How to use escape sequence in powershell command

[Dave1185 Participant Topics: 3 Replies: 8 Points: 36Rank: Member]

Hello,

I have one PowerShell command as follows:

powershell.exe script.ps1 -Data @{uname='{}';pass='{}'}

So, here password may contain special character like ~!@#$'%^&. when someone enters a single inverted comma ' then scripts fail as it doesn’t form the exact command. Mostly it seems I need to escape it. Can someone help me to escape it?

Any thoughts or workarounds are appreciated.

Thanks

[kvprasoon Senior Moderator Topics: 9 Replies: 1311 Points: 4,794Rank: Community Hero]

Escaping in PowerShell is by using the backtick `, which normally comes above the Tab key in the keyboard.

[Dave1185]

Thanks, kvprasoon for the quick reply.
I have tried that it didn’t seem to work here for an example:

powershell.exe script.ps1 -Data @{uname=’newuser’;pass=’secure{BACK-TICK}‘string’}

Here, the password secure{BACK-TICK}’string didn’t work. is there any way so that I can ignore PowerShell string interpretation inside single inverted commas.

Thanks

• This reply was modified 3 weeks, 3 days ago by Dave1185.
• This reply was modified 3 weeks, 3 days ago by Dave1185. Reason: formating
• This reply was modified 3 weeks, 3 days ago by Dave1185. Reason: I don't know but I was not able to add back tick in comment it started consider as code section

[kvprasoon Senior Moderator Topics: 9 Replies: 1311 Points: 4,794Rank: Community Hero]

how are you collecting the password? is it via a PowerShell script ?

[AdminOfThings45 Participant Topics: 0 Replies: 81 Points: 362Rank: Contributor]

Backtick escape won’t work within a single quoted string. You can use ''(single quote twice) to escape a single quote. How you call powershell.exe also matters here. I am pretty sure you cannot pass a hashtable this way using the -File parameter. Once the current shell interprets the parameter, it is passed as a literal string to PowerShell.exe, i.e. the following will be passed.

PowerShell

@{uname='{}';pass='{}'}.ToString()

1	@{uname='{}';pass='{}'}.ToString()

 

[Dave1185 Participant Topics: 3 Replies: 8 Points: 36Rank: Member]

Sorry for the late reply,

kvprasoon: how are you collecting the password? is it via a PowerShell script?

Answer: basically password is collect in python and I am creating a string in python and executes the PowerShell script:

command = powershell.exe script.ps1 -Data @(@{uname=’newuser’;pass=’ss’s’})

AdminOfThings: trying with twice single quote worked but is there any way I can pass the string to Powershell telling to ignore the escape sequences.

[AdminOfThings45 Participant Topics: 0 Replies: 81 Points: 362Rank: Contributor]

You have to apply enough escaping so that when the string arrives at its final destination, it contains what you want it to contain. Depending on the shell from  which you are calling, you can signal the parser to stop parsing (–%) (dash dash percent) the string as PowerShell:

PowerShell

powershell.exe script.ps1 --% -Data @(@{uname='newuser';pass='ss's'})

1	powershell.exe script.ps1 --% -Data @(@{uname='newuser';pass='ss's'})

 

[Dave1185 Participant Topics: 3 Replies: 8 Points: 36Rank: Member]

Thanks, AdminOfThings for the quick reply.

I tried the code example given by you, but it didn’t work and thrown error:-

The string is missing the terminator symbol ‘.

Seems like a string is formed completed as it needs ending single quote. And thanks for sharing knowledge about such operator –%. Just for specification, my PowerShell script accepts hashtable input not plain string input for username and password.

Thanks

 

[AdminOfThings45 Participant Topics: 0 Replies: 81 Points: 362Rank: Contributor]

So here is a super screwed up way of doing this in cmd shell:

PowerShell

powershell.exe -command "$command = \""powershell.exe .\script.ps1 -Data @{uname='newuser';pass='ss'more's'}\"" -replace \""(?<=pass='.*?)'(?=.*'})\"",\""''\""; & (-split $command)[0] ($command -split ' ',2)[1]"

1	powershell.exe -command "$command = \""powershell.exe .\script.ps1 -Data @{uname='newuser';pass='ss'more's'}\"" -replace \""(?<=pass='.*?)'(?=.*'})\"",\""''\""; & (-split $command)[0] ($command -split ' ',2)[1]"

 

As you can see, CMD shell adds it own escape requirements. Inner double quotes have to be backslash escaped in CMD. Then inner quotes (ones that don’t close the outer quotes) require escaping at the PowerShell layer. Since you are using Python, this won’t solve your problem. However, the Python environment may have its own escape requirements and string replacement mechanisms that can be utilized before ultimately sending the command string to PowerShell.exe.

[AdminOfThings45 Participant Topics: 0 Replies: 81 Points: 362Rank: Contributor]

The double single quote escapes a single quote when it is interpreted by PowerShell. Your job will be to make sure Python hands it off to PowerShell.exe with PowerShell’s required escape characters available.

[kvprasoon Senior Moderator Topics: 9 Replies: 1311 Points: 4,794Rank: Community Hero]

you can make your script accept base64 encoded string as password then convert it to plaintext where required. So you can pass base64 encoded string without any special characters.

[Dave1185 Participant Topics: 3 Replies: 8 Points: 36Rank: Member]

Sorry for the late reply, kvprasoon this is a great idea, and thanks for suggestion.

Thanks

Maharshi Dave

[Dave1185 Participant Topics: 3 Replies: 8 Points: 36Rank: Member]

Hi kvprasoon, I have implemented as per your suggestion i.e transfer base64 encoded string to Powershell and it worked well but there is another command inside PowerShell script which sets credentials to windows service with help of NSSM as per the command shown below:

&amp; .\nssm.exe set $ServiceName ObjectName $username $password

Here, while transferring password containing special characters is decoded(base64) in PowerShell and the required password is fetched in PowerShell. Now bit confused about passing password(with special characters) to nssm command. Any thoughts/approaches are appreciated.

Thanks

[Author]

Posts