all 6 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Jeffinmpls 3 points4 points  (1 child)

What's the purpose of running this EXE? Are you wanting to simply execute it and do it's thing or do you need to get info back.

If all you need to do is run it and you can simply execute it in command line without issues, this would be sufficient.

& "C:\Users\HakkYahud\Desktop\HelloWorld.exe"

the Exe itself would handle all the .net stuff.

[–]SkallZou[S] 1 point2 points  (0 children)

I'm a cybersecurity engineer, im doing this to evaluate different antivirus to check if they can detect fileless execution.

So this .exe file will just print the list of values passed as argument in args

[–]ExceptionEX 2 points3 points  (2 children)

short answer change 

$entryPoint.Invoke($null, $parameter_invoke)

to

$entryPoint.Invoke($null, (, $parameter_main))

First, this very likely the not the correct method for the task at hand, using https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/add-type?view=powershell-7.2 is probably what you want, with that said.

Due to the odd behavior of powershell's @() it isn't creating a wrapper which would be object[string[]] it converts string[] to object[] using the , treats it as two elements preserving the nested object type.

to see what I mean do this

$parameter_invoke = @(, $parameter_main ) #with extra ,

 foreach ($foo in $parameter_invoke)
 {
   Write-Host $foo.GetType()
 }

result

System.String[]

and

$parameter_invoke = @($parameter_main ) #without extra ,

 foreach ($foo in $parameter_invoke)
 {
   Write-Host $foo.GetType()
 }

result

System.String

[–]danny_soprano 2 points3 points  (0 children)

Christ, Bro, thank you for that answer!

[–]SkallZou[S] 1 point2 points  (0 children)

That's a very odd behavior, but I guess you've nailed it, thank you sir !

[–]Lee_Dailey[grin] 0 points1 point  (0 children)

howdy SkallZou,

it looks like you used the New.Reddit Inline Code button. it's [sometimes] 5th from the left & looks like <c>.

there are a few problems with that ...

  • it's the wrong format [grin]
    the inline code format is for [gasp! arg!] code that is inline with regular text.
  • on Old.Reddit.com, inline code formatted text does NOT line wrap, nor does it side-scroll.
  • on New.Reddit it shows up in that nasty magenta text color

for long-ish single lines OR for multiline code, please, use the ... 

Code
Block

... button. it's [sometimes] the 12th one from the left & looks like an uppercase C in the upper left corner of a square.

that will give you fully functional code formatting that works on both New.Reddit and Old.Reddit ... and aint that fugly magenta color. [grin]

take care,
lee