PowerShell Re-Direct Base64 to file

A safer approach

While working with a base64 encoded string, I experimented with various decoding techniques, including pasting the script into a PowerShell window. To my astonishment, the decoded string was executed as well. Fortunately, I was operating within a virtual machine, so I could restore a previous snapshot. However, I realized that I needed a more secure method for handling base64 decoding.

A more secure approach to base64 decoding involves writing the decoded output to a file. On Linux systems, this can be accomplished by executing the following command:

echo 'H4s...' | base64 -d > out.7z

When I attempted this in cmder on a Windows 10 virtual machine, the compressed archive turned out to be invalid, even when using the -di flag.

In PowerShell, the command:

[IO.File]::WriteAllBytes(".\out.zip",[Convert]::FromBase64String('H4sI...=='))

successfully converted the base64 string to binary output and saved it to a file in the current directory. This method is more secure than directly executing the decoded string and offers a dependable solution for handling base64 decoding.