New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature Request]: replace invisible.vbs with run-hidden #465
Comments
Thanks for spotting that point. Indeed, we need to think about the replacement of this vbs. |
In my work I belong to an organization that has an exe replacement, but that I can't share - VirusTotal result is 0/72 (not at work now 😉) |
We could write our own exe in C# that would be mind-dumbing class.
or.. |
This PowerShell script hides own window
|
Our own EXE would not be signed? |
Very well.. then lets see how PowerShell deployment toolkit launcher operates. It is an exe with config file.
…________________________________
From: Romain ***@***.***>
Sent: 18 November 2023 01:44
To: Romanitho/Winget-AutoUpdate ***@***.***>
Cc: Andrzej Demski ***@***.***>; Comment ***@***.***>
Subject: Re: [Romanitho/Winget-AutoUpdate] [Feature Request]: replace invisible.vbs with run-hidden (Issue #465)
Our own EXE would not be signed?
If a full PS solution can be implement, I'd go for that. But I don't know 😅
—
Reply to this email directly, view it on GitHub<#465 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ASAJCPQ2QZPDSZYEKZZL4O3YFAAG5AVCNFSM6AAAAAA62C45L6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMJXGI4TEMZQGU>.
You are receiving this because you commented.Message ID: ***@***.***>
|
It seems to be the top priority topic to work on... |
Very well. I'll check the latest release |
digging..Already something useful came from that excavation operation. Piece of code which could make User experience a bit less stressful. UserNotificationState (MSDN) which will allow User-side deployments to wait for actual user if interaction of manual postpones will be necessary. findingsCurrent version of PDT launcher (v.1.1.1.1) is basically a C# equivalent of current invisible.vbs script :) All paths are semi-hardcoded, if we allow CPU arch detection to let it be called a dynamic setting. The verdictWe do not need 3rd party binaries, we can write our own. |
There is a 3rd option, AutoHotkey. In our case we would need to define powershell.exe with full path rather than letting the $env:path variable and binary search order picking something malicious with matching exe name from any path higher on the list. |
Your invest is really appreciated 🙂 |
All of this because the flawed behavior of Powershell [EDIT] Still flashes... |
I'd love to see MS adding powershellw.exe similar to java.exe/javaw.exe How bad could it be if even Snyk says its OK? |
If you know what to do, let's try then... 😅 |
The only thing left know is a coding certificate... |
Ah, run-hidden! |
run-hidden.exe seems to be a good option too |
Good evening. TL;DR: The only issues related to "Custom PowerShell Startup in Window Mode" will only affect companies that are more than qualified to deal with this illusory problem. This project is public, everyone can read what is inside, calling it unsafe only because someone did not configure AppLocker/WDAG or did not sign the code during on-boarding is both a rude jab at the supplier and an indirect confirmation that either the company's IT OPS processes are lame or their employees are not proactive. |
Word of caution, any C# based application which gets into contact with System.Management.Automation bypasses execution policies. |
@Romanitho, Guys, how to share that minute C# project with you? |
it can be public, no ? |
it could be, but i still feel like it is not "production ready". |
That's why GitHub is made for, I guess 😜 |
Stop teasing me :) I'd like to see that code at least once in the daylight. before I share it with the rest of this planet. |
@AndrewDemski-ad-gmail-com If that falls under the same category, could you consider building a simular function into your release too? |
I am not sure it hat shortcut would ever re-emerge as a problem. If we could just use the built-in cmdlet new-item which has been expanded in PS5.0 with option to create symlinks. windowless launcher is capable of launching processes with custom args. That means the only difference between LNK and symlink functionalities are eliminated (from our POV/needs) All it needs is some polishing over this weekend. |
That Function in WAU is used to create shortcuts for:
And the created shortcuts are in fact calling A So, if you could also add the possibility to pass [EDIT] |
Hello (tried to answer in your invitation but your mail account seems to be flooded)! |
That was precisely my point, with all configuration pushed outside of LNK, functional differences between SymLink and ms-shllink will be negligible. I made that repository public. |
#not-stale-yet. |
This issue is stale because it has been open for 30 days with no activity. |
up |
This issue is stale because it has been open for 30 days with no activity. |
How do we proceed from here? We'd need a way to configure an alternative to invisible.vbs |
Invisible.vbs usage is still fixed in WAU. I can not simply replace Invisible.vbs with the binary provided by @AndrewDemski-ad-gmail-com. That's why I ask if WAU will get the necessary changes to use alternatives to Invisible.vbs |
I meant that that must be imolemented in WAU @Romanitho |
Sorry for being absent from this discussion for so long (I was moving to a new place). It would be possible to use either job action with wget to pull the zip with latest binary which is being compiled by github. |
yes. We need to work on that part. But I'm a bit like @andreasbrett 😅 |
Just another a bump on this - I have Applocker in place in my environment and it really doesn't like VBS scripts running from ProgramData (even if I whitelist that path) |
@colourofsound, ..trouble! |
The request
Microsoft officially announced last month that VBS will be deprecated in the future. No deadlines or time frames were mentioned. Nevertheless since
invisible.vbs
is merely used for spawning a powershell.exe process in a hidden fashion, it should be easy to migrate to another workaround before Microsoft decides to kill off VBS.PowerShell/PowerShell#3028 mentions a C++ implementation. You can find it here: https://github.com/stax76/run-hidden. It would be a great drop-in replacement. License allows deploying WAU with the run-hidden binary. Of course using an external binary might trigger some AV/EDR tools and is worse than using embedded OS tools. VirusTotal result is 1/72.
Background info on VBS deprecation:
https://isvbscriptdead.com/
https://learn.microsoft.com/en-us/windows/whats-new/deprecated-features
Is your feature request related to a problem?
No response
Additional information
No response
The text was updated successfully, but these errors were encountered: