0

I am attempting to run a windows command (e.g. whoami) without calling cmd.exe (or powershell) directly using C#.

Within VB this is possible using CreateObject(WScript.Shell) it obviously does not have to be the same method as within the VB, although that would be nice, but I just do not want to call cmd.exe directly.

How would I be able to achieve this?

TheHidden
  • 551
  • 1
  • 8
  • 20
  • Does this answer your question? [Hide console window from Process.Start C#](https://stackoverflow.com/questions/5377423/hide-console-window-from-process-start-c-sharp) – 001 Nov 23 '21 at 20:14
  • @JohnnyMopp no because the only answer with substance runs cmd.exe – TheHidden Nov 23 '21 at 20:16
  • You can call `whoami.exe` directly, but I don't see the point as the output has to go somewhere... – Jesse Good Nov 23 '21 at 20:22
  • @JesseGood it was an example (does not have to be whoami). I can handle STDIN/OUT/ERR of a process manually. the point here is to run a commands without being blocked by the GPO. I am new to C# but have used such a method in VB script a lot – TheHidden Nov 23 '21 at 20:27
  • *the point here is to run a commands without being blocked by the GPO* - if it were that simple what would be the point in having a GPO that could be easily defeated by knocking together a quick c# equivalent to `cmd /c` – Caius Jard Nov 23 '21 at 20:48
  • @CaiusJard thats a good question to ask, but the fact of the matter is, its really easy to find other ways to do things. At the moment in a malicious macro I would use wscript.shell to avoid flagging security alerts / blocks by passing my commands / exes which if I passed them through cmd they would get caught – TheHidden Nov 24 '21 at 11:27

2 Answers2

0

This runs a console program, waits for exit and reads the output. I changed the cmd to ping since that takes longer and I can verify no console window opens.

ProcessStartInfo startInfo = new ProcessStartInfo();
startInfo.FileName = "ping.exe";
startInfo.Arguments = "google.com";
startInfo.RedirectStandardOutput = true;
startInfo.UseShellExecute = false;
startInfo.CreateNoWindow = true;
// This wasn't needed
//startInfo.WindowStyle = ProcessWindowStyle.Hidden;

Process processTemp = new Process();
processTemp.StartInfo = startInfo;
processTemp.EnableRaisingEvents = true;
try
{
    processTemp.Start();
    textBox1.Text = processTemp.StandardOutput.ReadToEnd();
    processTemp.WaitForExit();
}
catch (Exception ex)
{
    textBox1.Text = ex.Message;
}
001
  • 13,291
  • 5
  • 35
  • 66
0

You could call whoami.exe and capture the output directly. The key is UseShellExecute = false to run the executable directly.

var proc = new Process
{
    StartInfo = new ProcessStartInfo
    {
        FileName = @$"{Environment.ExpandEnvironmentVariables("%systemroot%")}\system32\whoami.exe",
        Arguments = // Put any command line arguments here
        UseShellExecute = false,
        RedirectStandardOutput = true,
        CreateNoWindow = true
    }
};

proc.Start();
string line = proc.StandardOutput.ReadToEnd();
Jesse Good
  • 50,901
  • 14
  • 124
  • 166