使用powershell将exe转换为hexdump

问题描述 投票:0回答:2

如何在不运行 powershell 的情况下从 cmd 运行此命令?

> [byte[]] $hex = get-content -encoding byte -path C:\temp\nc.exe
> [System.IO.File]::WriteAllLines("C:\temp\hexdump.txt", ([string]$hex))

我尝试这样但不起作用

powershell -command " [byte[]] $hex = get-content -encoding byte -path C:\用户 vilcode1\桌面 c.exe; [System.IO.File]::WriteAllLines('C:\Users vilcode1\hexdump1.txt', ([字符串]$hex))"

我怎么能做到这一点!然后我需要使用此命令从文本文件重建可执行文件:

[字符串]$hex = get-content -path C:\Users\user\Desktop\hexdump.txt [字节[]] $temp = $hex -split ' ' [System.IO.File]::WriteAllBytes("C:\ProgramData\Microsoft\Windows\Start 菜单\程序\启动 c.exe”,$temp)

如何在不打开 powershell 的情况下直接从 cmd 运行它们

arrays windows powershell hexdump
2个回答
2
投票

要将字节转换为十六进制字符串:

# read the binary data as byte array
[byte[]]$data = [System.IO.File]::ReadAllBytes('D:\Test\blah.exe')

# write to new file as string of hex encoded characters
[System.IO.File]::WriteAllText('D:\Test\blah.hex',[System.BitConverter]::ToString($data).Replace('-',''), [System.Text.Encoding]::ASCII)

要转换回 FROM 十六进制字符串:

# read the textfile as single ASCII string
$hex = [System.IO.File]::ReadAllText('D:\Test\blah.hex', [System.Text.Encoding]::ASCII)

# convert to bytes and write these as new binary file
[System.IO.File]::WriteAllBytes('D:\Test\blahblah.exe', ($hex -split '(.{2})' -ne '' -replace '^', '0X'))
0
投票

我的答案基于@theo,但有一些改进:

  • 每个命令都在一行中。
  • 输入和输出文件可以直接传递给脚本
  • 与其他 PowerShell 内置程序不同,它不需要文件先前存在
  • 与任何 PowerShell 版本(5 或 7)兼容

要将文件TO转换为十六进制字符串,调用脚本:

# .\bin2hex.ps1 binfile hexfile
# write to new file as string of hex encoded characters
# $args[0] is binary, to $args[1] which is text
[.System.IO.File]::WriteAllText([io.path]::getfullpath([io.path]::combine($pwd.providerpath, $args[1])),[System.BitConverter]::ToString([byte[]][System.IO.File]::ReadAllBytes([io.path]::getfullpath([io.path]::combine($pwd.providerpath, $args[0])))).Replace('-',''), [System.Text.Encoding]::ASCII)

要将文件TO转换为十六进制字符串,直接输入命令:

[System.IO.File]::WriteAllText($ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath("file.hex"),[System.BitConverter]::ToString([byte[]][System.IO.File]::ReadAllBytes($ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath("file.bin"))).Replace('-',''), [System.Text.Encoding]::ASCII)

要使用脚本转换回 FROM 十六进制字符串:

# .\bin2hex.ps1 hexfile binfile
# convert to bytes and write these as new binary file
# $args[0] is text, to $args[1] which is binary
[System.IO.File]::WriteAllBytes([io.path]::getfullpath([io.path]::combine($pwd.providerpath, $args[1])), (([System.IO.File]::ReadAllText([io.path]::getfullpath([io.path]::combine($pwd.providerpath, $args[0])), [System.Text.Encoding]::ASCII)) -split '(.{2})' -ne '' -replace '^', '0X'))

要转换回 FROM 十六进制字符串,直接输入命令:

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.