Windows 10 Pro-10.0.19045
PSVersion 5.1
#1本地文件加密解密
对数据加密 - .NET | Microsoft Learn 基本照抄微软C#教程部分,把String模式换成了Byte模式,使得能加密的文件更广了,比如.exe可执行文件
#AES填充模式https://blog.csdn.net/p731heminyang/article/details/131763982
#AES加密模式https://blog.csdn.net/whatday/article/details/97266912
function AES128加密函数{
param(
[string]$Path, #加密源 使用全路径 禁止空
[string]$Key #秘钥 禁止空
)
if((Test-Path $Path)-eq $false){"错误文件:$Path"|Out-Host;return}
$data_src=Get-Content $Path -Raw -Encoding Byte
#文件流 清空+写入
$fstream=[System.IO.FileStream]::new($Path,[System.IO.FileMode]::Truncate)
#任意字符秘钥转32字节Hash
$keyHash=[System.Security.Cryptography.SHA256]::Create()
$keyHash.ComputeHash([byte[]]($Key.ToCharArray()))|Out-Null
#AES对称加密
$aes=[System.Security.Cryptography.Aes]::Create()
$aes.Mode=[System.Security.Cryptography.CipherMode]::CBC
$aes.Padding=[System.Security.Cryptography.PaddingMode]::ANSIX923 #填充最后一个字节为长度,其余的为0
$aes.KeySize=128 #128=16byte 192=24byte 256=32byte
$aes.Key=$keyHash.Hash
$fstream.Write($aes.IV,0,$aes.IV.Length)
$fstream.Flush()
#加密流
$cryptoStream=[System.Security.Cryptography.CryptoStream]::new(
$fstream,$aes.CreateEncryptor(),[System.Security.Cryptography.CryptoStreamMode]::Write)
#字节流写入
$encryptWriter=[System.IO.BinaryWriter]::new($cryptoStream)
$encryptWriter.Write($data_src)
$encryptWriter.Flush()
$encryptWriter.Close()
$cryptoStream.Close()
$fstream.Close()
}
function AES128解密函数{
param(
[string]$Path, #加密源 使用全路径 禁止空
[string]$Key, #秘钥 禁止空
[string]$SaveAs='' #byte形式另存文件 空则打印string
)
if((Test-Path $Path)-eq $false){"错误文件:$Path"|Out-Host;return}
#文件流 只读
$fstream=[System.IO.FileStream]::new($Path,[System.IO.FileMode]::open)
$keyHash=[System.Security.Cryptography.SHA256]::Create()
$keyHash.ComputeHash([byte[]]($Key.ToCharArray()))|Out-Null
$aes=[System.Security.Cryptography.Aes]::Create()
$aes.Mode=[System.Security.Cryptography.CipherMode]::CBC
$aes.Padding=[System.Security.Cryptography.PaddingMode]::ANSIX923
$aes.KeySize=128 #128=16byte 192=24byte 256=32byte
$aes.Key=$keyHash.Hash
$iv=[byte[]]::new($aes.IV.Length)
$fstream.Read($iv , 0,$aes.IV.Length)|Out-Null
$aes.IV=$iv
#解密流
$cryptoStream=[System.Security.Cryptography.CryptoStream]::new(
$fstream,$aes.CreateDecryptor(),[System.Security.Cryptography.CryptoStreamMode]::Read)
#字节流读取
$decryptReader =[System.IO.BinaryReader]::new($cryptoStream)
if($SaveAs -ne ''){
$data_src=$decryptReader.ReadBytes($fstream.Length)
Set-Content -Path $SaveAs -Encoding Byte -Value $data_src
}else{
$decryptReader.ReadString() | Out-Host
}
$decryptReader.Close()
$cryptoStream.Close()
$fstream.Close()
}
函数定义默认运行在C:\Windows\System32 ,所以使用$pwd\* 或全路径
字节加密还原.txt和.exe
#2定时关机
cmd版的shutdown -s -t 300命令是,300秒后关机,但不直观,不知道到哪一步了
如果我不想关机了,还得急忙输入shutdown -a
powershell定时关机脚本:
#Countdown shutdown
function cdsd{
$user=Read-Host -Prompt “输入定时时长[h.m.s] ” |Out-String
$user=$user.Split(':',':',',','.','-')
$ts=[System.TimeSpan]::new([int]$user[0],[int]$user[1],[int]$user[2])
$sw=[System.Diagnostics.StopWatch]::StartNew() #计时器开启
Write-Host "预计关机时间:",((Get-Date)+$ts)
while ($true) {
$ct=$ts-$sw.ElapsedTicks
if($ct.TotalSeconds -le 0){
Stop-Computer -ComputerName localhost
break
}
Write-Host -NoNewline "`r".PadRight(50),"`r(Ctrl+C退出)倒计时:",
"$($ct.Hours)时$($ct.Minutes)分$($ct.Seconds)秒"
Start-Sleep -Milliseconds 200
}
}
cdsd
输入1等于一小时,输入0.2 等于两分钟,,输入0.0.90等于90秒
倒计时实时刷新,除非退出,锁屏状态不会停止运行
#3剪切板监控并记录内容
2024/08/18
开机自动启动监控复制粘贴内容,并写入log文件
脚本很简单,如下, 在当前目录创建今天的log文件,顺便记录开机时间, 并循环读取剪切板并保存
C:\Users\Administrator\Documents\logfiles\ClipboardProgram.ps1
Set-Location $args[0]
$todayfile =(Get-Date -Format "yyyy-MM-dd")+'.log'
if(!(Test-Path $todayfile)){New-Item -Path . -Name $todayfile -ItemType 'file'|Out-Null }
#开机时间
Add-Content -Value "`n[启动时间]:]",(Get-Date) -Path $todayfile -Encoding UTF8 -NoNewline
[System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") |Out-Null
$old=''
while($true){
$t=Get-Date -Format "`n[HH:mm:ss]:"
$s=[System.Windows.Forms.Clipboard]::GetText()
if(($s -cne $old)-and($s -cne '')){
$old=$s
Add-Content -Value $t,$s -Path $todayfile -Encoding UTF8 -NoNewline
}
Start-Sleep -Milliseconds 2000
}#while end
但我把开机运行脚本写入启动项注册表的时候,确实生效了,但是会蹦出powershell客户端蓝色框框
我想让他安静运行,有一个方法:把它编译成exe窗口,然后以窗口隐藏方式启动
试运行可能触发杀毒软件的防护, 允许运行,并勾选记住选择
具体步骤看下面1、2、3步
#1安装模块
Install-Module -Name ps12exe
#2使用命令编译ps1文件到exe
ps12exe -inputFile "C:\Users\Administrator\Documents\logfiles\ClipboardProgram.ps1" `
-outputFile "C:\Users\Administrator\Documents\logfiles\ClipboardProgram.exe" `
-architecture 'anycpu' -threadingModel 'STA' -CompilerOptions "/o+ /debug-" `
-noConsole -noVisualStyles -noOutput -noError
#3把exe启动添加到注册表启动项 注意空格,value第二个参数是log保存地址
$name = "ClipboardRecord"
$value="C:\Users\Administrator\Documents\logfiles\ClipboardProgram.exe "+
"C:\Users\Administrator\Documents\logfiles"
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Run" -Name $name `
-PropertyType String -Value $value -ErrorAction Stop
#如果不再需要,删除启动项
Remove-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Run" `
-Name "ClipboardRecord"