Create an account

Very important

  • To access the important data of the forums, you must be active in each forum and especially in the leaks and database leaks section, send data and after sending the data and activity, data and important content will be opened and visible for you.
  • You will only see chat messages from people who are at or below your level.
  • More than 500,000 database leaks and millions of account leaks are waiting for you, so access and view with more activity.
  • Many important data are inactive and inaccessible for you, so open them with activity. (This will be done automatically)

0Day Forums Coding PowerShell & .ps1 Ignore SSL warning with powershell downloadstring

Thread Rating:
  • 687 Vote(s) - 3.55 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Options
Ignore SSL warning with powershell downloadstring

Offline turgidity933182


Member
*
Member
Posts: 0
Threads: 0
Joined: Aug 2021
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#1
07-21-2023, 08:40 PM
I've got this beautiful one liner which calls a webservice of mine via Task Scheduler:

-ExecutionPolicy unrestricted -Command "(New-Object Net.WebClient).DownloadString(\"https://127.0.0.1/xxx\")"

But my webservice has SSL now and I want to make a local call so it gives an SSL exception. So is there a way to ignore the SSL warning with this one liner?
Reply

Offline Mrlorainetncugvin


Member
*
Member
Posts: 0
Threads: 0
Joined: Apr 2022
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#2
07-21-2023, 09:09 PM
With the one-liner you don't have many options in ignoring the SSL-warning (with the WebClient downloadstring method).

You could try doing this before invoking the command :

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ;

Since you're using this in a task-scheduler, I'd add it before the DownloadString command with a ';' to seperate the two commands.

This should do the trick, which would set the callback in the session:

-ExecutionPolicy unrestricted -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};(New-Object Net.WebClient).DownloadString(\"127.0.0.1/xxx\")"



If you have a newer Powershell installation (check if you have the invoke-webrequest cmdlet available), you can use this cmdlet in addtion to a security policy. Still not a one-liner, but this should do the trick :

add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy

$result = Invoke-WebRequest -Uri ""https://127.0.0.1/xxx"

Try to see if that works from a normal host, if so, you could bundle it in a simple script and use this in your scheduled task.
Reply

Offline tanga451735


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: Mar 2018
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#3
07-21-2023, 09:09 PM
If you're looking to implement a conditional policy, use the following.

``` powershell
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {
param(
[object]$sender,
[Security.Cryptography.X509Certificates.X509Certificate] $certificate,
[Security.Cryptography.X509Certificates.X509Chain] $chain,
[Net.Security.SslPolicyErrors] $sslPolicyErrors
)
# Implement your custom logic here
$true
}
```
Reply

« Next Oldest
Next Newest »


Forum Jump:


Users browsing this thread:
1 Guest(s)

©0Day  2016 - 2023 | All Rights Reserved.  Made with    for the community. Connected through