Suppose you are on vacation/commute/away from your desk and get an emergency IT request. Would not it be cool to just text the PowerShell commands from your phone to your desk, have PowerShell over there execute the script, and send you back the results? 
Turns out this is very easy to do. All you need is Outlook, a simple rule in it, a simple PowerShell script and Outlook macro.
Here’s how this all works:
- You set up an Outlook rule to check for incoming email with a specific keyword (e.g.
$PowerShell$) in the subject and sent from your specific email address. - You send the PowerShell script in the email body and put the keyword in the subject.
- The Outlook rule starts an Outlook script and a PowerShell script.
- The Outlook script saves the email as a text file and waits for the transcript.
- The PowerShell script executes the script exported by Outlook.
- Outlook sends the result back.
That is it!
No to the details on how to set this up!
1. Outlook script:
a. In Outlook (I am using 2007 but this should work on the previous ones just fine), click Tools/Macro/Visual Basic Editor.
b. Paste this script into the editor:
' (C) Dmitry Sotnikov' http://dmitrysotnikov.wordpress.com' Add this to your Outlook macros project' Then associate SaveAsText with a rule procesing' emails from your address with a keyword in subject' This is to have a Sleep function in OutlookDeclare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long)' The main function saving the script email as text' and sending back the transcriptSub SaveAsText(MyMail As MailItem)' Export email (with PowerShell script in body) as a text fileMyMail.SaveAs "c:\scripts\outlook.ps1", olTXT' Create a response emailDim reMail As Outlook.MailItemSet reMail = MyMail.Reply' wait till transcript is availableSet fs = CreateObject("Scripting.FileSystemObject")While Not fs.FileExists("C:\Scripts\email_transcript.txt")Sleep 1000Wend' attach the transcript and send it backreMail.Attachments.Add "C:\Scripts\email_transcript.txt"reMail.SendEnd Sub
c. Close the Editor.
2. Create a PowerShell script which processes the script (removes the message header, executes, saves transcript). I called it execute_email.ps1 and saved to c:\scripts. Here’s the script:
# (C) Dmitry Sotnikov # http://dmitrysotnikov.wordpress.com # This is a PowerShell companion script for Outlook # macro processing PowerShell commands from email # Delete any previous transcripts and start a new one Remove-Item “c:\Scripts\email_transcript.txt“ -ErrorAction SilentlyContinue Start-Transcript “c:\Scripts\email_transcript_temp.txt“ # wait till Outlook saves the script email while ( -not (Test-Path “c:\Scripts\outlook.ps1“)) { Start-Sleep -Seconds 1 } # Read the script, skip the header lines, execute the rest Get-Content “c:\Scripts\outlook.ps1“ | Where { $i++ -gt 4 } > “c:\Scripts\justscript.ps1“ . “c:\Scripts\justscript.ps1“ # Remove the old script Remove-Item “c:\Scripts\outlook.ps1“ -ErrorAction SilentlyContinue Remove-Item “c:\Scripts\justscript.ps1“ -ErrorAction SilentlyContinue # Stop transcript and make it available for Outlook to send back Stop-Transcript Rename-Item “c:\Scripts\email_transcript_temp.txt“ -NewName “email_transcript.txt“
3. Create a cmd file which starts PowerShell and executes the script. I called it execute_email.cmd, saved to the same folder c:\scripts and it just have one single line:
powershell.exe "c:\scripts\execute_email.ps1"
4. In Outlook click Tools/Rules and Alerts and create the rule, which executes the Outlook macro and the cmd:
You have just created a remote execution system working from any phone or internet kiosk!
Let’s test it. For example, let’s say I need to add someone to a group. I just send the script to my email address:
Outlook at my desk gets the email, saves it as text, kicks PowerShell execution, and sends me back the transcript.
Just make sure you change the keyword for something no one can guess, take your smartphone with you and go home. There’s no need to be sitting by your desk anymore.
Acknowledgments: this is based on a great Lifehacker forum post on shutting down a computer based on a message. They also have posts on using other email clients such as Thunderbird or Mac Mail.app.
For your convenience I am also attaching the script files:
[UPDATE] Important: Just to make it clear: return address does not guarantee security and can be easily faked. Make sure you keep the keyword in secret or implement other means of additional protection - see one of my comments below. (So weird that Outlook does not allow to execute rules only if the email signature is verified. This could be another additional way to protect the system.)
Tags: PowerShell, email, hack, remoting
Subscribe by email
Utilities like Postie will let you send an email “from” any email address in the world. It’s a lot of fun to send emails to your coworkers “from” their boss, saying they’re fired. But that’s another story.
Anyway, this is prime hacking territory, and this is why you have to make absolutely sure you change that subject keyword to something no one else could possibly guess. Otherwise, if someone uses Postie to send you a PowerShell script to your email address, and they spoof the “from” address, your Outlook would run those commands with your domain account’s security. That is seriously, seriously dangerous.
Just making sure everybody understands that part.
Good point Brent. Yes, return address does not guarantee security, and you would definitely want to keep the keyword a secret or make the script a bit more complex, for example:
1. When you get the first email with the script request, reply prompting for a confirmation.
2. Only when a confirmation is received execute the actual script.
This would protect you from someone faking your address (because he or she will not get the validation request.)
you have too much time in your hand…..
It isn’t working for me. I send my powershell command in the body of the email, on my PC I get a CMD window that comes up and the email_transcript_temo.txt file states that the transcript was started, output file is …..
The powershell commands are very simple commands, like adding full permission to an AD account, etc. It doesn’t appear that outlook is tranferring the body of the email into text. I have 3 files in my c:\scripts folder
. email_transcript_temp.txt
execute_email.cmd
execute_email.ps1
Any ideas? I would love this to work. Ultimately I’m looking to be able to start and stop services on our exchange server remotely.
Thanks!
Kayla,
You need to troubleshoot your Outlook macro & rule. The macro is creating the c:\scripts\outlook.ps1 file with the body of your email which PowerShell then executes.
Looks like in your case the file does not get created - either the rule does not get started or something else happens.
Dmitry