Escaping curly brackets for substitutions in ActionScript

Trying to create a PowerShell Script create file.
It has quite a few curly braces and I’m lost on where to escape them in this instance.
Please Help!!

$ServiceName=“Tenable Nessus Agent”;if (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] “Administrator”))
{Write-Host “This Script Must Be Ran as Administrator.”}
else
{try {Write-Host “Stopping Nessus Agent”; Stop-Service $ServiceName; $service=(Get-Service -Name $ServiceName -ErrorAction Stop); timeout /T 5; if ($service.Status -eq “Stopped”)
{cd “C:\Program Files\Tenable\Nessus Agent”; .\nessuscli.exe plugins --reset; .\nessuscli.exe plugins --info; Start-Service $ServiceName; Get-Service -Name $ServiceName; Write-Host “Plugin Reset and Agent Started”}
else {Write-Host “Nessus Agent Not Stopped”}} catch {Write-Host “Plugin Refresh Unsuccessful”}}

1 Like

When creating an action script based on a PowerShell script, you can use Ctrl+H to find and replace, or utilize any text editor to achieve the same.

For your convenience, I’ve already escaped all the curly braces in your script below.

$ServiceName="Tenable Nessus Agent";if (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{{Write-Host "This Script Must Be Ran as Administrator."}
else
{{try {{Write-Host "Stopping Nessus Agent"; Stop-Service $ServiceName; $service=(Get-Service -Name $ServiceName -ErrorAction Stop); timeout /T 5; if ($service.Status -eq "Stopped")
{{cd "C:\Program Files\Tenable\Nessus Agent"; .\nessuscli.exe plugins --reset; .\nessuscli.exe plugins --info; Start-Service $ServiceName; Get-Service -Name $ServiceName; Write-Host "Plugin Reset and Agent Started"}
else {{Write-Host "Nessus Agent Not Stopped"} catch {{Write-Host "Plugin Refresh Unsuccessful"}
1 Like

Out of curiosity, any reason not to do this using BigFix’s native support for powershell?

This is the method I was taught to use by a BigFix Expert we engaged as a contractor.
His philosophy was that it was better to have the PS script created on the fly Vs downloading a script onto the endpoint.
I’m open to other methodologies for sure. This is just the way I was taught and has been successful in other instances without the heavy number of curly braces in the PS script.

Thank you for the assistance!!
The script creation is still failing.
It is however getting further along in the process and not failing on the first line.

The approach to have the script created on the fly was certainly fair/valid with older versions of BigFix, but newer versions of BigFix now support powershell natively. This means that you should be able to copy/paste powershell scripts without having to make adjustments to the script (such as escaping curly braces). And you don’t have to host the script anywhere and download it onto the Clients…BigFix handles all of that for you.

There are still scenarios where creating a PS script on the fly is useful (primarily when you still want to leverage relevance substitution), but I’d expect such scenarios to be rare.

Might be worth a try :slight_smile:

4 Likes

Maybe a screenshot will help explain what @Aram is stating.

image

Thanks Dean!!

I knew what he meant. I had just never really tried it before.

I did however give it a whirl and it worked great!!

Thanks to all who reached out!!!

I really appreciate your help!!

Thanks Aram!!

I tried your suggestion, and it worked well.

Thank you!!

Question about the embedded PowerShell script type is it assumes the endpoint allows PowerShell scripts to run? When I execute Powershell scripts or commands via BigFix I run "waithidden cmd.exe /C powershell.exe -ExecutionPolicy Bypass " to make sure it can execute. I have seen built-in content that retrieves ExecutionPolicy and saves it, change ExecutionPolicy to Bypass and subsequently restore after execution which seems way to complex. Is there any requests presently to provide a checkbox to run the Powershell script/command with -ExecutionPolicy Bypass?

Good question! Actually, the default behavior is that the script is executed with the -ExecutionPolicy Bypass option. There’s a Client setting (_BESClient_PowerShell_DisableExecPolicyBypass) that can be configured to ensure the Client uses the default execution policy set in the OS (see List of settings and detailed descriptions)

For documentation reference, please see Powershell Script type here: Edit Actions Tab

2 Likes

Appreciate the response. That is great information and going to try it out.