.

  • #23577

    Daniel Demers

    Thanks Don.

    The issue we have, is that we are geographically separated. Part of the script installs our management software agent, which then removes the geographical barrier.

    I will admit I am just saying a few steps here, but a few steps is a few steps. Having staff copy/paste is only slightly easier then having down download/execute, but more importantly, don't need to understand powershell at all.

    Is there a simpler way to distribute such a script? i.e. is there an option in between existing the command string and downloading/executing the script.

You must be logged in to reply to this topic.