diff --git a/core/modules/system/lib/Drupal/system/Tests/System/ScriptTest.php b/core/modules/system/lib/Drupal/system/Tests/System/ScriptTest.php
index b6314b9..3acae8c 100644
--- a/core/modules/system/lib/Drupal/system/Tests/System/ScriptTest.php
+++ b/core/modules/system/lib/Drupal/system/Tests/System/ScriptTest.php
@@ -7,12 +7,13 @@
 
 namespace Drupal\system\Tests\System;
 
-use Drupal\simpletest\UnitTestBase;
+use Drupal\Component\Utility\String;
+use Drupal\simpletest\DrupalUnitTestBase;
 
 /**
  * Tests core shell scripts.
  */
-class ScriptTest extends UnitTestBase {
+class ScriptTest extends DrupalUnitTestBase {
 
   /**
    * {@inheritdoc}
@@ -26,31 +27,45 @@ public static function getInfo() {
   }
 
   /**
-   * {@inheritdoc}
-   */
-  public function setUp() {
-    parent::setUp();
-    chdir(DRUPAL_ROOT);
-  }
-
-  /**
    * Tests password-hash.sh.
    */
   public function testPasswordHashSh() {
-    $cmd = 'core/scripts/password-hash.sh xyz';
-    exec($cmd, $output, $exit_code);
-    $this->assertIdentical(0, $exit_code, 'Exit code');
-    $this->assertTrue(strpos(implode(' ', $output), 'hash: $S$') !== FALSE);
+    $_SERVER['argv'] = array(
+      'core/scripts/password-hash.php',
+      'xyz',
+    );
+    ob_start();
+    include DRUPAL_ROOT . '/core/scripts/password-hash.php';
+    $this->content = ob_get_contents();
+    ob_end_clean();
+    $this->assertRaw('hash: $S$');
   }
 
   /**
    * Tests rebuild_token_calculator.sh.
    */
   public function testRebuildTokenCalculatorSh() {
-    $cmd = 'core/scripts/rebuild_token_calculator.sh';
-    exec($cmd, $output, $exit_code);
-    $this->assertIdentical(0, $exit_code, 'Exit code');
-    $this->assertTrue(strpos(implode(' ', $output), 'token=') !== FALSE);
+    $_SERVER['argv'] = array(
+      'core/scripts/rebuild-token.php',
+    );
+    ob_start();
+    include DRUPAL_ROOT . '/core/scripts/rebuild-token.php';
+    $this->content = ob_get_contents();
+    ob_end_clean();
+    $this->assertRaw('token=');
+  }
+
+  /**
+   * Asserts that a given string is found in $this->content.
+   *
+   * @param string $string
+   *   The raw string to assert.
+   */
+  protected function assertRaw($string) {
+    return $this->assert(strpos($this->content, $string) !== FALSE, String::format('Raw @value found in @output.', array(
+      '@value' => var_export($string, TRUE),
+      '@output' => var_export($this->content, TRUE),
+    )));
   }
 
 }
diff --git a/core/scripts/password-hash.sh b/core/scripts/password-hash.php
similarity index 50%
rename from core/scripts/password-hash.sh
rename to core/scripts/password-hash.php
index 8c6ebb1..675becb 100755
--- a/core/scripts/password-hash.sh
+++ b/core/scripts/password-hash.php
@@ -1,22 +1,26 @@
-#!/usr/bin/env php
 <?php
 
 /**
  * Drupal hash script - to generate a hash from a plaintext password
  *
- * Check for your PHP interpreter - on Windows you'll probably have to
- * replace line 1 with
- *   #!c:/program files/php/php.exe
- *
  * @param password1 [password2 [password3 ...]]
  *  Plain-text passwords in quotes (or with spaces backslash escaped).
  */
 
-if (version_compare(PHP_VERSION, "5.2.0", "<")) {
+use Drupal\Core\DrupalKernel;
+
+// Check for $_SERVER['argv'] instead of PHP_SAPI === 'cli' to allow this script
+// to be tested with the Simpletest UI test runner.
+// @see \Drupal\system\Tests\System\ScriptTest
+if (!isset($_SERVER['argv']) || !is_array($_SERVER['argv'])) {
+  return;
+}
+
+if (version_compare(PHP_VERSION, "5.4.2", "<")) {
   $version  = PHP_VERSION;
   echo <<<EOF
 
-ERROR: This script requires at least PHP version 5.2.0. You invoked it with
+ERROR: This script requires at least PHP version 5.4.2. You invoked it with
        PHP version {$version}.
 \n
 EOF;
@@ -37,55 +41,31 @@
 
   --help      Print this page.
 
-  --root <path>
-
-              Set the working directory for the script to the specified path.
-              To execute this script this has to be the root directory of your
-              Drupal installation, e.g. /home/www/foo/drupal (assuming Drupal
-              running on Unix). Use surrounding quotation marks on Windows.
-
   "<password1>" ["<password2>" ["<password3>" ...]]
 
               One or more plan-text passwords enclosed by double quotes. The
               output hash may be manually entered into the {users}.pass field to
               change a password via SQL to a known value.
 
-To run this script without the --root argument invoke it from the root directory
-of your Drupal installation as
 
-  ./scripts/{$script}
-\n
 EOF;
   exit;
 }
 
-$passwords = array();
-
-// Parse invocation arguments.
-while ($param = array_shift($_SERVER['argv'])) {
-  switch ($param) {
-    case '--root':
-      // Change the working directory.
-      $path = array_shift($_SERVER['argv']);
-      if (is_dir($path)) {
-        chdir($path);
-      }
-      break;
-    default:
-      // Add a password to the list to be processed.
-      $passwords[] = $param;
-      break;
-  }
-}
+// Password list to be processed.
+$passwords = $_SERVER['argv'];
 
 $core = dirname(__DIR__);
 require_once $core . '/vendor/autoload.php';
 require_once $core . '/includes/bootstrap.inc';
 
 // Bootstrap the code so we have the container.
-drupal_bootstrap(DRUPAL_BOOTSTRAP_CODE);
+drupal_bootstrap(DRUPAL_BOOTSTRAP_CONFIGURATION);
+
+$kernel = new DrupalKernel('prod', drupal_classloader(), FALSE);
+$kernel->boot();
 
-$password_hasher = \Drupal::service('password');
+$password_hasher = $kernel->getContainer()->get('password');
 
 foreach ($passwords as $password) {
   print("\npassword: $password \t\thash: ". $password_hasher->hash($password) ."\n");
diff --git a/core/scripts/rebuild-token.php b/core/scripts/rebuild-token.php
new file mode 100755
index 0000000..8cfcb11
--- /dev/null
+++ b/core/scripts/rebuild-token.php
@@ -0,0 +1,27 @@
+<?php
+
+/**
+ * @file
+ * Command line token calculator for rebuild.php.
+ */
+
+use Drupal\Component\Utility\Crypt;
+use Drupal\Component\Utility\Settings;
+
+// Check for $_SERVER['argv'] instead of PHP_SAPI === 'cli' to allow this script
+// to be tested with the Simpletest UI test runner.
+// @see \Drupal\system\Tests\System\ScriptTest
+if (!isset($_SERVER['argv']) || !is_array($_SERVER['argv'])) {
+  return;
+}
+
+$core = dirname(__DIR__);
+require_once $core . '/vendor/autoload.php';
+require_once $core . '/includes/bootstrap.inc';
+
+drupal_bootstrap(DRUPAL_BOOTSTRAP_CONFIGURATION);
+
+$timestamp = time();
+$token = Crypt::hmacBase64($timestamp, Settings::get('hash_salt'));
+
+print "timestamp=$timestamp&token=$token\n";
diff --git a/core/scripts/rebuild_token_calculator.sh b/core/scripts/rebuild_token_calculator.sh
deleted file mode 100755
index c206e0b..0000000
--- a/core/scripts/rebuild_token_calculator.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/usr/bin/env php
-
-<?php
-
-/**
- * @file
- * Command line token calculator for rebuild.php.
- */
-
-require_once __DIR__ . '/../vendor/autoload.php';
-require_once dirname(__DIR__) . '/includes/bootstrap.inc';
-
-use Drupal\Component\Utility\Crypt;
-use Drupal\Component\Utility\Settings;
-
-drupal_bootstrap(DRUPAL_BOOTSTRAP_CONFIGURATION);
-
-if (!drupal_is_cli()) {
-  exit;
-}
-
-$timestamp = time();
-$token = Crypt::hmacBase64($timestamp, Settings::get('hash_salt'));
-
-print "timestamp=$timestamp&token=$token\n";